Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a56c12-db7a-4220-9b15-1c2b842d22be/1/ofG1VLRjjYIcZfzAaNigWWgyFxw.roa
File: ofG1VLRjjYIcZfzAaNigWWgyFxw.roa (raw, json)
Hash identifier: ZHICR+Axb4b3KRXOcmZzuP26q8FUw656ivJ0mJFMsoE=
Subject key identifier: A1:F1:B5:54:B4:63:8D:82:1C:65:FC:C0:68:D8:A0:59:68:32:17:1C
Certificate issuer: /CN=29da6411a13264dc6de0f101108540ef741ed19a
Certificate serial: 01942522083C883642F01ACF480B3CAB7581
Authority key identifier: 29:DA:64:11:A1:32:64:DC:6D:E0:F1:01:10:85:40:EF:74:1E:D1:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdpkEaEyZNxt4PEBEIVA73Qe0Zo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a56c12-db7a-4220-9b15-1c2b842d22be/1/ofG1VLRjjYIcZfzAaNigWWgyFxw.roa
Signing time: Thu 02 Jan 2025 03:49:34 +0000
ROA not before: Thu 02 Jan 2025 03:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197233
IP address blocks: 178.212.168.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:08:3c:88:36:42:f0:1a:cf:48:0b:3c:ab:75:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29da6411a13264dc6de0f101108540ef741ed19a
Validity
Not Before: Jan 2 03:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1f1b554b4638d821c65fcc068d8a0596832171c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ac:f5:eb:7d:da:de:95:c4:0c:36:95:b8:87:
e2:d4:d4:86:3f:dd:1d:07:1e:89:45:71:9f:8d:d9:
cd:ef:0f:d6:95:0e:b3:ed:ef:5b:6f:6d:4d:32:83:
10:bd:34:f6:f1:d1:1d:5a:21:59:35:a6:94:a3:6b:
0f:60:ea:5c:87:3d:b1:c2:4c:e1:51:06:c9:a2:4a:
b3:3e:1f:61:66:d3:83:44:5e:ec:90:e8:df:12:68:
46:1c:f1:58:77:7c:8b:d4:57:50:25:c9:84:69:15:
5b:90:61:38:bd:e3:30:1a:a2:64:8b:89:e3:8a:04:
47:5f:0b:b3:2b:60:e0:8b:6c:4d:4f:3d:35:4a:a5:
7a:b2:ef:1f:07:98:03:dd:87:33:da:4b:4b:c7:be:
aa:2b:35:96:ee:d5:7e:71:d7:ae:2f:e8:1e:bb:96:
09:f1:58:34:a6:bc:05:40:2d:ad:b2:23:c9:7c:1e:
f1:41:e9:64:a9:12:1e:94:45:02:3d:12:e3:3a:53:
10:eb:4a:5c:77:a2:a7:af:1d:47:fd:02:1f:f6:83:
f8:52:39:4e:34:ad:7a:d2:54:b8:14:70:1f:b9:6f:
fb:02:7d:3e:21:72:72:f1:9d:01:bb:54:05:fd:a9:
df:1a:e1:05:a2:1c:9a:09:45:cd:8b:e2:8f:1a:cf:
d6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F1:B5:54:B4:63:8D:82:1C:65:FC:C0:68:D8:A0:59:68:32:17:1C
X509v3 Authority Key Identifier:
keyid:29:DA:64:11:A1:32:64:DC:6D:E0:F1:01:10:85:40:EF:74:1E:D1:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdpkEaEyZNxt4PEBEIVA73Qe0Zo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a56c12-db7a-4220-9b15-1c2b842d22be/1/ofG1VLRjjYIcZfzAaNigWWgyFxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a56c12-db7a-4220-9b15-1c2b842d22be/1/KdpkEaEyZNxt4PEBEIVA73Qe0Zo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.168.0/21
Signature Algorithm: sha256WithRSAEncryption
18:08:fe:13:6e:02:d7:ea:4d:5c:93:07:14:fd:a5:5e:c9:b0:
cc:b2:98:01:c5:d3:12:55:33:4b:67:03:49:70:10:38:f4:49:
ef:d5:16:ca:2e:d8:9a:1e:80:e8:ef:df:6b:11:08:d2:fe:93:
61:15:27:a4:0b:35:34:5c:8c:06:d0:57:fb:fc:38:70:79:9b:
38:97:8c:7e:4e:57:47:63:91:a1:b3:4c:35:de:66:f2:6d:32:
0f:85:b4:f7:15:63:50:3c:45:0f:f0:fe:ab:40:b4:c6:e8:68:
d6:62:ff:9f:e4:33:c1:a0:c8:18:14:89:7c:c3:05:05:8c:0a:
b4:a2:49:1a:47:e9:36:08:7c:1d:d2:04:ad:fc:91:5c:91:e2:
08:bc:18:f6:d2:00:bd:f9:4c:d6:0d:53:63:61:ca:5d:79:f7:
c1:bc:92:36:a8:88:a3:7a:ed:45:a9:aa:93:2e:3d:60:49:d8:
88:0c:8d:38:e9:d3:28:0f:4a:1b:67:fc:c2:ca:ef:df:1b:df:
58:9c:9e:af:dd:31:61:b5:9b:4c:97:c2:39:47:8c:96:ea:8b:
47:89:82:04:f8:fd:3b:eb:a7:d7:6f:b4:3e:53:ba:9d:33:c3:
c9:d1:ac:4d:6a:9a:c2:fe:11:7b:93:7c:b5:6e:17:f9:5d:09:
3a:92:8f:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIgg8iDZC8BrPSAs8q3WBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZGE2NDExYTEzMjY0ZGM2ZGUwZjEwMTEwODU0MGVmNzQx
ZWQxOWEwHhcNMjUwMTAyMDM0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWYxYjU1NGI0NjM4ZDgyMWM2NWZjYzA2OGQ4YTA1OTY4MzIxNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06z1633a3pXEDDaVuIfi1NSGP90d
Bx6JRXGfjdnN7w/WlQ6z7e9bb21NMoMQvTT28dEdWiFZNaaUo2sPYOpchz2xwkzh
UQbJokqzPh9hZtODRF7skOjfEmhGHPFYd3yL1FdQJcmEaRVbkGE4veMwGqJki4nj
igRHXwuzK2Dgi2xNTz01SqV6su8fB5gD3Ycz2ktLx76qKzWW7tV+cdeuL+geu5YJ
8Vg0prwFQC2tsiPJfB7xQelkqRIelEUCPRLjOlMQ60pcd6Knrx1H/QIf9oP4UjlO
NK160lS4FHAfuW/7An0+IXJy8Z0Bu1QF/anfGuEFohyaCUXNi+KPGs/WzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHxtVS0Y42CHGX8wGjYoFloMhccMB8GA1UdIwQY
MBaAFCnaZBGhMmTcbeDxARCFQO90HtGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Rwa0VhRXlaTnh0NFBFQkVJVkE3M1FlMFpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hNTZjMTItZGI3YS00MjIwLTliMTUt
MWMyYjg0MmQyMmJlLzEvb2ZHMVZMUmpqWUljWmZ6QWFOaWdXV2d5Rnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hNTZjMTItZGI3YS00MjIwLTliMTUtMWMyYjg0MmQyMmJl
LzEvS2Rwa0VhRXlaTnh0NFBFQkVJVkE3M1FlMFpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstSoMA0G
CSqGSIb3DQEBCwUAA4IBAQAYCP4TbgLX6k1ckwcU/aVeybDMspgBxdMSVTNLZwNJ
cBA49Env1RbKLtiaHoDo799rEQjS/pNhFSekCzU0XIwG0Ff7/DhweZs4l4x+TldH
Y5Ghs0w13mbybTIPhbT3FWNQPEUP8P6rQLTG6GjWYv+f5DPBoMgYFIl8wwUFjAq0
okkaR+k2CHwd0gSt/JFckeIIvBj20gC9+UzWDVNjYcpdeffBvJI2qIijeu1FqaqT
Lj1gSdiIDI046dMoD0obZ/zCyu/fG99YnJ6v3TFhtZtMl8I5R4yW6otHiYIE+P07
66fXb7Q+U7qdM8PJ0axNaprC/hF7k3y1bhf5XQk6ko9W
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:30:54 2025 by rpki-client