Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/13288a-d928-462b-94ba-9e22561bca88/1/vIU4Yywm4_gH0qTtuVvYBbqi0Vk.roa
File: vIU4Yywm4_gH0qTtuVvYBbqi0Vk.roa (raw, json)
Hash identifier: 7tRCC811YWihlT+yYcIFOXhADjHxLL/OK1DaYCuI4jk=
Subject key identifier: BC:85:38:63:2C:26:E3:F8:07:D2:A4:ED:B9:5B:D8:05:BA:A2:D1:59
Certificate issuer: /CN=2fd379353e3c948dfd98da0a59e9792353a4d0e3
Certificate serial: 01942067C14E2BA7D25B3F1C207B0B8D9FFF
Authority key identifier: 2F:D3:79:35:3E:3C:94:8D:FD:98:DA:0A:59:E9:79:23:53:A4:D0:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L9N5NT48lI39mNoKWel5I1Ok0OM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/13288a-d928-462b-94ba-9e22561bca88/1/vIU4Yywm4_gH0qTtuVvYBbqi0Vk.roa
Signing time: Wed 01 Jan 2025 05:47:38 +0000
ROA not before: Wed 01 Jan 2025 05:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 176.116.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:c1:4e:2b:a7:d2:5b:3f:1c:20:7b:0b:8d:9f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fd379353e3c948dfd98da0a59e9792353a4d0e3
Validity
Not Before: Jan 1 05:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc8538632c26e3f807d2a4edb95bd805baa2d159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:6f:27:7e:ff:44:b6:04:ab:6a:30:6d:1f:ba:
3a:f2:b3:f1:aa:b3:21:4f:ba:8b:4f:40:73:1b:57:
d0:a4:95:c4:ca:c5:d1:23:35:4b:88:46:77:16:c4:
11:d1:e8:69:cf:76:e1:41:cf:df:26:b0:19:0d:2e:
97:ae:c3:88:76:42:26:51:d6:54:39:67:42:32:70:
d2:42:7f:3f:1a:eb:02:b2:96:40:1e:53:ce:e9:7e:
48:cc:f9:e5:75:4b:43:95:dd:75:0e:62:0c:ee:b3:
cc:01:8a:2d:48:f4:ce:ed:e4:5c:3a:66:db:27:2b:
a3:b2:ab:8d:9c:46:ad:52:d9:28:ad:8e:ca:94:01:
9c:a8:4f:39:cf:22:ee:58:e0:be:09:21:37:07:38:
11:07:dd:0c:94:7a:0f:46:c7:48:6b:f4:21:4d:ab:
b3:b5:3d:a2:e4:06:93:25:1e:10:eb:e1:79:4f:d3:
37:bc:9d:6b:d9:ea:f2:32:62:62:d6:b0:c8:6e:ba:
4d:bb:4d:6c:96:fa:93:8f:1c:86:0e:9a:8e:f8:dc:
05:6a:29:b3:3a:d0:cd:11:dc:1a:17:fd:99:16:0b:
c1:3d:7b:07:0b:f3:06:c4:9e:08:5d:7e:8b:d8:97:
d1:09:dd:e7:5d:7f:71:54:fa:47:13:9a:fb:57:9a:
5a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:85:38:63:2C:26:E3:F8:07:D2:A4:ED:B9:5B:D8:05:BA:A2:D1:59
X509v3 Authority Key Identifier:
keyid:2F:D3:79:35:3E:3C:94:8D:FD:98:DA:0A:59:E9:79:23:53:A4:D0:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L9N5NT48lI39mNoKWel5I1Ok0OM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/13288a-d928-462b-94ba-9e22561bca88/1/vIU4Yywm4_gH0qTtuVvYBbqi0Vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/13288a-d928-462b-94ba-9e22561bca88/1/L9N5NT48lI39mNoKWel5I1Ok0OM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.16.0/24
Signature Algorithm: sha256WithRSAEncryption
04:3e:e7:59:f3:2c:b2:99:66:d3:56:e4:4c:53:64:ef:a4:bf:
2f:bb:81:60:dc:a2:b9:c8:4f:e6:14:c9:6c:db:54:38:4b:0b:
21:3c:e9:b1:de:73:ef:fc:62:9b:8c:0c:1a:00:ff:f3:43:13:
02:9e:5a:b7:4d:e1:00:76:f9:ad:ac:fc:48:b3:10:bc:70:4d:
83:99:72:ab:46:09:67:6e:94:25:91:fd:05:69:e6:de:30:cd:
9c:f7:ad:be:f6:77:66:17:99:cb:fe:37:57:9e:23:c4:ff:6d:
45:fb:1d:af:d8:3a:29:77:ea:bb:65:a9:f6:59:05:87:a5:e1:
65:7b:cc:c2:6d:00:18:0a:fd:fb:c8:22:80:c1:aa:00:7c:bb:
47:35:3b:a1:2c:53:c7:12:49:c8:31:c7:94:a5:ad:2d:53:e7:
e7:38:06:0a:0a:11:53:03:b3:68:36:39:e7:05:03:1a:39:bc:
d9:8e:9a:1e:c8:41:97:05:4b:66:a5:46:75:2e:b0:2b:9b:b2:
2b:46:45:ce:c9:65:b1:11:82:ed:a4:ec:7b:21:91:43:8b:5c:
0b:7e:f8:77:e2:53:70:8b:00:6e:15:2f:56:0b:8c:e3:15:58:
fc:6f:74:35:20:a4:f8:c4:42:d2:72:59:75:24:9d:5d:2a:28:
81:a4:49:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ8FOK6fSWz8cIHsLjZ//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZDM3OTM1M2UzYzk0OGRmZDk4ZGEwYTU5ZTk3OTIzNTNh
NGQwZTMwHhcNMjUwMTAxMDU0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzg1Mzg2MzJjMjZlM2Y4MDdkMmE0ZWRiOTViZDgwNWJhYTJkMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9W8nfv9EtgSrajBtH7o68rPxqrMh
T7qLT0BzG1fQpJXEysXRIzVLiEZ3FsQR0ehpz3bhQc/fJrAZDS6XrsOIdkImUdZU
OWdCMnDSQn8/GusCspZAHlPO6X5IzPnldUtDld11DmIM7rPMAYotSPTO7eRcOmbb
JyujsquNnEatUtkorY7KlAGcqE85zyLuWOC+CSE3BzgRB90MlHoPRsdIa/QhTauz
tT2i5AaTJR4Q6+F5T9M3vJ1r2eryMmJi1rDIbrpNu01slvqTjxyGDpqO+NwFaimz
OtDNEdwaF/2ZFgvBPXsHC/MGxJ4IXX6L2JfRCd3nXX9xVPpHE5r7V5panwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLyFOGMsJuP4B9Kk7blb2AW6otFZMB8GA1UdIwQY
MBaAFC/TeTU+PJSN/ZjaClnpeSNTpNDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDlONU5UNDhsSTM5bU5vS1dlbDVJMU9rME9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8xMzI4OGEtZDkyOC00NjJiLTk0YmEt
OWUyMjU2MWJjYTg4LzEvdklVNFl5d200X2dIMHFUdHVWdllCYnFpMFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8xMzI4OGEtZDkyOC00NjJiLTk0YmEtOWUyMjU2MWJjYTg4
LzEvTDlONU5UNDhsSTM5bU5vS1dlbDVJMU9rME9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHQQMA0G
CSqGSIb3DQEBCwUAA4IBAQAEPudZ8yyymWbTVuRMU2TvpL8vu4Fg3KK5yE/mFMls
21Q4SwshPOmx3nPv/GKbjAwaAP/zQxMCnlq3TeEAdvmtrPxIsxC8cE2DmXKrRgln
bpQlkf0FaebeMM2c962+9ndmF5nL/jdXniPE/21F+x2v2Dopd+q7Zan2WQWHpeFl
e8zCbQAYCv37yCKAwaoAfLtHNTuhLFPHEknIMceUpa0tU+fnOAYKChFTA7NoNjnn
BQMaObzZjpoeyEGXBUtmpUZ1LrArm7IrRkXOyWWxEYLtpOx7IZFDi1wLfvh34lNw
iwBuFS9WC4zjFVj8b3Q1IKT4xELScll1JJ1dKiiBpEmy
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:24 2025 by rpki-client