Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/5353ba-e520-4fb9-bd0b-a9c5eed85ba7/1/CuZieAFfwXX8uyaqskcHIzJ9fWo.roa
File: CuZieAFfwXX8uyaqskcHIzJ9fWo.roa (raw, json)
Hash identifier: pBXWN5uV+yQFyDFWsCRJrE7yKliZlwC2u5aCXtkg+Do=
Subject key identifier: 0A:E6:62:78:01:5F:C1:75:FC:BB:26:AA:B2:47:07:23:32:7D:7D:6A
Certificate issuer: /CN=41cc4f2b3621498b2b12bc93e56e6980c2c6dc88
Certificate serial: 019424B2C54B9CBDE1CAC853648EBD8C31DA
Authority key identifier: 41:CC:4F:2B:36:21:49:8B:2B:12:BC:93:E5:6E:69:80:C2:C6:DC:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QcxPKzYhSYsrEryT5W5pgMLG3Ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/5353ba-e520-4fb9-bd0b-a9c5eed85ba7/1/CuZieAFfwXX8uyaqskcHIzJ9fWo.roa
Signing time: Thu 02 Jan 2025 01:48:03 +0000
ROA not before: Thu 02 Jan 2025 01:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60893
IP address blocks: 178.211.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:c5:4b:9c:bd:e1:ca:c8:53:64:8e:bd:8c:31:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41cc4f2b3621498b2b12bc93e56e6980c2c6dc88
Validity
Not Before: Jan 2 01:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ae66278015fc175fcbb26aab2470723327d7d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f1:00:d5:4f:c1:c4:37:e1:1b:c8:45:25:96:
aa:d2:90:3b:53:42:0c:ea:7c:0a:49:4c:b7:eb:a0:
2a:a6:ca:82:ed:24:ed:3d:49:a0:fe:6f:64:b7:3a:
37:05:91:08:d3:65:b7:be:89:16:f6:39:64:7e:f7:
2f:5c:7d:5f:5c:75:5f:1e:f3:84:42:95:59:4d:7b:
43:a8:08:35:25:bc:b7:91:d8:9b:20:54:00:3c:dc:
86:9e:fd:93:9e:6e:18:26:73:4b:2b:36:07:f4:e5:
26:d3:e6:04:b7:06:c3:a6:98:19:d8:14:57:f0:3f:
aa:a0:5c:cb:ce:1d:80:57:50:dc:cd:29:75:24:d4:
20:a7:f1:e8:47:1c:39:ec:30:2a:00:b7:dc:e6:8e:
c4:01:a8:12:50:5e:88:a0:45:8d:7f:96:ae:f9:9b:
49:84:6d:26:dd:cc:cf:02:22:cb:83:f4:e8:79:16:
a8:8b:7b:41:b1:b2:17:e9:b0:f4:f4:dc:9d:34:42:
b7:16:66:6d:b0:0f:97:14:c6:31:5c:fe:d5:16:72:
fc:76:80:38:34:c8:e8:17:63:ec:03:7c:66:31:76:
bf:f7:1f:10:c8:87:a9:84:fe:b3:12:bd:90:3f:12:
52:27:ef:59:5f:ca:43:13:a2:e7:40:71:b7:45:6d:
1e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E6:62:78:01:5F:C1:75:FC:BB:26:AA:B2:47:07:23:32:7D:7D:6A
X509v3 Authority Key Identifier:
keyid:41:CC:4F:2B:36:21:49:8B:2B:12:BC:93:E5:6E:69:80:C2:C6:DC:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QcxPKzYhSYsrEryT5W5pgMLG3Ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/5353ba-e520-4fb9-bd0b-a9c5eed85ba7/1/CuZieAFfwXX8uyaqskcHIzJ9fWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/5353ba-e520-4fb9-bd0b-a9c5eed85ba7/1/QcxPKzYhSYsrEryT5W5pgMLG3Ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.138.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:74:01:88:76:db:34:20:5c:fe:94:af:65:6f:17:57:bb:7f:
62:0f:c9:1d:d9:fa:1e:00:61:4f:6b:11:e5:b3:cf:e7:c6:cb:
e3:c0:0d:fa:dc:61:f1:cc:dd:18:6f:4f:40:2b:f3:df:f1:5f:
11:7e:54:f7:73:a3:24:22:9b:2c:18:1f:06:d4:c7:8d:76:79:
12:15:ef:a9:77:46:64:e6:25:10:48:6c:34:8d:2d:4f:b3:50:
71:f0:d9:db:ea:72:59:38:2e:02:1b:ce:cd:c3:c6:68:01:a6:
8a:90:f9:5c:ed:34:89:d8:0f:6e:79:59:0f:0e:5b:77:23:aa:
e1:c7:7a:b4:0b:48:0f:79:52:da:93:ef:2d:8a:a2:53:1d:53:
39:10:33:a0:70:79:97:85:35:19:e7:60:54:e2:4a:49:dc:89:
81:fc:58:6b:c4:01:64:bc:aa:4e:2b:aa:8a:9e:a2:8a:ff:fc:
15:18:1c:8b:c4:f0:d3:f6:7a:e2:30:64:59:33:93:31:ea:70:
c8:62:88:96:58:28:24:0d:fa:3d:d9:42:22:7d:66:33:81:56:
1f:77:37:89:3c:be:13:47:ed:7b:c0:ee:2f:ed:b1:54:82:7b:
ab:c4:cd:81:b9:d4:ba:94:61:cd:f9:7f:78:25:a2:94:a7:72:
95:ff:03:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkssVLnL3hyshTZI69jDHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxY2M0ZjJiMzYyMTQ5OGIyYjEyYmM5M2U1NmU2OTgwYzJj
NmRjODgwHhcNMjUwMTAyMDE0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU2NjI3ODAxNWZjMTc1ZmNiYjI2YWFiMjQ3MDcyMzMyN2Q3ZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfEA1U/BxDfhG8hFJZaq0pA7U0IM
6nwKSUy366AqpsqC7STtPUmg/m9ktzo3BZEI02W3vokW9jlkfvcvXH1fXHVfHvOE
QpVZTXtDqAg1Jby3kdibIFQAPNyGnv2Tnm4YJnNLKzYH9OUm0+YEtwbDppgZ2BRX
8D+qoFzLzh2AV1DczSl1JNQgp/HoRxw57DAqALfc5o7EAagSUF6IoEWNf5au+ZtJ
hG0m3czPAiLLg/ToeRaoi3tBsbIX6bD09NydNEK3FmZtsA+XFMYxXP7VFnL8doA4
NMjoF2PsA3xmMXa/9x8QyIephP6zEr2QPxJSJ+9ZX8pDE6LnQHG3RW0eewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArmYngBX8F1/LsmqrJHByMyfX1qMB8GA1UdIwQY
MBaAFEHMTys2IUmLKxK8k+VuaYDCxtyIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWN4UEt6WWhTWXNyRXJ5VDVXNXBnTUxHM0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81MzUzYmEtZTUyMC00ZmI5LWJkMGIt
YTljNWVlZDg1YmE3LzEvQ3VaaWVBRmZ3WFg4dXlhcXNrY0hJeko5ZldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81MzUzYmEtZTUyMC00ZmI5LWJkMGItYTljNWVlZDg1YmE3
LzEvUWN4UEt6WWhTWXNyRXJ5VDVXNXBnTUxHM0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstOKMA0G
CSqGSIb3DQEBCwUAA4IBAQChdAGIdts0IFz+lK9lbxdXu39iD8kd2foeAGFPaxHl
s8/nxsvjwA363GHxzN0Yb09AK/Pf8V8RflT3c6MkIpssGB8G1MeNdnkSFe+pd0Zk
5iUQSGw0jS1Ps1Bx8Nnb6nJZOC4CG87Nw8ZoAaaKkPlc7TSJ2A9ueVkPDlt3I6rh
x3q0C0gPeVLak+8tiqJTHVM5EDOgcHmXhTUZ52BU4kpJ3ImB/FhrxAFkvKpOK6qK
nqKK//wVGByLxPDT9nriMGRZM5Mx6nDIYoiWWCgkDfo92UIifWYzgVYfdzeJPL4T
R+17wO4v7bFUgnurxM2BudS6lGHN+X94JaKUp3KV/wNO
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:01 2025 by rpki-client