Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/2OyaFSjBRoREDHEMRffL3EbO-HE.roa
File: 2OyaFSjBRoREDHEMRffL3EbO-HE.roa (raw, json)
Hash identifier: nXI4OkiYa5c+MjdVzqLFFZ3ZGswBHizjRFddCRvE7B8=
Subject key identifier: D8:EC:9A:15:28:C1:46:84:44:0C:71:0C:45:F7:CB:DC:46:CE:F8:71
Certificate issuer: /CN=7d149f62447853689c12fb288afeb6b681cfebc1
Certificate serial: 0194266C16688366F4857FD9797FDC840290
Authority key identifier: 7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/2OyaFSjBRoREDHEMRffL3EbO-HE.roa
Signing time: Thu 02 Jan 2025 09:50:05 +0000
ROA not before: Thu 02 Jan 2025 09:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12406
IP address blocks: 178.172.136.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:16:68:83:66:f4:85:7f:d9:79:7f:dc:84:02:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d149f62447853689c12fb288afeb6b681cfebc1
Validity
Not Before: Jan 2 09:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8ec9a1528c14684440c710c45f7cbdc46cef871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3c:c3:a0:f8:ec:e3:c0:40:b2:a6:86:4e:de:
2f:c1:44:ca:a8:d5:e1:60:25:60:04:52:4d:2c:87:
17:81:f7:06:35:40:28:46:71:2d:18:32:11:a4:f9:
d2:17:67:e1:a9:45:4a:ff:b5:c2:d4:fc:e3:1a:be:
cf:fa:d7:68:95:84:d0:fb:99:bf:fd:12:4c:91:cc:
2f:90:38:a8:40:23:29:85:bc:55:61:4f:88:f1:96:
5f:d4:38:e6:e6:fc:bb:a8:5a:3b:04:71:a2:ff:30:
bd:aa:1d:72:7c:64:b5:56:85:41:71:bd:40:60:74:
d5:a5:5f:55:46:91:04:7c:62:ff:2f:0e:ea:4a:e8:
ff:6e:f8:72:54:c2:a1:3a:0c:ed:23:46:32:51:32:
81:b3:46:08:8a:96:25:f2:ca:37:80:f0:fc:02:15:
11:91:f5:51:a9:ae:eb:21:78:4f:66:15:ce:f8:e5:
49:99:23:bc:f3:77:26:44:e6:73:fd:c4:71:e6:d0:
93:fc:20:3c:da:b1:25:fc:a4:12:0e:91:a2:cc:1a:
0e:2e:18:ad:ae:3a:8b:97:73:c7:95:6e:54:6e:26:
90:3c:ad:30:d0:c5:f5:89:ca:47:0e:75:1d:4f:77:
1b:7b:ad:1f:d9:bc:40:e2:64:09:01:ef:4d:12:bb:
fa:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:EC:9A:15:28:C1:46:84:44:0C:71:0C:45:F7:CB:DC:46:CE:F8:71
X509v3 Authority Key Identifier:
keyid:7D:14:9F:62:44:78:53:68:9C:12:FB:28:8A:FE:B6:B6:81:CF:EB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fRSfYkR4U2icEvsoiv62toHP68E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/2OyaFSjBRoREDHEMRffL3EbO-HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/6a54bf-f00f-467a-bf57-aab0e414cc63/1/fRSfYkR4U2icEvsoiv62toHP68E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.172.136.0/22
Signature Algorithm: sha256WithRSAEncryption
74:9b:14:71:54:99:7b:ac:55:fe:20:1e:71:27:e9:0c:b8:64:
97:96:e7:c1:d8:de:67:29:4b:63:7c:3c:ad:a2:83:df:53:ee:
ca:62:54:91:f4:11:ac:f0:c7:17:e8:55:76:d5:5f:80:e9:3e:
98:42:76:3f:0a:f0:e0:82:9d:ff:22:00:3b:08:e3:81:83:f4:
04:f1:57:36:be:bb:1a:8b:da:84:db:6b:bd:e3:b2:38:be:1e:
ba:e9:bf:a7:43:db:9a:55:8f:57:88:a0:e4:44:8f:7e:97:5b:
f8:e7:dd:4a:53:ad:fe:45:a7:b6:dd:8f:28:b6:56:29:3a:09:
da:e0:22:f9:ee:f2:f8:25:77:dd:5f:66:b7:4a:ff:e4:b3:1f:
3f:0a:3e:08:c3:dd:56:03:36:49:ae:22:af:d1:07:7a:59:9b:
ef:df:84:31:61:31:39:6d:3b:5e:20:53:a0:c4:93:c8:e4:8d:
44:c7:d8:e4:b4:81:1b:dc:08:f3:5b:95:83:ae:0d:1d:cc:27:
c5:b5:2d:bb:6a:33:7d:1a:b0:e0:b6:33:47:de:c4:77:41:c1:
ba:9e:3d:c0:71:7e:81:f3:cb:6e:54:c9:46:ec:f4:3c:1c:48:
fa:96:b5:a2:0a:c8:ae:44:dc:dc:5a:b4:ed:06:26:49:9c:ee:
a8:33:17:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbBZog2b0hX/ZeX/chAKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMTQ5ZjYyNDQ3ODUzNjg5YzEyZmIyODhhZmViNmI2ODFj
ZmViYzEwHhcNMjUwMTAyMDk1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGVjOWExNTI4YzE0Njg0NDQwYzcxMGM0NWY3Y2JkYzQ2Y2VmODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTzDoPjs48BAsqaGTt4vwUTKqNXh
YCVgBFJNLIcXgfcGNUAoRnEtGDIRpPnSF2fhqUVK/7XC1PzjGr7P+tdolYTQ+5m/
/RJMkcwvkDioQCMphbxVYU+I8ZZf1Djm5vy7qFo7BHGi/zC9qh1yfGS1VoVBcb1A
YHTVpV9VRpEEfGL/Lw7qSuj/bvhyVMKhOgztI0YyUTKBs0YIipYl8so3gPD8AhUR
kfVRqa7rIXhPZhXO+OVJmSO883cmROZz/cRx5tCT/CA82rEl/KQSDpGizBoOLhit
rjqLl3PHlW5UbiaQPK0w0MX1icpHDnUdT3cbe60f2bxA4mQJAe9NErv68QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjsmhUowUaERAxxDEX3y9xGzvhxMB8GA1UdIwQY
MBaAFH0Un2JEeFNonBL7KIr+traBz+vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTct
YWFiMGU0MTRjYzYzLzEvMk95YUZTakJSb1JFREhFTVJmZkwzRWJPLUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC82YTU0YmYtZjAwZi00NjdhLWJmNTctYWFiMGU0MTRjYzYz
LzEvZlJTZllrUjRVMmljRXZzb2l2NjJ0b0hQNjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsqyIMA0G
CSqGSIb3DQEBCwUAA4IBAQB0mxRxVJl7rFX+IB5xJ+kMuGSXlufB2N5nKUtjfDyt
ooPfU+7KYlSR9BGs8McX6FV21V+A6T6YQnY/CvDggp3/IgA7COOBg/QE8Vc2vrsa
i9qE22u947I4vh666b+nQ9uaVY9XiKDkRI9+l1v4591KU63+Rae23Y8otlYpOgna
4CL57vL4JXfdX2a3Sv/ksx8/Cj4Iw91WAzZJriKv0Qd6WZvv34QxYTE5bTteIFOg
xJPI5I1Ex9jktIEb3AjzW5WDrg0dzCfFtS27ajN9GrDgtjNH3sR3QcG6nj3AcX6B
88tuVMlG7PQ8HEj6lrWiCsiuRNzcWrTtBiZJnO6oMxfk
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:54:57 2025 by rpki-client