Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/uAJPp_cdEYjcSpzKM-sQ9iNNbhY.roa
File: uAJPp_cdEYjcSpzKM-sQ9iNNbhY.roa (raw, json)
Hash identifier: qW1kwZokWt96C75oju43pWzAxvQCoRiPlGRZb66a7vE=
Subject key identifier: B8:02:4F:A7:F7:1D:11:88:DC:4A:9C:CA:33:EB:10:F6:23:4D:6E:16
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFA90E079AC4F0B6CFD26F0E155619D
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/uAJPp_cdEYjcSpzKM-sQ9iNNbhY.roa
Signing time: Wed 01 Jan 2025 03:48:22 +0000
ROA not before: Wed 01 Jan 2025 03:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20527
IP address blocks: 178.170.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:90:e0:79:ac:4f:0b:6c:fd:26:f0:e1:55:61:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8024fa7f71d1188dc4a9cca33eb10f6234d6e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:24:7e:b4:1b:d3:5a:08:fa:5a:c0:8c:1b:
bb:bb:79:b5:8f:ab:65:45:82:2c:72:8a:bd:4f:c3:
9f:89:90:42:85:48:2a:ce:ee:19:c1:b2:21:e4:6a:
29:55:40:56:dc:b2:2e:ef:c4:8f:45:86:9c:ea:5e:
cd:bb:52:1f:ba:d3:e2:4a:ac:3c:5b:b4:01:3d:58:
d8:3f:10:0c:90:a4:8d:4c:7e:6f:1b:19:ee:fd:cc:
82:df:26:9d:4e:e5:25:e9:32:7a:37:df:1b:1d:64:
ab:7e:c7:53:c6:9b:8b:70:56:06:4d:c2:fb:3e:d3:
70:10:15:a8:d7:e9:91:b1:ae:60:02:ea:2d:d7:04:
98:a0:8f:69:6c:78:9d:aa:8d:db:8a:36:18:6c:39:
ee:c6:41:ac:8f:18:5a:f7:8e:f6:f8:11:a0:f7:61:
0f:d7:e2:22:be:f4:8c:c0:3b:ce:e9:9e:71:a0:ce:
38:78:96:ae:f1:a3:41:aa:73:a7:24:dd:2d:e0:78:
87:c2:79:17:5b:7e:32:3b:9b:b4:07:13:99:dc:96:
f7:00:57:67:82:2b:a0:32:df:b9:41:38:64:59:69:
d0:c5:89:d4:11:02:41:b5:1d:04:b8:76:46:a4:2e:
d3:35:b1:53:d6:8c:8e:97:ab:36:37:ce:75:ea:be:
20:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:02:4F:A7:F7:1D:11:88:DC:4A:9C:CA:33:EB:10:F6:23:4D:6E:16
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/uAJPp_cdEYjcSpzKM-sQ9iNNbhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.170.233.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:87:89:d3:b2:75:82:c5:bf:8d:37:b4:47:c6:43:d1:6b:27:
2a:aa:3f:e0:3d:aa:82:a5:2e:85:fc:a6:6f:83:cf:15:ef:c7:
7e:33:cb:d4:8e:85:0c:bb:b9:5c:14:97:9c:f0:6f:4c:b9:ef:
33:d5:99:aa:db:62:2a:22:ca:88:d8:db:56:18:00:bc:fb:40:
8f:67:76:d3:91:cb:35:2f:97:bf:0f:a1:c2:58:22:1f:f6:77:
35:9d:a5:e6:7c:f3:42:74:40:1c:cc:06:a1:80:3b:71:04:da:
7a:72:06:72:ae:36:a3:c8:5b:24:4f:a7:bb:ce:75:fc:a4:b3:
b8:2f:a9:1f:b7:10:ff:ed:c0:2c:6b:bc:a7:56:a6:90:66:5d:
9b:37:a6:3e:d2:9e:63:97:93:2a:f6:55:af:78:a5:79:23:66:
db:c6:b3:66:57:8e:52:e0:34:0f:70:66:9d:0a:df:da:b1:2d:
8d:1e:91:5d:3a:0f:50:f9:f4:47:41:48:95:c4:17:b3:c2:98:
38:8c:6a:55:93:ae:03:7d:13:18:eb:bf:cb:84:f8:73:a9:eb:
d6:e3:fa:a4:b8:b7:a7:e7:d6:c3:2f:70:2e:1e:a3:ff:0c:de:
b4:46:93:72:42:95:8b:8a:4b:e0:4f:f4:31:68:1e:1b:fd:72:
c7:cd:e6:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+pDgeaxPC2z9JvDhVWGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODAyNGZhN2Y3MWQxMTg4ZGM0YTljY2EzM2ViMTBmNjIzNGQ2ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEQkfrQb01oI+lrAjBu7u3m1j6tl
RYIscoq9T8OfiZBChUgqzu4ZwbIh5GopVUBW3LIu78SPRYac6l7Nu1IfutPiSqw8
W7QBPVjYPxAMkKSNTH5vGxnu/cyC3yadTuUl6TJ6N98bHWSrfsdTxpuLcFYGTcL7
PtNwEBWo1+mRsa5gAuot1wSYoI9pbHidqo3bijYYbDnuxkGsjxha9472+BGg92EP
1+IivvSMwDvO6Z5xoM44eJau8aNBqnOnJN0t4HiHwnkXW34yO5u0BxOZ3Jb3AFdn
giugMt+5QThkWWnQxYnUEQJBtR0EuHZGpC7TNbFT1oyOl6s2N8516r4gyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLgCT6f3HRGI3EqcyjPrEPYjTW4WMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvdUFKUHBfY2RFWWpjU3B6S00tc1E5aU5OYmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsqrpMA0G
CSqGSIb3DQEBCwUAA4IBAQDBh4nTsnWCxb+NN7RHxkPRaycqqj/gPaqCpS6F/KZv
g88V78d+M8vUjoUMu7lcFJec8G9Mue8z1Zmq22IqIsqI2NtWGAC8+0CPZ3bTkcs1
L5e/D6HCWCIf9nc1naXmfPNCdEAczAahgDtxBNp6cgZyrjajyFskT6e7znX8pLO4
L6kftxD/7cAsa7ynVqaQZl2bN6Y+0p5jl5Mq9lWveKV5I2bbxrNmV45S4DQPcGad
Ct/asS2NHpFdOg9Q+fRHQUiVxBezwpg4jGpVk64DfRMY67/LhPhzqevW4/qkuLen
59bDL3AuHqP/DN60RpNyQpWLikvgT/QxaB4b/XLHzebr
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:50:20 2025 by rpki-client