Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/s-PizKxvy4kGg7W_d0I-WtrxadI.roa
File: s-PizKxvy4kGg7W_d0I-WtrxadI.roa (raw, json)
Hash identifier: Dq/hyICG+ykRIdB4kjShp5dltiURerLlDDBdvNzFeN4=
Subject key identifier: B3:E3:E2:CC:AC:6F:CB:89:06:83:B5:BF:77:42:3E:5A:DA:F1:69:D2
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 01951976DD13EF75100BC1D536EC2AC057DA
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/s-PizKxvy4kGg7W_d0I-WtrxadI.roa
Signing time: Tue 18 Feb 2025 14:29:34 +0000
ROA not before: Tue 18 Feb 2025 14:29:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 78.136.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:76:dd:13:ef:75:10:0b:c1:d5:36:ec:2a:c0:57:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Feb 18 14:29:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3e3e2ccac6fcb890683b5bf77423e5adaf169d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:97:64:3b:9d:5a:5f:76:28:3d:21:1c:30:fc:
71:13:14:24:7b:a2:de:cb:20:ff:51:09:33:f5:f9:
ed:35:37:24:5a:5a:26:36:37:78:0b:3c:c8:e0:a0:
a7:a5:fe:b0:8a:fa:29:79:65:50:61:9c:c4:ea:d9:
b2:c7:95:89:e2:56:ce:91:c5:4e:97:bc:c8:42:b2:
bc:15:fe:22:24:fd:87:13:6d:52:c8:73:c8:55:e7:
71:42:1a:56:9b:be:a7:0c:6b:d2:9b:14:72:5f:bb:
03:0e:86:17:80:c2:ea:4b:cb:f1:b3:4d:6c:bc:bf:
fc:86:4b:e6:12:d2:f3:53:d7:c5:5c:e1:dd:6c:47:
e9:65:e6:6b:d0:8a:da:db:6f:84:52:c8:4a:87:6c:
62:fa:00:c5:79:66:70:42:2a:c2:f0:6a:ef:2f:db:
c1:9d:f2:92:f2:00:e5:89:98:74:2c:fa:a1:7f:b4:
f6:3b:49:af:96:f6:3b:06:13:a0:cf:b7:2b:68:96:
a3:9d:40:ab:12:e9:b4:e6:64:e8:9f:b2:13:4e:d2:
79:5e:61:d7:3d:c7:7f:fd:0d:86:44:b6:3a:96:bf:
13:ef:4b:df:bb:09:2b:74:85:e1:83:da:f6:9a:25:
5b:fb:dd:6b:1f:d1:a8:77:4c:bb:21:fc:c4:95:8f:
da:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E3:E2:CC:AC:6F:CB:89:06:83:B5:BF:77:42:3E:5A:DA:F1:69:D2
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/s-PizKxvy4kGg7W_d0I-WtrxadI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.254.0/24
Signature Algorithm: sha256WithRSAEncryption
19:e4:87:2b:03:8f:a6:1a:6b:dc:4f:1d:7b:ac:14:35:76:d8:
95:08:de:48:40:31:7f:50:7e:1a:f8:f8:34:f4:8b:a2:ba:fc:
8a:2f:11:6c:d6:0d:44:29:fa:a5:d1:bc:46:1c:d4:8c:b5:fc:
25:5b:79:40:8e:7e:4d:db:ca:cd:b2:47:1b:c4:9a:3c:64:c7:
2f:2a:57:08:82:08:8f:89:3e:01:38:2c:a8:e4:7a:43:48:cb:
64:8f:74:5b:ba:4d:cf:bb:91:42:d5:cc:62:e3:fa:c1:bf:aa:
af:9c:be:ea:36:a4:b1:62:86:fd:a1:af:52:48:cf:64:e6:de:
9a:df:39:a4:53:70:5d:ce:09:ab:a1:98:fc:f1:6b:3e:ae:91:
bb:63:1b:a6:f2:52:a8:dc:d9:cd:dc:67:56:12:68:7b:6b:b2:
63:3a:7a:43:a4:16:76:da:2f:d5:4f:e2:1b:b8:45:72:d8:66:
3e:b9:eb:90:60:a5:36:cc:91:06:d3:0c:49:02:47:46:af:08:
e5:5c:c5:3e:96:9d:68:ba:a3:86:c7:22:a1:8b:01:d4:73:bb:
61:4a:e1:92:1e:34:a8:29:fd:a7:2b:99:ed:e5:3e:93:d9:25:
50:c3:27:5b:3d:bc:d5:0e:43:b9:dc:f5:c7:c5:ac:55:d7:65:
3e:6d:cf:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUZdt0T73UQC8HVNuwqwFfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjUwMjE4MTQyOTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2UzZTJjY2FjNmZjYjg5MDY4M2I1YmY3NzQyM2U1YWRhZjE2OWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJdkO51aX3YoPSEcMPxxExQke6Le
yyD/UQkz9fntNTckWlomNjd4CzzI4KCnpf6wivopeWVQYZzE6tmyx5WJ4lbOkcVO
l7zIQrK8Ff4iJP2HE21SyHPIVedxQhpWm76nDGvSmxRyX7sDDoYXgMLqS8vxs01s
vL/8hkvmEtLzU9fFXOHdbEfpZeZr0Ira22+EUshKh2xi+gDFeWZwQirC8GrvL9vB
nfKS8gDliZh0LPqhf7T2O0mvlvY7BhOgz7craJajnUCrEum05mTon7ITTtJ5XmHX
Pcd//Q2GRLY6lr8T70vfuwkrdIXhg9r2miVb+91rH9God0y7IfzElY/azwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPj4sysb8uJBoO1v3dCPlra8WnSMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvcy1QaXpLeHZ5NGtHZzdXX2QwSS1XdHJ4YWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAToj+MA0G
CSqGSIb3DQEBCwUAA4IBAQAZ5IcrA4+mGmvcTx17rBQ1dtiVCN5IQDF/UH4a+Pg0
9IuiuvyKLxFs1g1EKfql0bxGHNSMtfwlW3lAjn5N28rNskcbxJo8ZMcvKlcIggiP
iT4BOCyo5HpDSMtkj3Rbuk3Pu5FC1cxi4/rBv6qvnL7qNqSxYob9oa9SSM9k5t6a
3zmkU3BdzgmroZj88Ws+rpG7Yxum8lKo3NnN3GdWEmh7a7JjOnpDpBZ22i/VT+Ib
uEVy2GY+ueuQYKU2zJEG0wxJAkdGrwjlXMU+lp1ouqOGxyKhiwHUc7thSuGSHjSo
Kf2nK5nt5T6T2SVQwydbPbzVDkO53PXHxaxV12U+bc9I
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:34:22 2025 by rpki-client