Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/236aba-e8f2-4e06-a064-ff96928a6df4/1/0rZo7T7QJSfK-cCHectv5r7maVc.roa
File: 0rZo7T7QJSfK-cCHectv5r7maVc.roa (raw, json)
Hash identifier: ydGK6Xk1/nHzsPWXGP+mEEVT+bo9klxNhdh+HOQt8DI=
Subject key identifier: D2:B6:68:ED:3E:D0:25:27:CA:F9:C0:87:79:CB:6F:E6:BE:E6:69:57
Certificate issuer: /CN=13e19aef683969eb982f2ddb219b4652af26b96d
Certificate serial: 019423D759FF0CE1ECA3ECFFFE3260D88BE3
Authority key identifier: 13:E1:9A:EF:68:39:69:EB:98:2F:2D:DB:21:9B:46:52:AF:26:B9:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E-Ga72g5aeuYLy3bIZtGUq8muW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/236aba-e8f2-4e06-a064-ff96928a6df4/1/0rZo7T7QJSfK-cCHectv5r7maVc.roa
Signing time: Wed 01 Jan 2025 21:48:23 +0000
ROA not before: Wed 01 Jan 2025 21:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 185.178.164.0/24 maxlen: 24
185.178.165.0/24 maxlen: 24
185.178.166.0/24 maxlen: 24
185.178.167.0/24 maxlen: 24
185.196.96.0/24 maxlen: 24
185.196.98.0/24 maxlen: 24
185.196.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:59:ff:0c:e1:ec:a3:ec:ff:fe:32:60:d8:8b:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13e19aef683969eb982f2ddb219b4652af26b96d
Validity
Not Before: Jan 1 21:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2b668ed3ed02527caf9c08779cb6fe6bee66957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b4:44:ad:21:8e:a9:33:72:50:32:9b:e9:c8:
4b:0d:aa:fc:a1:06:ba:ca:19:82:d2:9a:ee:ca:08:
d0:c5:c8:bf:75:ec:21:9d:57:66:46:d2:0a:0b:7f:
27:e5:21:62:15:f1:92:c9:22:2c:10:d8:46:cb:a2:
45:53:8e:dc:ca:e3:45:54:29:26:c1:b2:8c:da:0a:
3b:7b:2b:97:ba:78:b2:cd:30:97:c7:ba:55:cc:e1:
52:bc:88:c3:a0:9c:73:c2:aa:50:71:4c:57:bb:b2:
a5:67:5e:73:85:66:9c:02:98:d4:e5:6b:f6:f1:c2:
9a:07:1f:dd:04:69:48:b3:f2:83:3e:bb:ed:54:e7:
ec:2e:b5:a2:d8:8b:67:ee:51:91:ac:00:a0:f4:d9:
c8:38:a4:06:c0:c6:1b:cb:e2:e2:6d:54:9a:45:4a:
96:33:66:03:da:09:3b:3f:db:ec:f9:42:47:7c:09:
0d:a8:72:47:0a:32:08:1d:02:62:3a:f9:fb:7b:df:
ad:e1:d6:e1:04:7b:3b:27:52:6e:13:dd:11:6f:f4:
d0:db:be:1f:70:b1:8d:48:42:4f:86:53:46:9d:46:
1c:1a:04:74:f7:ac:99:1f:08:10:49:dd:cf:9b:59:
6e:0f:6a:51:a1:b4:ec:e5:b1:7f:64:71:d3:8c:4d:
c6:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B6:68:ED:3E:D0:25:27:CA:F9:C0:87:79:CB:6F:E6:BE:E6:69:57
X509v3 Authority Key Identifier:
keyid:13:E1:9A:EF:68:39:69:EB:98:2F:2D:DB:21:9B:46:52:AF:26:B9:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E-Ga72g5aeuYLy3bIZtGUq8muW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/236aba-e8f2-4e06-a064-ff96928a6df4/1/0rZo7T7QJSfK-cCHectv5r7maVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/236aba-e8f2-4e06-a064-ff96928a6df4/1/E-Ga72g5aeuYLy3bIZtGUq8muW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.164.0/22
185.196.96.0/24
185.196.98.0/23
Signature Algorithm: sha256WithRSAEncryption
13:ad:a6:bb:ea:66:9b:34:3f:a4:f9:93:66:4a:41:ac:99:14:
b7:fd:d3:be:6b:b6:52:5d:95:f6:c9:94:6e:81:98:aa:da:81:
ba:05:2e:52:93:24:93:48:81:8b:35:e0:10:37:05:25:d3:88:
55:de:1b:6f:4f:8a:09:1d:34:07:96:0a:cf:c6:60:7d:aa:66:
2b:af:90:c6:3b:f5:77:ac:42:9c:8c:33:23:7c:98:a0:33:b5:
c1:f6:ba:9a:a3:50:a9:12:c3:a5:4f:c4:5e:92:cd:66:5a:2d:
9c:96:04:71:bb:69:95:b8:f5:24:12:4e:66:cc:29:18:40:a3:
af:4b:22:fa:68:72:8e:02:79:bc:4d:6a:95:5d:c0:b6:14:ed:
f8:46:da:ba:a8:3d:06:0a:cf:cd:d5:6b:ae:27:06:76:58:51:
fe:f4:43:d8:5d:07:c4:59:70:cf:ec:ff:df:62:8b:95:2e:bb:
f6:42:75:79:ab:8c:5d:bf:1c:1a:d1:a1:e1:52:28:d5:fd:6e:
1e:f8:93:dc:b8:53:3f:7d:bc:7a:25:b9:87:5d:a2:da:a5:da:
69:04:29:40:d4:35:27:46:b2:b2:62:e4:90:27:e3:22:99:e3:
a5:5f:66:d3:a6:f3:17:27:34:5c:64:45:26:05:4e:6e:4a:84:
1d:ef:2a:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQj11n/DOHso+z//jJg2IvjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZTE5YWVmNjgzOTY5ZWI5ODJmMmRkYjIxOWI0NjUyYWYy
NmI5NmQwHhcNMjUwMTAxMjE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmI2NjhlZDNlZDAyNTI3Y2FmOWMwODc3OWNiNmZlNmJlZTY2OTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bRErSGOqTNyUDKb6chLDar8oQa6
yhmC0pruygjQxci/dewhnVdmRtIKC38n5SFiFfGSySIsENhGy6JFU47cyuNFVCkm
wbKM2go7eyuXuniyzTCXx7pVzOFSvIjDoJxzwqpQcUxXu7KlZ15zhWacApjU5Wv2
8cKaBx/dBGlIs/KDPrvtVOfsLrWi2Itn7lGRrACg9NnIOKQGwMYby+LibVSaRUqW
M2YD2gk7P9vs+UJHfAkNqHJHCjIIHQJiOvn7e9+t4dbhBHs7J1JuE90Rb/TQ274f
cLGNSEJPhlNGnUYcGgR096yZHwgQSd3Pm1luD2pRobTs5bF/ZHHTjE3GoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNK2aO0+0CUnyvnAh3nLb+a+5mlXMB8GA1UdIwQY
MBaAFBPhmu9oOWnrmC8t2yGbRlKvJrltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRS1HYTcyZzVhZXVZTHkzYkladEdVcThtdVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8yMzZhYmEtZThmMi00ZTA2LWEwNjQt
ZmY5NjkyOGE2ZGY0LzEvMHJabzdUN1FKU2ZLLWNDSGVjdHY1cjdtYVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8yMzZhYmEtZThmMi00ZTA2LWEwNjQtZmY5NjkyOGE2ZGY0
LzEvRS1HYTcyZzVhZXVZTHkzYkladEdVcThtdVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCubKkAwQA
ucRgAwQBucRiMA0GCSqGSIb3DQEBCwUAA4IBAQATraa76mabND+k+ZNmSkGsmRS3
/dO+a7ZSXZX2yZRugZiq2oG6BS5SkySTSIGLNeAQNwUl04hV3htvT4oJHTQHlgrP
xmB9qmYrr5DGO/V3rEKcjDMjfJigM7XB9rqao1CpEsOlT8Reks1mWi2clgRxu2mV
uPUkEk5mzCkYQKOvSyL6aHKOAnm8TWqVXcC2FO34Rtq6qD0GCs/N1WuuJwZ2WFH+
9EPYXQfEWXDP7P/fYouVLrv2QnV5q4xdvxwa0aHhUijV/W4e+JPcuFM/fbx6JbmH
XaLapdppBClA1DUnRrKyYuSQJ+MimeOlX2bTpvMXJzRcZEUmBU5uSoQd7yo2
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:47:29 2025 by rpki-client