Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/08a7ff-2cef-4248-9fe8-04c8f3eeceeb/1/t0KxoFR4-v-aF7ApZp5a51UCPdE.roa
File: t0KxoFR4-v-aF7ApZp5a51UCPdE.roa (raw, json)
Hash identifier: wDmBNX7FNw1Byb+j/pduuukElypr1eZvZiRjB9AwIB4=
Subject key identifier: B7:42:B1:A0:54:78:FA:FF:9A:17:B0:29:66:9E:5A:E7:55:02:3D:D1
Certificate issuer: /CN=571456649692e60566de008e126bbdd1d2ebed45
Certificate serial: 019423699A5374EA9C43730838D0BC2854EE
Authority key identifier: 57:14:56:64:96:92:E6:05:66:DE:00:8E:12:6B:BD:D1:D2:EB:ED:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VxRWZJaS5gVm3gCOEmu90dLr7UU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/08a7ff-2cef-4248-9fe8-04c8f3eeceeb/1/t0KxoFR4-v-aF7ApZp5a51UCPdE.roa
Signing time: Wed 01 Jan 2025 19:48:30 +0000
ROA not before: Wed 01 Jan 2025 19:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59853
IP address blocks: 178.216.246.0/24 maxlen: 24
185.68.228.0/23 maxlen: 23
185.68.230.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:9a:53:74:ea:9c:43:73:08:38:d0:bc:28:54:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=571456649692e60566de008e126bbdd1d2ebed45
Validity
Not Before: Jan 1 19:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b742b1a05478faff9a17b029669e5ae755023dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:27:54:92:1b:e1:b5:e6:bc:ff:54:3a:44:b7:
71:fd:2a:23:5c:56:b2:c7:a3:d5:6e:28:13:2d:2c:
1f:08:be:c2:0c:df:2c:a4:d7:5d:24:8c:9a:df:70:
73:b1:66:4b:06:92:6d:de:f4:fa:9e:fd:68:1b:09:
52:ba:6f:31:79:9c:7b:cc:3f:45:93:be:78:43:ac:
6e:4c:0a:58:b6:5e:07:fa:02:27:4d:50:86:0d:63:
27:86:78:ca:8c:80:c3:f5:37:90:50:14:ac:e6:7f:
fa:8a:05:b8:62:15:a8:5f:4d:bd:70:8c:90:ff:13:
23:e4:49:95:32:73:4a:60:ba:48:cf:c1:61:fd:3f:
f7:6a:6d:06:cc:d4:d3:95:d2:42:cd:4f:50:c6:41:
da:7c:86:a5:82:5f:77:5d:3a:a9:3d:51:b4:79:b3:
57:99:2c:6a:5f:08:6a:7e:43:b6:21:c1:49:cc:6c:
50:12:8b:31:e4:fe:8a:ad:2c:4e:3e:db:db:2e:32:
51:1a:1e:f6:52:6a:b4:02:20:61:f9:df:07:59:29:
c1:77:4c:70:31:3b:55:83:c4:14:9b:b4:2f:91:9c:
48:a3:7a:fe:af:f4:ea:0b:a4:21:c4:19:80:f8:36:
cf:82:10:41:6a:94:0b:d3:78:05:01:a1:e9:01:b7:
05:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:42:B1:A0:54:78:FA:FF:9A:17:B0:29:66:9E:5A:E7:55:02:3D:D1
X509v3 Authority Key Identifier:
keyid:57:14:56:64:96:92:E6:05:66:DE:00:8E:12:6B:BD:D1:D2:EB:ED:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VxRWZJaS5gVm3gCOEmu90dLr7UU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/08a7ff-2cef-4248-9fe8-04c8f3eeceeb/1/t0KxoFR4-v-aF7ApZp5a51UCPdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/08a7ff-2cef-4248-9fe8-04c8f3eeceeb/1/VxRWZJaS5gVm3gCOEmu90dLr7UU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.216.246.0/24
185.68.228.0/22
Signature Algorithm: sha256WithRSAEncryption
44:aa:a6:73:e7:5c:93:a3:21:61:8d:b4:65:ca:db:11:eb:40:
cf:a7:b7:1a:44:5d:87:96:87:e9:b3:46:ec:20:8f:d3:a3:65:
20:f7:be:19:49:a9:f6:63:da:ab:ee:96:a3:be:62:29:46:e6:
17:97:b3:0a:17:5a:4b:57:f5:75:fc:e4:db:f6:ca:b0:aa:b5:
44:fe:07:09:1f:05:1c:e6:f0:9a:c7:8c:e0:60:22:82:cd:5f:
dc:ca:d1:70:8e:6c:55:78:a3:a1:e4:36:7b:a3:29:bf:9c:af:
d2:66:28:f0:6f:c0:db:d3:06:36:0e:02:fc:82:31:0b:ae:96:
1f:7c:51:c2:86:35:44:9e:ca:64:2b:84:23:13:c3:ee:b9:89:
9d:2c:8a:44:17:ee:fe:56:3e:a4:8d:47:68:e8:b5:13:3c:eb:
69:a2:20:1f:27:76:6a:ee:fc:6d:ef:4a:7c:eb:3c:3b:f9:eb:
6b:6d:7a:97:00:b7:83:23:b6:a4:6a:53:50:a2:e8:d3:40:2d:
22:85:f8:6f:60:9e:63:30:be:7a:1b:ce:9e:13:ee:4f:fa:0b:
a9:33:4e:65:48:c7:18:3a:80:56:3e:9f:db:26:a5:d5:03:c2:
f8:d5:71:72:45:3d:02:f2:e7:31:41:27:c9:e5:45:87:b9:38:
4a:5b:f7:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaZpTdOqcQ3MIONC8KFTuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTQ1NjY0OTY5MmU2MDU2NmRlMDA4ZTEyNmJiZGQxZDJl
YmVkNDUwHhcNMjUwMTAxMTk0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzQyYjFhMDU0NzhmYWZmOWExN2IwMjk2NjllNWFlNzU1MDIzZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxidUkhvhtea8/1Q6RLdx/SojXFay
x6PVbigTLSwfCL7CDN8spNddJIya33BzsWZLBpJt3vT6nv1oGwlSum8xeZx7zD9F
k754Q6xuTApYtl4H+gInTVCGDWMnhnjKjIDD9TeQUBSs5n/6igW4YhWoX029cIyQ
/xMj5EmVMnNKYLpIz8Fh/T/3am0GzNTTldJCzU9QxkHafIalgl93XTqpPVG0ebNX
mSxqXwhqfkO2IcFJzGxQEosx5P6KrSxOPtvbLjJRGh72Umq0AiBh+d8HWSnBd0xw
MTtVg8QUm7QvkZxIo3r+r/TqC6QhxBmA+DbPghBBapQL03gFAaHpAbcFswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLdCsaBUePr/mhewKWaeWudVAj3RMB8GA1UdIwQY
MBaAFFcUVmSWkuYFZt4AjhJrvdHS6+1FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhSV1pKYVM1Z1ZtM2dDT0VtdTkwZExyN1VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wOGE3ZmYtMmNlZi00MjQ4LTlmZTgt
MDRjOGYzZWVjZWViLzEvdDBLeG9GUjQtdi1hRjdBcFpwNWE1MVVDUGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wOGE3ZmYtMmNlZi00MjQ4LTlmZTgtMDRjOGYzZWVjZWVi
LzEvVnhSV1pKYVM1Z1ZtM2dDT0VtdTkwZExyN1VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAstj2AwQC
uUTkMA0GCSqGSIb3DQEBCwUAA4IBAQBEqqZz51yToyFhjbRlytsR60DPp7caRF2H
lofps0bsII/To2Ug974ZSan2Y9qr7pajvmIpRuYXl7MKF1pLV/V1/OTb9sqwqrVE
/gcJHwUc5vCax4zgYCKCzV/cytFwjmxVeKOh5DZ7oym/nK/SZijwb8Db0wY2DgL8
gjELrpYffFHChjVEnspkK4QjE8PuuYmdLIpEF+7+Vj6kjUdo6LUTPOtpoiAfJ3Zq
7vxt70p86zw7+etrbXqXALeDI7akalNQoujTQC0ihfhvYJ5jML56G86eE+5P+gup
M05lSMcYOoBWPp/bJqXVA8L41XFyRT0C8ucxQSfJ5UWHuThKW/en
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:32:34 2025 by rpki-client