Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/IjEV5DxVXeEhDo12yNj9YkU8lus.roa
File: IjEV5DxVXeEhDo12yNj9YkU8lus.roa (raw, json)
Hash identifier: qSj3emrgw98lFk/kPVZFpQnJX3IfSREG9mCt1rQS63k=
Subject key identifier: 22:31:15:E4:3C:55:5D:E1:21:0E:8D:76:C8:D8:FD:62:45:3C:96:EB
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D7282A1710E5A4A4546BA2DFB5DCAB
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/IjEV5DxVXeEhDo12yNj9YkU8lus.roa
Signing time: Wed 01 Jan 2025 21:48:10 +0000
ROA not before: Wed 01 Jan 2025 21:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209657
IP address blocks: 176.118.196.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:28:2a:17:10:e5:a4:a4:54:6b:a2:df:b5:dc:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=223115e43c555de1210e8d76c8d8fd62453c96eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a6:ad:68:be:26:18:3f:ca:9e:ee:6b:de:29:
8e:02:3b:0e:e6:86:13:e4:51:7e:a8:a6:58:c4:ee:
d3:55:6c:73:49:ab:d8:ce:58:99:0c:72:ff:f0:41:
a8:81:eb:0f:d7:5f:ef:43:6d:89:5f:4f:3e:31:cb:
22:2e:40:18:82:94:6b:71:7e:68:b9:a2:91:bc:c1:
5d:b3:e0:7b:78:1e:ea:5b:07:80:93:c4:c1:0b:08:
9b:14:fb:d9:d9:26:a9:38:4a:a8:9b:04:19:61:f7:
f9:66:fc:9c:50:11:27:75:68:6f:0e:40:8c:e4:ac:
58:9d:9c:ab:39:cb:8a:4d:e1:46:47:be:6a:d0:b3:
ef:d2:df:73:d2:7c:94:96:8c:06:09:84:05:de:ce:
b8:90:3a:ea:80:47:61:9b:13:e6:0c:3d:52:34:04:
fa:da:58:c9:70:ef:78:70:db:26:f5:c9:16:cf:58:
ce:3f:6b:6a:8c:57:95:0f:f7:09:46:cc:cc:2a:02:
c4:fa:57:3c:d4:70:9c:9f:14:4e:65:9c:8e:c6:50:
57:4f:2e:69:99:01:1e:f2:e0:49:96:f0:88:60:f8:
e2:2a:10:c8:2e:11:5b:00:2d:ad:f0:ed:9e:b6:0c:
57:dd:b5:28:62:44:9b:10:47:66:ab:c1:0c:36:ab:
26:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:31:15:E4:3C:55:5D:E1:21:0E:8D:76:C8:D8:FD:62:45:3C:96:EB
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/IjEV5DxVXeEhDo12yNj9YkU8lus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.196.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:b4:fd:f4:3c:74:94:5d:e1:a8:a0:05:56:fd:0a:44:6f:1a:
c6:82:bc:02:29:a5:71:ff:8f:74:9d:2f:83:a0:72:ba:47:30:
d6:80:ed:80:30:2b:b9:a5:ae:1f:2e:db:32:91:28:eb:2d:23:
2f:e1:e5:58:4b:2c:81:2e:99:9d:4d:2f:ed:5e:a5:00:70:53:
bc:8e:e2:da:6d:d0:48:3a:32:2e:c4:70:ff:46:72:1a:a7:4c:
9e:79:73:6e:2f:99:2e:a2:69:09:32:22:6f:b0:25:09:c6:c9:
95:22:54:b1:98:72:66:10:3a:53:08:f8:bc:95:a3:4c:d5:b9:
b5:72:57:f1:f0:2a:b3:be:1c:ba:49:c4:ef:94:05:6e:00:52:
90:4a:f5:a7:ae:ad:c0:c1:fe:be:46:21:67:7c:ad:90:82:2e:
ed:7b:fe:3e:b8:b2:54:42:45:c1:af:d6:38:e0:3c:4b:cb:3e:
b7:15:9a:16:a0:6c:b9:55:5c:b3:2b:d9:54:08:4e:73:7b:aa:
d5:d3:21:9e:25:54:4e:1b:ae:54:2a:71:01:c4:86:56:2f:f7:
a3:34:16:5b:f8:db:e9:3b:bb:ff:40:0c:b3:51:c3:2b:5c:10:
16:b1:99:31:70:73:3f:00:ea:35:c8:c6:2e:3e:13:fa:60:49:
73:b0:60:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1ygqFxDlpKRUa6LftdyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjMxMTVlNDNjNTU1ZGUxMjEwZThkNzZjOGQ4ZmQ2MjQ1M2M5NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qataL4mGD/Knu5r3imOAjsO5oYT
5FF+qKZYxO7TVWxzSavYzliZDHL/8EGogesP11/vQ22JX08+McsiLkAYgpRrcX5o
uaKRvMFds+B7eB7qWweAk8TBCwibFPvZ2SapOEqomwQZYff5ZvycUBEndWhvDkCM
5KxYnZyrOcuKTeFGR75q0LPv0t9z0nyUlowGCYQF3s64kDrqgEdhmxPmDD1SNAT6
2ljJcO94cNsm9ckWz1jOP2tqjFeVD/cJRszMKgLE+lc81HCcnxROZZyOxlBXTy5p
mQEe8uBJlvCIYPjiKhDILhFbAC2t8O2etgxX3bUoYkSbEEdmq8EMNqsmrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIxFeQ8VV3hIQ6NdsjY/WJFPJbrMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSWpFVjVEeFZYZUVoRG8xMnlOajlZa1U4bHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHbEMA0G
CSqGSIb3DQEBCwUAA4IBAQDAtP30PHSUXeGooAVW/QpEbxrGgrwCKaVx/490nS+D
oHK6RzDWgO2AMCu5pa4fLtsykSjrLSMv4eVYSyyBLpmdTS/tXqUAcFO8juLabdBI
OjIuxHD/RnIap0yeeXNuL5kuomkJMiJvsCUJxsmVIlSxmHJmEDpTCPi8laNM1bm1
clfx8Cqzvhy6ScTvlAVuAFKQSvWnrq3Awf6+RiFnfK2Qgi7te/4+uLJUQkXBr9Y4
4DxLyz63FZoWoGy5VVyzK9lUCE5ze6rV0yGeJVROG65UKnEBxIZWL/ejNBZb+Nvp
O7v/QAyzUcMrXBAWsZkxcHM/AOo1yMYuPhP6YElzsGDm
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:51:50 2025 by rpki-client