Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/A3k5fZk7xuF62zYkvizHE75tQBY.roa
File: A3k5fZk7xuF62zYkvizHE75tQBY.roa (raw, json)
Hash identifier: YeC1S8Bz46FwAE52CakEMuBT/G06XwlqYO6uW41i7A4=
Subject key identifier: 03:79:39:7D:99:3B:C6:E1:7A:DB:36:24:BE:2C:C7:13:BE:6D:40:16
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505E11488AA0518D7AE407A07A1DA6F11
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/A3k5fZk7xuF62zYkvizHE75tQBY.roa
Signing time: Mon 12 Dec 2022 10:28:34 +0000
ROA not before: Mon 12 Dec 2022 10:28:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24866
IP address blocks: 188.162.0.0/16 maxlen: 24
178.176.229.0/24 maxlen: 24
178.176.228.0/24 maxlen: 24
178.176.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:e1:14:88:aa:05:18:d7:ae:40:7a:07:a1:da:6f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 10:28:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0379397d993bc6e17adb3624be2cc713be6d4016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:41:dd:fa:55:91:a9:86:8a:fe:ab:a5:4e:f3:
6e:e7:7c:17:dc:0b:1f:bd:c3:22:26:59:39:ec:34:
35:20:7a:f0:55:76:2a:47:76:ac:2c:99:a4:72:20:
f4:73:89:32:83:75:e8:98:8b:ef:28:63:56:7e:56:
48:4f:41:e9:4e:16:1e:9f:66:c0:a3:65:46:0d:4d:
3d:96:dc:44:ac:08:58:3d:13:4e:56:50:b3:93:a9:
b7:89:27:1a:45:84:f8:08:ae:82:76:d4:aa:da:69:
16:89:de:53:c6:f6:1c:5c:ce:58:25:f1:0f:b1:0d:
75:97:24:e3:ae:bc:2f:65:fa:a7:12:f2:95:6c:59:
f5:ca:57:b3:68:d4:5f:8b:69:12:32:5e:31:a3:63:
65:77:f6:68:d4:51:52:79:aa:1f:46:0f:db:d7:fe:
5d:a7:b5:77:a1:0a:4f:3b:8b:3b:b6:6a:40:c5:b5:
ec:d7:31:49:58:7b:1e:6f:d5:ba:68:bf:0a:55:44:
75:a2:8b:d0:4a:14:c0:75:3e:60:ba:35:99:78:07:
e6:2b:83:da:d0:ba:99:64:41:84:3a:00:e9:4e:8f:
27:7e:ad:cb:2d:1e:08:8c:a6:d4:e2:6e:47:27:16:
3a:3f:45:10:df:f2:a1:3e:c5:8a:5e:86:9d:8f:4c:
5f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:79:39:7D:99:3B:C6:E1:7A:DB:36:24:BE:2C:C7:13:BE:6D:40:16
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/A3k5fZk7xuF62zYkvizHE75tQBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.176.227.0-178.176.229.255
188.162.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:4d:e7:d2:de:dd:67:8f:82:21:15:f0:76:4c:7c:3f:68:2d:
5c:53:cf:47:84:59:4c:71:e6:b5:22:4f:51:e3:a3:f2:98:f0:
c1:fa:18:9e:69:2b:14:04:34:09:1e:d3:f5:16:c6:a8:28:2c:
1a:ca:b2:ef:a9:85:fa:1c:c2:0c:c4:e7:b0:2e:af:5a:1d:e6:
6d:c9:a5:60:53:9b:96:c6:2a:dc:6e:f3:6f:53:9c:fd:df:c8:
9a:d1:82:3e:96:26:3e:c0:c9:d3:0e:d0:dd:dc:d6:ea:2f:f8:
b4:5e:b1:35:39:da:4b:25:e6:e8:de:01:24:2d:c8:ad:60:f7:
5b:bc:48:f9:f8:5f:5e:05:25:21:3b:64:4b:bc:23:f8:b1:7b:
4e:d0:f8:13:68:da:3c:be:ce:98:2e:bb:d2:cf:81:31:3a:bd:
29:eb:df:97:0d:64:7f:cc:de:fb:78:68:97:0c:90:d6:c8:57:
db:d7:92:7a:0d:a0:50:e0:cf:91:2c:13:2f:e8:f7:2c:c8:cb:
eb:57:57:00:15:0f:7e:6a:00:94:73:8b:29:f0:5e:e2:3a:aa:
d1:9d:54:9c:c2:e7:b1:a1:09:90:4f:35:c2:bf:70:35:0a:8e:
e4:bb:fe:4d:7a:e0:c8:ad:0d:ae:94:c3:97:8b:14:19:26:30:
77:bc:30:79
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYUF4RSIqgUY165Aegeh2m8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTAyODM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzc5Mzk3ZDk5M2JjNmUxN2FkYjM2MjRiZTJjYzcxM2JlNmQ0MDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40Hd+lWRqYaK/qulTvNu53wX3Asf
vcMiJlk57DQ1IHrwVXYqR3asLJmkciD0c4kyg3XomIvvKGNWflZIT0HpThYen2bA
o2VGDU09ltxErAhYPRNOVlCzk6m3iScaRYT4CK6CdtSq2mkWid5TxvYcXM5YJfEP
sQ11lyTjrrwvZfqnEvKVbFn1ylezaNRfi2kSMl4xo2Nld/Zo1FFSeaofRg/b1/5d
p7V3oQpPO4s7tmpAxbXs1zFJWHseb9W6aL8KVUR1oovQShTAdT5gujWZeAfmK4Pa
0LqZZEGEOgDpTo8nfq3LLR4IjKbU4m5HJxY6P0UQ3/KhPsWKXoadj0xfawIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAN5OX2ZO8bhets2JL4sxxO+bUAWMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvQTNrNWZaazd4dUY2MnpZa3ZpekhFNzV0UUJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAwDBACysOMD
BAGysOQDAwC8ojANBgkqhkiG9w0BAQsFAAOCAQEALU3n0t7dZ4+CIRXwdkx8P2gt
XFPPR4RZTHHmtSJPUeOj8pjwwfoYnmkrFAQ0CR7T9RbGqCgsGsqy76mF+hzCDMTn
sC6vWh3mbcmlYFOblsYq3G7zb1Oc/d/ImtGCPpYmPsDJ0w7Q3dzW6i/4tF6xNTna
SyXm6N4BJC3IrWD3W7xI+fhfXgUlITtkS7wj+LF7TtD4E2jaPL7OmC670s+BMTq9
Kevflw1kf8ze+3holwyQ1shX29eSeg2gUODPkSwTL+j3LMjL61dXABUPfmoAlHOL
KfBe4jqq0Z1UnMLnsaEJkE81wr9wNQqO5Lv+TXrgyK0NrpTDl4sUGSYwd7wweQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:36:07 2025 by rpki-client