Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/O9aaBKIbsI9Fl14QE_5gXVc466M.roa
File: O9aaBKIbsI9Fl14QE_5gXVc466M.roa (raw, json)
Hash identifier: puorrULFQyq1rYKB90/Z0cb3hO3gtJLM6Iwr9QOTt/I=
Subject key identifier: 3B:D6:9A:04:A2:1B:B0:8F:45:97:5E:10:13:FE:60:5D:57:38:EB:A3
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D7612DAF40F9A0FAAA07CC427B65D2
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/O9aaBKIbsI9Fl14QE_5gXVc466M.roa
Signing time: Wed 01 Jan 2025 21:48:25 +0000
ROA not before: Wed 01 Jan 2025 21:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47447
IP address blocks: 178.251.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:61:2d:af:40:f9:a0:fa:aa:07:cc:42:7b:65:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bd69a04a21bb08f45975e1013fe605d5738eba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8b:d5:ee:e0:dd:40:28:84:b2:0b:b7:b8:da:
e6:73:88:8e:7a:e8:a5:d3:c5:91:c4:35:51:a3:2c:
a8:99:14:b4:3f:27:85:2f:f0:2d:b9:44:8a:89:c9:
49:31:40:e4:e8:ef:c6:26:03:57:41:c6:60:cd:f3:
ba:0e:2b:35:10:93:24:5b:2a:53:36:8d:60:2e:6a:
d0:9c:a2:e6:a5:54:70:de:f7:63:8b:d8:28:b1:16:
4f:14:df:e1:f7:07:38:40:70:a9:af:02:57:19:d0:
15:93:6d:04:e7:fd:7d:ec:cb:e1:bc:cd:9f:d8:79:
fb:f4:0f:02:3f:dd:ee:61:0b:98:82:c6:7c:40:e8:
5a:7d:d9:a8:d2:2a:25:be:4b:1d:49:2c:c5:93:58:
d1:87:bf:a4:f8:28:9f:54:77:63:fc:d5:71:21:c9:
34:e3:5c:01:f9:97:a9:ae:90:4c:1b:bf:e7:15:60:
91:d4:d6:c4:65:99:66:10:7f:e7:e6:5f:d5:08:88:
02:fb:4e:b2:b2:6e:fd:1e:24:bb:32:ab:65:15:6a:
29:ce:7a:39:6e:ad:03:0c:c4:bb:87:f9:a6:1b:78:
3f:c4:50:fd:7c:28:4d:0e:86:e6:f0:16:96:26:cf:
e9:e6:93:5c:4e:a4:7f:ec:e0:e0:d2:03:45:9d:51:
79:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D6:9A:04:A2:1B:B0:8F:45:97:5E:10:13:FE:60:5D:57:38:EB:A3
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/O9aaBKIbsI9Fl14QE_5gXVc466M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.228.0/24
Signature Algorithm: sha256WithRSAEncryption
92:42:24:ec:eb:88:ea:12:f6:d6:01:48:2c:e9:4c:d1:4d:83:
33:71:72:24:1e:13:51:82:96:00:c5:de:00:6f:70:39:80:62:
ab:b4:2b:32:7d:c4:da:0b:54:f6:c4:78:13:a8:e2:a9:83:66:
31:58:5a:c4:96:fe:2e:74:99:db:b5:04:8c:f6:79:09:25:c3:
04:09:20:0a:fa:9f:72:5b:cf:be:1d:f7:71:a7:9a:dd:2d:40:
e8:18:2e:7f:16:78:5b:3a:e4:dd:2b:28:82:d1:6f:a3:36:82:
2d:b0:d3:be:02:b8:ab:6b:b8:cd:86:e4:88:35:08:e6:cf:f5:
6a:95:5e:3e:30:f2:5a:35:09:c6:ca:29:74:33:8d:d5:a5:78:
35:42:79:eb:08:22:b1:2f:00:58:4e:b7:4e:26:88:4a:1a:cb:
9e:11:14:2a:77:60:94:d1:34:f0:88:78:d5:c0:fd:fe:63:30:
77:82:56:37:21:f0:1d:45:30:2e:23:81:02:36:fb:1d:24:f3:
f2:d1:13:98:53:92:40:8c:16:05:fa:59:00:cd:01:d3:c0:9a:
59:3f:2a:01:9e:91:84:ff:d3:f6:d4:d3:7f:76:f2:d7:6a:c8:
49:ba:6f:15:d9:54:dd:18:b3:f3:2a:76:2a:b6:a6:2d:2e:80:
dc:7d:71:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj12Etr0D5oPqqB8xCe2XSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ2OWEwNGEyMWJiMDhmNDU5NzVlMTAxM2ZlNjA1ZDU3MzhlYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApovV7uDdQCiEsgu3uNrmc4iOeuil
08WRxDVRoyyomRS0PyeFL/AtuUSKiclJMUDk6O/GJgNXQcZgzfO6Dis1EJMkWypT
No1gLmrQnKLmpVRw3vdji9gosRZPFN/h9wc4QHCprwJXGdAVk20E5/197MvhvM2f
2Hn79A8CP93uYQuYgsZ8QOhafdmo0iolvksdSSzFk1jRh7+k+CifVHdj/NVxIck0
41wB+ZeprpBMG7/nFWCR1NbEZZlmEH/n5l/VCIgC+06ysm79HiS7MqtlFWopzno5
bq0DDMS7h/mmG3g/xFD9fChNDobm8BaWJs/p5pNcTqR/7ODg0gNFnVF5sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvWmgSiG7CPRZdeEBP+YF1XOOujMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvTzlhYUJLSWJzSTlGbDE0UUVfNWdYVmM0NjZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvvkMA0G
CSqGSIb3DQEBCwUAA4IBAQCSQiTs64jqEvbWAUgs6UzRTYMzcXIkHhNRgpYAxd4A
b3A5gGKrtCsyfcTaC1T2xHgTqOKpg2YxWFrElv4udJnbtQSM9nkJJcMECSAK+p9y
W8++Hfdxp5rdLUDoGC5/FnhbOuTdKyiC0W+jNoItsNO+Arira7jNhuSINQjmz/Vq
lV4+MPJaNQnGyil0M43VpXg1QnnrCCKxLwBYTrdOJohKGsueERQqd2CU0TTwiHjV
wP3+YzB3glY3IfAdRTAuI4ECNvsdJPPy0ROYU5JAjBYF+lkAzQHTwJpZPyoBnpGE
/9P21NN/dvLXashJum8V2VTdGLPzKnYqtqYtLoDcfXEL
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:19:55 2025 by rpki-client