Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/MSochpH0FezPPe7yq32Jjm-XPZ0.roa
File: MSochpH0FezPPe7yq32Jjm-XPZ0.roa (raw, json)
Hash identifier: 0doG4X/4OXPpxQDTaSAM6Z8IOkJrjfBVzILsIAW4530=
Subject key identifier: 31:2A:1C:86:91:F4:15:EC:CF:3D:EE:F2:AB:7D:89:8E:6F:97:3D:9D
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019384D8A3711ACFB771BC9F42DF0E8C223C
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/MSochpH0FezPPe7yq32Jjm-XPZ0.roa
Signing time: Mon 02 Dec 2024 00:50:10 +0000
ROA not before: Mon 02 Dec 2024 00:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18464
IP address blocks: 178.173.224.0/24 maxlen: 24
178.173.225.0/24 maxlen: 24
178.173.227.0/24 maxlen: 24
178.173.228.0/24 maxlen: 24
178.173.230.0/24 maxlen: 24
178.173.232.0/22 maxlen: 22
178.173.236.0/24 maxlen: 24
178.173.241.0/24 maxlen: 24
2001:16c0:16c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:84:d8:a3:71:1a:cf:b7:71:bc:9f:42:df:0e:8c:22:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Dec 2 00:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=312a1c8691f415eccf3deef2ab7d898e6f973d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b2:82:81:69:70:72:fb:1f:74:ab:cb:d5:da:
d3:a3:49:73:17:88:01:fb:6d:3d:ec:9b:01:97:fe:
62:b5:c8:63:b0:f1:27:0c:9e:98:b5:cf:82:b2:c1:
62:d2:13:89:1c:bb:eb:d2:e4:cc:1d:1e:2a:66:18:
fe:df:ec:2f:3f:59:e7:33:3d:22:e9:47:f7:ce:13:
94:71:af:78:7d:2b:35:37:08:fe:0d:6a:57:4b:8c:
99:ba:e0:5f:bf:ec:a6:0b:ae:62:4e:30:39:15:c0:
f6:8b:ae:91:1c:30:84:98:bd:c8:0e:76:2a:c3:64:
f2:d7:fe:aa:12:49:0d:0a:de:8b:de:df:9b:25:6f:
01:9e:6b:97:7a:96:c7:84:4f:13:48:b9:d9:bd:6e:
38:11:cd:8d:e0:73:bc:5a:ad:c5:f6:7a:0a:cb:d2:
98:bf:d4:a1:db:ef:c4:cc:b2:56:77:ba:cb:3c:b3:
5a:78:d9:0d:c8:9e:a4:94:62:b6:6c:d7:1a:62:64:
c2:19:b4:5f:56:e8:ea:60:4f:75:9e:ea:8f:25:65:
3c:6f:18:bf:78:9b:94:de:d7:42:58:48:ee:8c:5f:
68:ca:d7:b6:aa:94:f7:cb:ab:4d:04:52:89:63:29:
9f:4c:9b:6e:3d:94:40:63:b7:b6:0d:b8:b5:8b:db:
53:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2A:1C:86:91:F4:15:EC:CF:3D:EE:F2:AB:7D:89:8E:6F:97:3D:9D
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/MSochpH0FezPPe7yq32Jjm-XPZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.224.0/23
178.173.227.0-178.173.228.255
178.173.230.0/24
178.173.232.0-178.173.236.255
178.173.241.0/24
IPv6:
2001:16c0:16c0::/48
Signature Algorithm: sha256WithRSAEncryption
52:67:fa:a2:ca:f5:f1:99:d9:dc:22:df:65:3c:af:01:39:97:
14:4c:d6:70:ca:76:20:e6:45:3e:3a:ce:72:77:6d:a5:20:6d:
42:2b:83:a7:a8:f9:73:ca:d7:c6:89:5a:43:23:e9:4e:57:96:
f3:31:0e:0a:81:60:e8:2a:4f:72:f5:45:c8:5a:f0:df:f8:64:
27:64:06:07:72:f0:e0:38:cd:2d:16:8f:ed:6f:19:5c:82:6b:
19:0f:ef:60:bb:01:28:7c:5c:1f:11:32:fd:fc:8d:e8:89:69:
04:26:c7:46:bd:5c:3d:25:93:49:bf:20:df:1c:94:e6:07:7d:
de:d6:1f:cb:08:65:e0:74:de:39:05:95:10:7c:40:3f:99:a3:
6e:25:a6:7d:3e:8c:bf:75:f6:7c:a2:fe:63:9f:ad:66:10:62:
5f:09:a1:09:91:f9:17:22:69:f4:f3:c1:ed:a8:7c:2c:43:21:
18:4f:1a:6d:ad:d1:a8:38:16:c0:51:6d:b3:d9:f9:26:60:df:
13:cd:c8:dd:3f:e3:2f:d8:b7:f2:47:6f:9f:6e:bf:c4:c0:7c:
bd:3d:63:7b:7e:b6:7f:bd:98:c9:0d:24:9d:0c:5b:bd:81:15:
9e:a6:f3:c3:0d:31:16:87:e7:0a:48:9c:2c:65:23:94:e0:e5:
cf:6c:9c:db
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZOE2KNxGs+3cbyfQt8OjCI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQxMjAyMDA1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTJhMWM4NjkxZjQxNWVjY2YzZGVlZjJhYjdkODk4ZTZmOTczZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LKCgWlwcvsfdKvL1drTo0lzF4gB
+2097JsBl/5itchjsPEnDJ6Ytc+CssFi0hOJHLvr0uTMHR4qZhj+3+wvP1nnMz0i
6Uf3zhOUca94fSs1Nwj+DWpXS4yZuuBfv+ymC65iTjA5FcD2i66RHDCEmL3IDnYq
w2Ty1/6qEkkNCt6L3t+bJW8BnmuXepbHhE8TSLnZvW44Ec2N4HO8Wq3F9noKy9KY
v9Sh2+/EzLJWd7rLPLNaeNkNyJ6klGK2bNcaYmTCGbRfVujqYE91nuqPJWU8bxi/
eJuU3tdCWEjujF9oyte2qpT3y6tNBFKJYymfTJtuPZRAY7e2Dbi1i9tTswIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDEqHIaR9BXszz3u8qt9iY5vlz2dMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvTVNvY2hwSDBGZXpQUGU3eXEzMkpqbS1YUFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA0BAIAATAuAwQBsq3gMAwD
BACyreMDBACyreQDBACyreYwDAMEA7Kt6AMEALKt7AMEALKt8TAPBAIAAjAJAwcA
IAEWwBbAMA0GCSqGSIb3DQEBCwUAA4IBAQBSZ/qiyvXxmdncIt9lPK8BOZcUTNZw
ynYg5kU+Os5yd22lIG1CK4OnqPlzytfGiVpDI+lOV5bzMQ4KgWDoKk9y9UXIWvDf
+GQnZAYHcvDgOM0tFo/tbxlcgmsZD+9guwEofFwfETL9/I3oiWkEJsdGvVw9JZNJ
vyDfHJTmB33e1h/LCGXgdN45BZUQfEA/maNuJaZ9Poy/dfZ8ov5jn61mEGJfCaEJ
kfkXImn088HtqHwsQyEYTxptrdGoOBbAUW2z2fkmYN8TzcjdP+Mv2LfyR2+fbr/E
wHy9PWN7frZ/vZjJDSSdDFu9gRWepvPDDTEWh+cKSJwsZSOU4OXPbJzb
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:45:30 2025 by rpki-client