Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/G3jkppDUZ7UShIbg3wj67wwITjQ.roa
File: G3jkppDUZ7UShIbg3wj67wwITjQ.roa (raw, json)
Hash identifier: IM9aMDCOjn2pDhh5r2plZvteAbzhdwZ0L/lTf4RJayk=
Subject key identifier: 1B:78:E4:A6:90:D4:67:B5:12:84:86:E0:DF:08:FA:EF:0C:08:4E:34
Certificate issuer: /CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Certificate serial: 019420D5FD2CB59CF974C11891D79D756321
Authority key identifier: 68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/G3jkppDUZ7UShIbg3wj67wwITjQ.roa
Signing time: Wed 01 Jan 2025 07:48:02 +0000
ROA not before: Wed 01 Jan 2025 07:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 147.78.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:fd:2c:b5:9c:f9:74:c1:18:91:d7:9d:75:63:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68e8baea95d4040348f0a89ec4e4bd15275f6c39
Validity
Not Before: Jan 1 07:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b78e4a690d467b5128486e0df08faef0c084e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4f:f8:3e:af:02:fc:4d:d1:69:c8:7e:83:6e:
0c:07:40:58:c6:c5:33:2a:b0:43:a2:e7:1d:20:66:
ec:40:bf:38:79:31:16:67:66:bb:42:d6:6f:d0:76:
81:a5:1c:74:10:7c:ab:cc:ff:d3:e6:fe:af:63:ce:
cf:77:24:55:2b:0b:8d:ce:67:aa:1f:69:9e:47:78:
e6:64:57:31:ac:af:e3:53:4a:88:87:ed:f6:1d:54:
0d:73:dc:e0:f6:07:dd:70:fc:d8:28:cf:5c:e1:7d:
8c:be:26:c4:c2:57:36:d3:94:e6:fd:d8:82:ee:85:
a0:92:a5:2d:32:b6:6c:0e:98:72:1c:7f:6f:58:59:
8e:cc:1c:52:9b:d5:f2:39:8c:92:dd:33:18:6a:08:
b5:ae:ea:e4:e0:8e:fd:db:a5:5c:e5:30:eb:35:65:
76:0a:9f:a3:02:49:f4:03:ef:5d:81:d5:b5:f8:01:
77:cd:51:d3:59:1e:2b:c0:ec:13:16:c1:29:86:cf:
7d:72:74:fe:3c:e2:00:0e:a9:36:fc:76:fa:5d:10:
64:a6:6f:a2:01:77:a6:31:08:6d:0d:e4:a6:a1:90:
07:65:83:97:ca:05:51:9c:eb:02:16:01:81:9d:99:
f2:8a:7f:4a:99:e9:aa:fa:ce:67:1b:ab:99:15:57:
c0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:78:E4:A6:90:D4:67:B5:12:84:86:E0:DF:08:FA:EF:0C:08:4E:34
X509v3 Authority Key Identifier:
keyid:68:E8:BA:EA:95:D4:04:03:48:F0:A8:9E:C4:E4:BD:15:27:5F:6C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOi66pXUBANI8KiexOS9FSdfbDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/G3jkppDUZ7UShIbg3wj67wwITjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/7653e0-8a72-4351-bfce-3711fae8ca77/1/aOi66pXUBANI8KiexOS9FSdfbDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.32.0/24
Signature Algorithm: sha256WithRSAEncryption
60:1a:03:9e:cf:da:5f:51:ea:a3:f7:c8:84:7f:e1:88:d8:7d:
aa:af:b3:80:39:f8:45:b5:a2:ad:49:59:40:5e:12:77:2a:04:
11:cf:6f:00:55:88:5e:f8:9f:4a:00:91:9b:7c:3a:0c:58:f4:
7d:13:43:65:b5:20:ba:54:10:06:ca:c1:23:b3:30:95:fb:f8:
12:71:be:3b:92:7a:a1:d3:7c:7f:6d:32:2d:ee:a5:9e:37:99:
f0:bf:f2:81:fb:4c:9b:b3:c5:53:38:23:25:74:be:d6:50:f5:
85:11:c5:99:c7:87:f2:9a:53:9a:87:ae:00:15:82:a7:e9:c4:
a9:20:a7:e2:ec:9f:01:96:3d:3f:8d:c6:d6:59:58:a0:24:51:
fe:6b:5d:b7:8d:57:e6:3c:7d:be:2e:c4:ba:a7:4d:7e:81:b7:
40:80:ed:f1:d5:b2:2d:a3:38:34:be:23:0c:65:ed:97:2e:5f:
01:0d:a5:88:6d:30:ab:a3:fe:21:df:56:07:9a:dc:d4:16:af:
fa:96:5b:31:fa:95:44:b0:aa:93:eb:00:a4:89:35:62:c1:47:
4b:d4:fd:31:cf:36:3b:6c:ff:32:80:41:83:09:d0:54:92:09:
4c:7c:ec:09:20:b6:f2:0f:0f:d9:51:1b:93:e5:09:27:75:71:
10:ce:0a:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1f0stZz5dMEYkdeddWMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZThiYWVhOTVkNDA0MDM0OGYwYTg5ZWM0ZTRiZDE1Mjc1
ZjZjMzkwHhcNMjUwMTAxMDc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjc4ZTRhNjkwZDQ2N2I1MTI4NDg2ZTBkZjA4ZmFlZjBjMDg0ZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7E/4Pq8C/E3Rach+g24MB0BYxsUz
KrBDoucdIGbsQL84eTEWZ2a7QtZv0HaBpRx0EHyrzP/T5v6vY87PdyRVKwuNzmeq
H2meR3jmZFcxrK/jU0qIh+32HVQNc9zg9gfdcPzYKM9c4X2MvibEwlc205Tm/diC
7oWgkqUtMrZsDphyHH9vWFmOzBxSm9XyOYyS3TMYagi1rurk4I7926Vc5TDrNWV2
Cp+jAkn0A+9dgdW1+AF3zVHTWR4rwOwTFsEphs99cnT+POIADqk2/Hb6XRBkpm+i
AXemMQhtDeSmoZAHZYOXygVRnOsCFgGBnZnyin9Kmemq+s5nG6uZFVfAjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBt45KaQ1Ge1EoSG4N8I+u8MCE40MB8GA1UdIwQY
MBaAFGjouuqV1AQDSPConsTkvRUnX2w5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2Ut
MzcxMWZhZThjYTc3LzEvRzNqa3BwRFVaN1VTaEliZzN3ajY3d3dJVGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83NjUzZTAtOGE3Mi00MzUxLWJmY2UtMzcxMWZhZThjYTc3
LzEvYU9pNjZwWFVCQU5JOEtpZXhPUzlGU2RmYkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk04gMA0G
CSqGSIb3DQEBCwUAA4IBAQBgGgOez9pfUeqj98iEf+GI2H2qr7OAOfhFtaKtSVlA
XhJ3KgQRz28AVYhe+J9KAJGbfDoMWPR9E0NltSC6VBAGysEjszCV+/gScb47knqh
03x/bTIt7qWeN5nwv/KB+0ybs8VTOCMldL7WUPWFEcWZx4fymlOah64AFYKn6cSp
IKfi7J8Blj0/jcbWWVigJFH+a123jVfmPH2+LsS6p01+gbdAgO3x1bItozg0viMM
Ze2XLl8BDaWIbTCro/4h31YHmtzUFq/6llsx+pVEsKqT6wCkiTViwUdL1P0xzzY7
bP8ygEGDCdBUkglMfOwJILbyDw/ZURuT5QkndXEQzgqs
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:00:33 2025 by rpki-client