Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/eznu2Fem8RjruQG_sIAcpJ1U-kc.roa
File: eznu2Fem8RjruQG_sIAcpJ1U-kc.roa (raw, json)
Hash identifier: dfwMs4TEX6QB36UycDExtNC5BAEKzqi0QvSQVdjONUg=
Subject key identifier: 7B:39:EE:D8:57:A6:F1:18:EB:B9:01:BF:B0:80:1C:A4:9D:54:FA:47
Certificate issuer: /CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
Certificate serial: 019425FC1A46458B493449227A3D9C639DA9
Authority key identifier: 2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/eznu2Fem8RjruQG_sIAcpJ1U-kc.roa
Signing time: Thu 02 Jan 2025 07:47:46 +0000
ROA not before: Thu 02 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6697
IP address blocks: 178.159.240.0/21 maxlen: 21
2a0c:b1c2::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:1a:46:45:8b:49:34:49:22:7a:3d:9c:63:9d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
Validity
Not Before: Jan 2 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b39eed857a6f118ebb901bfb0801ca49d54fa47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:38:e7:61:1c:83:6b:1e:04:b0:d0:80:e3:15:
23:de:c5:e8:b2:04:93:d2:0b:c5:52:9c:56:89:08:
ab:f1:70:ef:25:52:aa:a9:de:ae:42:fa:a5:91:c8:
3c:15:39:04:ff:96:9e:9d:59:cd:b9:70:bc:a9:4d:
78:2b:16:1c:f6:7d:7f:d5:4a:10:3c:bc:42:73:bc:
f7:bf:ad:08:03:78:f0:57:88:51:a3:c5:ea:06:37:
1b:2f:c9:a9:36:8e:dd:71:f1:0c:9f:07:62:3e:d4:
fc:90:b0:7d:29:be:16:25:39:e4:8c:bc:92:69:95:
a5:8e:ed:91:df:3f:29:2a:a4:df:f3:cb:4e:48:b9:
44:e9:97:0c:c7:09:58:77:96:c5:6b:60:e3:c8:bf:
a5:8a:bd:51:a4:7d:2f:ad:e4:5b:40:54:1a:ab:e9:
39:09:b3:3d:2a:52:12:b8:93:fe:e8:a1:35:81:f9:
2a:b8:af:d4:44:c5:41:cc:a0:c2:f1:39:5e:78:6d:
96:d8:f7:f7:78:62:13:e3:da:27:43:4f:51:a4:4b:
2f:a7:31:8e:c2:4b:0d:61:da:72:83:04:4d:4d:b4:
6d:63:d6:b3:78:a3:18:8a:14:b6:38:92:d9:03:44:
f6:6e:6d:f1:eb:b5:14:ce:72:72:0e:b0:3c:7f:10:
0d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:39:EE:D8:57:A6:F1:18:EB:B9:01:BF:B0:80:1C:A4:9D:54:FA:47
X509v3 Authority Key Identifier:
keyid:2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/eznu2Fem8RjruQG_sIAcpJ1U-kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/K577WHjTs2NNwcy5CsSOC4nRyHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.159.240.0/21
IPv6:
2a0c:b1c2::/32
Signature Algorithm: sha256WithRSAEncryption
5e:56:a5:f1:84:ea:c5:96:95:fa:58:1f:6f:68:7e:04:5f:6f:
ae:e4:3d:b0:11:5e:33:13:49:d0:96:55:cb:89:f0:a1:20:f9:
ea:c8:65:ad:6e:ab:a3:76:f7:64:1b:58:ae:85:57:d9:8f:fc:
93:8b:3c:d0:e8:25:c6:57:c0:ae:be:58:20:ca:2b:ba:b6:4d:
f2:fb:f7:52:17:96:d7:91:ee:cf:a9:43:3f:a1:77:49:7f:c5:
27:ae:39:b9:73:29:c6:03:07:37:c9:d2:de:6e:47:51:0a:15:
5e:75:d8:d3:8e:85:bc:b3:e6:93:61:6f:eb:84:60:88:61:e5:
98:47:12:be:02:78:ab:60:97:08:38:46:d3:7a:c1:7f:d1:49:
41:5a:56:2d:04:b1:a4:66:6c:48:76:da:a9:19:52:3f:94:ea:
ed:fe:9a:99:b6:a4:f6:65:80:d4:6d:12:8e:c6:e2:e0:dd:af:
1a:05:d4:a7:c0:7f:e5:9b:98:d0:17:eb:c3:21:2b:71:4b:61:
44:d0:24:bc:da:42:a7:ef:81:76:cc:33:ad:5a:90:d7:2e:76:
9a:02:80:7e:fb:bb:e8:a3:b4:64:c3:d9:bc:47:87:9e:c6:02:
70:4a:08:51:f4:48:42:0d:a0:29:ef:c1:a4:77:53:c5:b1:ee:
17:e8:b8:3c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQl/BpGRYtJNEkiej2cY52pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOWVmYjU4NzhkM2IzNjM0ZGMxY2NiOTBhYzQ4ZTBiODlk
MWM4NzkwHhcNMjUwMTAyMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjM5ZWVkODU3YTZmMTE4ZWJiOTAxYmZiMDgwMWNhNDlkNTRmYTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjjnYRyDax4EsNCA4xUj3sXosgST
0gvFUpxWiQir8XDvJVKqqd6uQvqlkcg8FTkE/5aenVnNuXC8qU14KxYc9n1/1UoQ
PLxCc7z3v60IA3jwV4hRo8XqBjcbL8mpNo7dcfEMnwdiPtT8kLB9Kb4WJTnkjLyS
aZWlju2R3z8pKqTf88tOSLlE6ZcMxwlYd5bFa2DjyL+lir1RpH0vreRbQFQaq+k5
CbM9KlISuJP+6KE1gfkquK/URMVBzKDC8TleeG2W2Pf3eGIT49onQ09RpEsvpzGO
wksNYdpygwRNTbRtY9azeKMYihS2OJLZA0T2bm3x67UUznJyDrA8fxANTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHs57thXpvEY67kBv7CAHKSdVPpHMB8GA1UdIwQY
MBaAFCue+1h407NjTcHMuQrEjguJ0ch5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzU3N1dIalRzMk5Od2N5NUNzU09DNG5SeUhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kMDM2MDgtM2M2Ny00MjNkLWIxOGQt
NGJjZDNkNTg0NjNhLzEvZXpudTJGZW04UmpydVFHX3NJQWNwSjFVLWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kMDM2MDgtM2M2Ny00MjNkLWIxOGQtNGJjZDNkNTg0NjNh
LzEvSzU3N1dIalRzMk5Od2N5NUNzU09DNG5SeUhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDsp/wMA0E
AgACMAcDBQAqDLHCMA0GCSqGSIb3DQEBCwUAA4IBAQBeVqXxhOrFlpX6WB9vaH4E
X2+u5D2wEV4zE0nQllXLifChIPnqyGWtbqujdvdkG1iuhVfZj/yTizzQ6CXGV8Cu
vlggyiu6tk3y+/dSF5bXke7PqUM/oXdJf8Unrjm5cynGAwc3ydLebkdRChVeddjT
joW8s+aTYW/rhGCIYeWYRxK+AnirYJcIOEbTesF/0UlBWlYtBLGkZmxIdtqpGVI/
lOrt/pqZtqT2ZYDUbRKOxuLg3a8aBdSnwH/lm5jQF+vDIStxS2FE0CS82kKn74F2
zDOtWpDXLnaaAoB++7voo7Rkw9m8R4eexgJwSghR9EhCDaAp78Gkd1PFse4X6Lg8
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:31 2025 by rpki-client