Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/tI-GKFc0qGcnAyfM5WPusUwxxbA.roa
File: tI-GKFc0qGcnAyfM5WPusUwxxbA.roa (raw, json)
Hash identifier: onLkc8xMRR6MFhUp25Ssoxi+xK2dUhIn4RX88GLpjSs=
Subject key identifier: B4:8F:86:28:57:34:A8:67:27:03:27:CC:E5:63:EE:B1:4C:31:C5:B0
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64B5B48CDB031CFE5F0BA68C1D4584
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/tI-GKFc0qGcnAyfM5WPusUwxxbA.roa
Signing time: Thu 09 Jan 2025 09:28:21 +0000
ROA not before: Thu 09 Jan 2025 09:28:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60168
IP address blocks: 78.128.93.0/24 maxlen: 24
78.128.95.0/24 maxlen: 24
79.124.68.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:b5:b4:8c:db:03:1c:fe:5f:0b:a6:8c:1d:45:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b48f86285734a867270327cce563eeb14c31c5b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d0:5f:9e:c6:a0:f3:59:c2:19:77:ea:54:7c:
a0:49:ee:95:80:19:71:ea:a6:24:f4:19:83:04:13:
c3:46:b0:12:4f:13:27:fa:64:c2:17:61:3b:99:3d:
d0:74:6b:e2:66:82:8c:52:2a:8b:01:7f:84:58:b4:
a3:10:11:d6:02:fb:ac:91:72:c6:83:02:5e:f8:37:
9d:f2:dd:13:fe:f6:87:27:c1:9c:cf:08:64:59:f5:
22:9a:d5:47:34:f7:fa:a9:f7:1b:f2:88:77:c3:0b:
4f:36:4c:43:62:8f:7b:5e:f3:a1:5d:43:c0:ef:27:
27:0d:b6:b4:51:2d:35:45:fa:81:96:5d:73:3b:f2:
04:c7:6a:20:e7:6a:49:51:a9:0c:c8:15:81:21:51:
d8:d8:09:e8:27:b2:96:af:ce:37:9f:20:fe:17:6d:
49:c7:1c:31:0e:bd:22:dc:8c:2a:f2:a0:85:0d:56:
d5:17:54:d5:8c:bd:f4:dc:cf:63:43:d7:41:b9:ad:
df:3f:c1:ea:55:3b:fc:03:2b:60:d6:e2:05:26:e0:
93:b1:43:47:1e:c7:57:1b:33:a4:67:1b:a6:13:45:
51:2f:7c:ba:08:bb:ca:d5:60:c7:75:1c:92:d9:ab:
68:17:c9:88:aa:b3:8e:fb:8d:23:51:de:54:d2:bf:
e2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:8F:86:28:57:34:A8:67:27:03:27:CC:E5:63:EE:B1:4C:31:C5:B0
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/tI-GKFc0qGcnAyfM5WPusUwxxbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.128.93.0/24
78.128.95.0/24
79.124.68.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:59:c4:c1:4f:45:6c:61:36:14:01:e8:86:25:13:be:f0:d0:
e2:6a:6f:80:f2:66:d2:65:65:5a:99:04:81:d0:6d:a1:f5:8b:
31:01:87:85:dd:ac:c7:d5:a7:25:8c:70:5f:8f:75:85:e1:20:
20:19:14:8a:e3:12:51:8d:3c:0d:ee:57:28:38:fa:c5:36:6b:
12:ca:36:fd:29:b4:4c:92:6b:69:4a:47:ef:2d:09:2b:71:19:
f3:6d:3f:c4:c2:c2:5f:d2:80:cd:aa:a9:ca:62:40:aa:33:aa:
8e:b6:56:5f:fb:96:21:5f:c0:4d:d7:54:9e:0a:65:0f:0e:b3:
bc:9e:9d:c9:a6:03:10:98:ba:cb:34:7d:2b:cf:05:de:c9:66:
d2:a5:ea:70:0d:a0:07:7f:c3:55:00:d2:42:0d:f4:2b:79:e9:
f3:d0:a0:a1:43:40:f2:3e:3e:c0:5e:5e:57:57:dc:d3:3e:dc:
e3:f0:ff:2b:f0:17:9c:6a:4f:d0:17:b6:a9:c4:38:f5:97:0c:
2e:f8:62:a7:dc:5e:ac:f6:0b:f0:19:9d:e9:0a:5e:07:3f:01:
a4:47:20:79:ec:c5:14:dc:8e:be:ed:27:8c:e1:c1:6e:5e:90:
cc:ab:ec:35:18:8c:a0:ed:86:9e:d4:ba:d6:5c:57:2d:52:e2:
9d:55:5c:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRKZLW0jNsDHP5fC6aMHUWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDhmODYyODU3MzRhODY3MjcwMzI3Y2NlNTYzZWViMTRjMzFjNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidBfnsag81nCGXfqVHygSe6VgBlx
6qYk9BmDBBPDRrASTxMn+mTCF2E7mT3QdGviZoKMUiqLAX+EWLSjEBHWAvuskXLG
gwJe+Ded8t0T/vaHJ8GczwhkWfUimtVHNPf6qfcb8oh3wwtPNkxDYo97XvOhXUPA
7ycnDba0US01RfqBll1zO/IEx2og52pJUakMyBWBIVHY2AnoJ7KWr843nyD+F21J
xxwxDr0i3Iwq8qCFDVbVF1TVjL303M9jQ9dBua3fP8HqVTv8Aytg1uIFJuCTsUNH
HsdXGzOkZxumE0VRL3y6CLvK1WDHdRyS2atoF8mIqrOO+40jUd5U0r/iwwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLSPhihXNKhnJwMnzOVj7rFMMcWwMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvdEktR0tGYzBxR2NuQXlmTTVXUHVzVXd4eGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAToBdAwQA
ToBfAwQCT3xEMA0GCSqGSIb3DQEBCwUAA4IBAQCsWcTBT0VsYTYUAeiGJRO+8NDi
am+A8mbSZWVamQSB0G2h9YsxAYeF3azH1acljHBfj3WF4SAgGRSK4xJRjTwN7lco
OPrFNmsSyjb9KbRMkmtpSkfvLQkrcRnzbT/EwsJf0oDNqqnKYkCqM6qOtlZf+5Yh
X8BN11SeCmUPDrO8np3JpgMQmLrLNH0rzwXeyWbSpepwDaAHf8NVANJCDfQreenz
0KChQ0DyPj7AXl5XV9zTPtzj8P8r8Becak/QF7apxDj1lwwu+GKn3F6s9gvwGZ3p
Cl4HPwGkRyB57MUU3I6+7SeM4cFuXpDMq+w1GIyg7Yae1LrWXFctUuKdVVxW
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:54:26 2025 by rpki-client