Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/vFgDYnepxI7TvfGV6FzPKmhUHQM.roa
File: vFgDYnepxI7TvfGV6FzPKmhUHQM.roa (raw, json)
Hash identifier: w7XB4zIj6UODvBKhELBlGqaUnKLSAcpnc/FJJk/7A88=
Subject key identifier: BC:58:03:62:77:A9:C4:8E:D3:BD:F1:95:E8:5C:CF:2A:68:54:1D:03
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64C4A407EA5EA8230985CD7F4A714C
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/vFgDYnepxI7TvfGV6FzPKmhUHQM.roa
Signing time: Thu 09 Jan 2025 09:28:25 +0000
ROA not before: Thu 09 Jan 2025 09:28:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209160
IP address blocks: 78.128.113.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:c4:a4:07:ea:5e:a8:23:09:85:cd:7f:4a:71:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc58036277a9c48ed3bdf195e85ccf2a68541d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8e:ac:58:b0:56:9a:ad:94:a8:3a:a7:25:0a:
ca:47:06:f1:b3:3c:0c:2b:8b:28:14:d4:5d:5e:87:
3b:ca:a6:2d:37:a0:a5:54:ab:26:2b:28:07:bd:de:
a3:32:09:11:22:6f:95:88:29:26:14:3e:77:02:28:
06:c8:fb:e0:99:08:26:15:cf:cd:31:06:25:14:57:
43:29:ff:e5:51:dc:78:1c:d3:8a:8d:39:a0:e1:7c:
a1:0f:0e:ba:ff:71:7a:fb:b7:b5:b7:f6:21:42:2c:
34:f0:78:12:ed:5c:d6:f9:1a:1e:f2:4e:84:c3:bb:
10:6f:31:6f:b8:ba:b0:6e:e1:5f:6a:a9:f3:fd:35:
91:c1:f0:11:54:75:a0:e5:4e:5a:f6:bf:ed:96:cd:
92:89:f9:8c:27:37:62:43:6b:64:84:84:01:58:ae:
a1:82:c0:ec:23:d5:18:c2:86:f5:d4:19:d8:29:dd:
85:fa:0c:1d:e8:64:da:a1:09:5f:c9:1d:97:f8:e9:
b6:20:49:9c:3e:a0:89:0a:bd:78:b0:7f:09:5e:2e:
6a:d2:63:42:4c:74:33:3c:e5:a9:98:95:c5:b5:c9:
36:8a:ee:d6:89:dc:cd:2f:6a:60:25:2c:50:e4:98:
8a:73:72:29:04:2b:58:ee:cf:04:0e:2b:89:36:bf:
b6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:58:03:62:77:A9:C4:8E:D3:BD:F1:95:E8:5C:CF:2A:68:54:1D:03
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/vFgDYnepxI7TvfGV6FzPKmhUHQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.128.113.0/24
Signature Algorithm: sha256WithRSAEncryption
32:33:c2:db:75:62:4c:c2:33:2d:bd:c5:4f:f6:2c:01:55:10:
e5:aa:85:07:30:73:37:d4:80:6e:dc:f5:ff:67:9d:45:ee:fa:
27:10:db:63:aa:bc:f2:97:64:65:fe:cc:7f:41:97:ff:85:49:
94:d4:f7:15:59:5e:e7:f8:85:2b:12:ad:05:49:16:ef:df:91:
33:c9:1f:36:5b:08:2f:d6:51:14:72:01:5c:74:3c:87:85:8b:
2e:7a:92:79:a9:31:db:2f:01:72:cd:36:70:e0:c0:f7:1a:34:
14:76:c6:c9:dd:69:ef:d4:9b:3d:c3:d8:62:e0:da:19:be:97:
d4:f2:5f:4d:e3:69:46:98:88:59:38:e5:42:90:5e:de:1f:13:
4b:36:97:95:18:24:e7:86:20:d7:2a:39:92:36:ea:5e:5d:fe:
5c:7f:c2:3a:4b:ac:6e:aa:e2:aa:34:2f:4c:7b:b0:9a:25:ee:
ba:72:a6:d6:b9:b6:41:c6:0b:50:55:2a:26:f5:3f:3c:d1:33:
d0:d6:a1:cc:dd:3e:25:6d:2c:24:49:52:8c:51:00:ab:9a:43:
20:59:6d:46:90:d9:43:d1:d7:e3:61:22:a0:26:2f:92:93:57:
83:61:03:26:7b:6e:23:0f:6f:39:6a:15:87:8f:b3:38:f8:20:
65:fa:ba:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRKZMSkB+peqCMJhc1/SnFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzU4MDM2Mjc3YTljNDhlZDNiZGYxOTVlODVjY2YyYTY4NTQxZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr46sWLBWmq2UqDqnJQrKRwbxszwM
K4soFNRdXoc7yqYtN6ClVKsmKygHvd6jMgkRIm+ViCkmFD53AigGyPvgmQgmFc/N
MQYlFFdDKf/lUdx4HNOKjTmg4XyhDw66/3F6+7e1t/YhQiw08HgS7VzW+Roe8k6E
w7sQbzFvuLqwbuFfaqnz/TWRwfARVHWg5U5a9r/tls2SifmMJzdiQ2tkhIQBWK6h
gsDsI9UYwob11BnYKd2F+gwd6GTaoQlfyR2X+Om2IEmcPqCJCr14sH8JXi5q0mNC
THQzPOWpmJXFtck2iu7WidzNL2pgJSxQ5JiKc3IpBCtY7s8EDiuJNr+2EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLxYA2J3qcSO073xlehczypoVB0DMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvdkZnRFluZXB4STdUdmZHVjZGelBLbWhVSFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAToBxMA0G
CSqGSIb3DQEBCwUAA4IBAQAyM8LbdWJMwjMtvcVP9iwBVRDlqoUHMHM31IBu3PX/
Z51F7vonENtjqrzyl2Rl/sx/QZf/hUmU1PcVWV7n+IUrEq0FSRbv35EzyR82Wwgv
1lEUcgFcdDyHhYsuepJ5qTHbLwFyzTZw4MD3GjQUdsbJ3Wnv1Js9w9hi4NoZvpfU
8l9N42lGmIhZOOVCkF7eHxNLNpeVGCTnhiDXKjmSNupeXf5cf8I6S6xuquKqNC9M
e7CaJe66cqbWubZBxgtQVSom9T880TPQ1qHM3T4lbSwkSVKMUQCrmkMgWW1GkNlD
0dfjYSKgJi+Sk1eDYQMme24jD285ahWHj7M4+CBl+rrT
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:29:43 2025 by rpki-client