Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mWI16Nr5uARPIlBngzxf7nVK-PQ.roa
File: mWI16Nr5uARPIlBngzxf7nVK-PQ.roa (raw, json)
Hash identifier: tISSb+BIYAcjWB+KFAN0nR8E6nSDx0zw9f4z1CLwe/U=
Subject key identifier: 99:62:35:E8:DA:F9:B8:04:4F:22:50:67:83:3C:5F:EE:75:4A:F8:F4
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01946510911CA93C28C95A32B3BE33BA03DB
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mWI16Nr5uARPIlBngzxf7nVK-PQ.roa
Signing time: Tue 14 Jan 2025 13:46:11 +0000
ROA not before: Tue 14 Jan 2025 13:46:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399114
IP address blocks: 178.173.240.0/20 maxlen: 24
188.253.8.0/24 maxlen: 24
188.253.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:65:10:91:1c:a9:3c:28:c9:5a:32:b3:be:33:ba:03:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 14 13:46:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=996235e8daf9b8044f225067833c5fee754af8f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8a:0a:70:be:35:09:f2:a2:15:2b:90:31:81:
b3:da:69:7d:87:9c:d9:ce:8b:cf:5b:9f:33:e6:20:
b5:90:29:d2:08:d5:75:4b:39:f6:f8:21:17:a3:ed:
7b:d4:8f:99:73:6c:f2:c3:fd:a8:ce:75:4c:8d:ea:
96:2e:c2:8a:c1:dc:99:8c:5d:c1:b6:8e:4d:07:bc:
53:50:4c:7e:f5:f8:fd:40:43:d3:5e:82:fc:b8:09:
89:29:59:02:e7:6c:d6:1e:84:77:e6:3e:57:e7:71:
f8:ed:63:88:31:79:cc:6c:ac:5b:dd:3d:89:89:eb:
58:66:9e:e5:96:c8:a0:8e:9f:cc:1c:18:f0:76:2b:
d6:8b:3c:94:63:4c:48:11:ae:3c:2c:dd:b7:07:5b:
15:e4:cb:9b:16:c7:58:b0:b4:a8:5c:3c:2a:76:c4:
11:95:41:6c:d2:47:21:cb:3c:a9:4c:67:1a:e5:c9:
9c:60:9f:30:1f:ec:fc:91:28:56:dc:d7:c4:fe:0a:
91:90:84:33:73:bc:ce:4e:c3:55:14:cc:c6:ef:c3:
16:35:22:ac:19:d4:e3:0c:a3:b9:01:77:75:29:d9:
49:ee:eb:e9:fa:fe:a7:d6:5d:d5:6a:ce:52:ec:08:
ca:a1:13:0c:de:21:99:ee:f8:70:45:3a:4d:df:14:
8c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:62:35:E8:DA:F9:B8:04:4F:22:50:67:83:3C:5F:EE:75:4A:F8:F4
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mWI16Nr5uARPIlBngzxf7nVK-PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.240.0/20
188.253.8.0/23
Signature Algorithm: sha256WithRSAEncryption
26:e1:71:d3:89:cb:01:df:57:35:2c:0c:bc:83:7e:a5:a8:63:
df:d3:ce:ef:46:30:12:b5:ad:44:0e:b5:d1:61:6b:4b:3d:8e:
1e:7e:5d:78:56:13:9d:b8:41:67:2f:5c:6d:67:ef:2f:4b:ca:
5c:28:7b:10:9d:11:66:38:a5:b0:f2:94:70:f6:6b:6c:9d:75:
e6:72:8b:58:1d:7a:ad:0a:8a:bf:9f:42:5e:2b:ec:2a:c8:25:
ee:32:0c:ab:ef:6a:83:42:c5:3a:c4:be:5e:60:25:0a:92:07:
9a:a7:b8:16:1c:0c:2e:a2:47:76:e9:bb:33:55:04:c1:19:24:
c3:8b:9b:61:d9:c7:47:32:53:90:9b:42:71:04:36:6f:45:f1:
69:ae:fb:d4:e8:67:ce:95:5e:80:2a:9e:a4:d2:80:f2:46:28:
d6:fd:53:86:01:7b:e4:61:eb:af:98:27:02:ca:87:b8:03:cd:
bd:51:5e:4e:f5:cd:45:f5:93:cc:71:0c:d8:6e:e8:93:49:c6:
56:9a:bb:8f:e3:dc:33:00:7c:77:40:f6:e1:e0:2b:7b:3d:7e:
70:1f:6e:d0:b4:64:30:b9:31:b4:5c:17:3a:58:f8:2a:9a:25:
3e:54:86:4a:1b:bf:68:39:d5:cd:7b:cb:60:69:f7:82:91:16:
63:c2:26:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRlEJEcqTwoyVoys74zugPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTE0MTM0NjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTYyMzVlOGRhZjliODA0NGYyMjUwNjc4MzNjNWZlZTc1NGFmOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYoKcL41CfKiFSuQMYGz2ml9h5zZ
zovPW58z5iC1kCnSCNV1Szn2+CEXo+171I+Zc2zyw/2oznVMjeqWLsKKwdyZjF3B
to5NB7xTUEx+9fj9QEPTXoL8uAmJKVkC52zWHoR35j5X53H47WOIMXnMbKxb3T2J
ietYZp7llsigjp/MHBjwdivWizyUY0xIEa48LN23B1sV5MubFsdYsLSoXDwqdsQR
lUFs0kchyzypTGca5cmcYJ8wH+z8kShW3NfE/gqRkIQzc7zOTsNVFMzG78MWNSKs
GdTjDKO5AXd1KdlJ7uvp+v6n1l3Vas5S7AjKoRMM3iGZ7vhwRTpN3xSMdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJliNeja+bgETyJQZ4M8X+51Svj0MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbVdJMTZOcjV1QVJQSWxCbmd6eGY3blZLLVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEsq3wAwQB
vP0IMA0GCSqGSIb3DQEBCwUAA4IBAQAm4XHTicsB31c1LAy8g36lqGPf087vRjAS
ta1EDrXRYWtLPY4efl14VhOduEFnL1xtZ+8vS8pcKHsQnRFmOKWw8pRw9mtsnXXm
cotYHXqtCoq/n0JeK+wqyCXuMgyr72qDQsU6xL5eYCUKkgeap7gWHAwuokd26bsz
VQTBGSTDi5th2cdHMlOQm0JxBDZvRfFprvvU6GfOlV6AKp6k0oDyRijW/VOGAXvk
YeuvmCcCyoe4A829UV5O9c1F9ZPMcQzYbuiTScZWmruP49wzAHx3QPbh4Ct7PX5w
H27QtGQwuTG0XBc6WPgqmiU+VIZKG79oOdXNe8tgafeCkRZjwiZI
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:31:27 2025 by rpki-client