Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/minuj1QsdlCEJVZhsBl8Iu72K58.roa
File: minuj1QsdlCEJVZhsBl8Iu72K58.roa (raw, json)
Hash identifier: VriG46yyvPdT7A9tiIG7Kkwnc5c3fR5r9Dt8mgZ93wM=
Subject key identifier: 9A:29:EE:8F:54:2C:76:50:84:25:56:61:B0:19:7C:22:EE:F6:2B:9F
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018D34E5CC2B1475D71940E5B846AEAB1F99
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/minuj1QsdlCEJVZhsBl8Iu72K58.roa
Signing time: Tue 23 Jan 2024 05:58:11 +0000
ROA not before: Tue 23 Jan 2024 05:58:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50738
IP address blocks: 5.178.3.0/24 maxlen: 24
46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
109.205.212.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:34:e5:cc:2b:14:75:d7:19:40:e5:b8:46:ae:ab:1f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 23 05:58:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a29ee8f542c765084255661b0197c22eef62b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:18:65:42:3d:8d:d0:67:49:a4:ab:21:80:5e:
f2:13:61:2f:35:35:05:fe:01:40:12:07:1f:c7:57:
31:c1:62:0c:14:6f:69:44:9e:95:81:96:d4:dc:b7:
c5:6d:24:cf:a2:7f:bf:f4:e7:3f:7d:19:e7:36:0e:
43:4d:09:a6:8c:85:11:ad:77:dc:c1:64:94:e7:d8:
b1:b8:30:dd:77:0c:49:54:58:dd:d5:fd:42:13:cf:
d8:eb:a4:51:4e:21:e3:17:15:51:a3:33:07:76:29:
1e:59:92:3a:0f:68:e7:65:82:52:01:d9:24:a9:55:
8a:5c:69:b4:bf:22:2d:25:30:28:59:be:3d:44:8d:
d9:1a:eb:ec:f3:b0:dc:a5:83:44:ca:16:fa:f7:16:
e5:29:00:1e:15:2d:aa:b5:a6:ef:6c:83:77:25:f9:
8b:ec:26:39:c2:76:d9:21:20:ee:c6:58:67:19:93:
5e:3d:b1:4d:9b:8d:5e:27:8f:fa:dc:78:6a:58:19:
55:c1:ac:c1:4d:c8:13:2c:dc:9d:76:1b:05:07:c5:
1d:08:9b:56:da:d2:32:34:6b:50:39:3f:aa:72:7a:
b6:af:16:f0:7f:f6:ff:31:ff:e9:c2:88:fc:7e:9d:
56:c8:f6:ce:2e:56:b8:20:de:17:a6:e3:9a:c0:05:
74:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:29:EE:8F:54:2C:76:50:84:25:56:61:B0:19:7C:22:EE:F6:2B:9F
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/minuj1QsdlCEJVZhsBl8Iu72K58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.3.0/24
46.23.96.0/24
46.23.98.0/24
109.205.212.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:da:11:e2:22:6c:13:75:89:d0:bb:ab:59:02:31:66:74:30:
0e:9e:6e:d8:7e:15:d9:e5:81:1c:52:87:77:7d:39:fb:3a:ae:
e0:be:5b:f6:09:82:ff:4f:81:e2:4c:cb:29:60:83:66:39:55:
89:57:1a:91:6c:ef:d0:a6:de:e8:02:00:61:48:e4:be:3d:23:
73:69:71:95:2f:70:bd:ac:c8:7e:69:ed:64:90:3c:f4:d1:c8:
05:c0:cf:81:a0:56:f0:39:74:1b:42:47:3b:12:4f:bc:f5:ed:
c6:1e:f8:6d:e1:33:ed:01:1a:02:a2:6b:b3:d8:18:02:3f:2d:
9b:47:8c:ec:68:48:21:36:f2:5a:10:af:e3:b1:7e:ad:44:f9:
5c:2e:20:59:22:28:1b:7a:ab:bd:67:e1:29:4a:ab:bb:f8:11:
1b:2f:5e:9a:28:69:ee:64:e0:0a:a7:74:08:17:2d:1c:2a:04:
b9:1b:8f:aa:d7:f4:8a:46:3c:da:03:70:d7:d3:59:2d:29:e4:
6e:8d:fc:e5:59:aa:43:a0:be:10:c9:46:22:8d:b2:97:22:a3:
af:4f:b0:06:78:da:36:af:71:8a:c7:9e:39:a5:9e:62:a3:ca:
3c:f1:4b:31:ff:e0:cc:81:f1:67:af:61:ad:b8:e8:19:03:28:
10:62:92:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY005cwrFHXXGUDluEauqx+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMTIzMDU1ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTI5ZWU4ZjU0MmM3NjUwODQyNTU2NjFiMDE5N2MyMmVlZjYyYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxhlQj2N0GdJpKshgF7yE2EvNTUF
/gFAEgcfx1cxwWIMFG9pRJ6VgZbU3LfFbSTPon+/9Oc/fRnnNg5DTQmmjIURrXfc
wWSU59ixuDDddwxJVFjd1f1CE8/Y66RRTiHjFxVRozMHdikeWZI6D2jnZYJSAdkk
qVWKXGm0vyItJTAoWb49RI3ZGuvs87DcpYNEyhb69xblKQAeFS2qtabvbIN3JfmL
7CY5wnbZISDuxlhnGZNePbFNm41eJ4/63HhqWBlVwazBTcgTLNyddhsFB8UdCJtW
2tIyNGtQOT+qcnq2rxbwf/b/Mf/pwoj8fp1WyPbOLla4IN4XpuOawAV0hQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJop7o9ULHZQhCVWYbAZfCLu9iufMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvbWludWoxUXNkbENFSlZaaHNCbDhJdTcySzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbIDAwQA
LhdgAwQALhdiAwQAbc3UMA0GCSqGSIb3DQEBCwUAA4IBAQCe2hHiImwTdYnQu6tZ
AjFmdDAOnm7YfhXZ5YEcUod3fTn7Oq7gvlv2CYL/T4HiTMspYINmOVWJVxqRbO/Q
pt7oAgBhSOS+PSNzaXGVL3C9rMh+ae1kkDz00cgFwM+BoFbwOXQbQkc7Ek+89e3G
Hvht4TPtARoComuz2BgCPy2bR4zsaEghNvJaEK/jsX6tRPlcLiBZIigbequ9Z+Ep
Squ7+BEbL16aKGnuZOAKp3QIFy0cKgS5G4+q1/SKRjzaA3DX01ktKeRujfzlWapD
oL4QyUYijbKXIqOvT7AGeNo2r3GKx545pZ5io8o88Usx/+DMgfFnr2GtuOgZAygQ
YpIP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:31 2025 by rpki-client