Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/bs-Ks38HPiFE0Vzu9hCOAT_v2qk.roa
File: bs-Ks38HPiFE0Vzu9hCOAT_v2qk.roa (raw, json)
Hash identifier: 59dDdRNblQTB9SVjvDy4pNzxWykMNeIW4S3L/KbIT9A=
Subject key identifier: 6E:CF:8A:B3:7F:07:3E:21:44:D1:5C:EE:F6:10:8E:01:3F:EF:DA:A9
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0194266B62AF0739DA42609E46F6F486A5B4
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/bs-Ks38HPiFE0Vzu9hCOAT_v2qk.roa
Signing time: Thu 02 Jan 2025 09:49:19 +0000
ROA not before: Thu 02 Jan 2025 09:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203917
IP address blocks: 78.108.251.0/24 maxlen: 24
212.70.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:62:af:07:39:da:42:60:9e:46:f6:f4:86:a5:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 2 09:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ecf8ab37f073e2144d15ceef6108e013fefdaa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9e:ce:d4:1f:e4:6b:af:43:c2:95:77:d1:57:
78:20:bd:13:e3:b3:03:ff:ce:db:ea:76:8a:3c:86:
e0:9f:d1:7d:7b:e2:fa:14:90:49:2f:67:14:0d:01:
e3:0c:94:03:66:7d:fc:64:3d:68:dc:fb:2e:22:5e:
d7:e0:df:68:bc:d4:b9:35:c2:e6:bb:f5:f2:f6:77:
6d:5c:82:ca:b9:9f:d6:80:35:f5:6d:1c:2f:0b:4c:
79:de:21:37:fb:84:ba:e8:f8:39:f8:a5:37:94:57:
24:2c:5e:1c:6d:80:b3:60:89:0b:bc:03:d3:c2:c3:
9c:cc:5b:ce:d4:98:63:43:0a:56:e4:13:47:22:bd:
04:90:8b:45:af:04:e1:e7:b1:32:4e:8e:78:4d:ca:
8b:f9:6d:76:04:fb:cc:78:77:76:35:e5:ef:e7:67:
0c:88:f1:fa:af:77:20:a4:61:10:1f:1a:78:6a:19:
06:9d:47:28:77:7b:dc:db:88:33:16:31:9a:12:47:
63:2f:d0:ec:d8:32:cd:09:f0:c2:77:8e:e2:0f:d2:
59:b3:02:6d:44:05:b4:12:79:a4:67:6a:51:b1:24:
d8:81:ee:23:97:d2:53:2d:b9:01:b7:b1:05:1a:8b:
34:41:57:57:ed:74:cd:40:cd:60:e1:e0:18:7b:a3:
42:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:CF:8A:B3:7F:07:3E:21:44:D1:5C:EE:F6:10:8E:01:3F:EF:DA:A9
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/bs-Ks38HPiFE0Vzu9hCOAT_v2qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.251.0/24
212.70.156.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:ad:bd:37:fc:26:16:f7:17:d7:b2:49:f0:61:02:80:69:e2:
b6:57:04:28:73:b4:d3:a5:71:b0:4b:46:6f:7e:59:c8:13:be:
83:9a:35:3c:7b:43:11:5e:55:36:57:fa:29:64:fe:89:6c:bd:
e4:7a:10:bc:1b:0a:ed:92:15:5d:00:a9:54:b8:6d:9e:7b:0f:
ce:38:ed:34:bd:b0:2f:01:c5:2a:23:8f:91:14:d4:0b:83:6a:
a8:65:a0:87:30:8d:86:7b:86:10:02:21:ab:5f:a3:c0:42:d8:
f6:55:f3:b9:36:b7:f6:b8:16:4e:c4:b3:ef:bd:d5:b4:50:2d:
0f:d2:13:91:e5:1e:40:ea:4a:b7:94:5a:89:45:2a:69:28:75:
6e:de:5f:38:b4:f6:f7:37:6f:b7:a2:d0:e8:67:41:b1:d4:2e:
3f:2f:bb:9e:5e:d3:4f:89:24:76:09:85:77:d4:4a:b6:d3:c1:
62:8b:f8:a2:8d:4b:3d:fa:7a:0c:17:c9:1d:86:9b:0a:51:40:
ea:ca:a6:32:18:a6:c4:f1:e9:e7:4a:15:2d:fd:d0:e2:2b:30:
aa:5e:86:3f:30:cd:15:c2:27:a6:81:d3:22:df:c6:4d:7c:87:
28:80:71:af:99:78:e0:58:27:cd:a1:fc:79:5f:bd:c1:e1:9c:
60:e1:f5:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQma2KvBznaQmCeRvb0hqW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjUwMTAyMDk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWNmOGFiMzdmMDczZTIxNDRkMTVjZWVmNjEwOGUwMTNmZWZkYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq57O1B/ka69DwpV30Vd4IL0T47MD
/87b6naKPIbgn9F9e+L6FJBJL2cUDQHjDJQDZn38ZD1o3PsuIl7X4N9ovNS5NcLm
u/Xy9ndtXILKuZ/WgDX1bRwvC0x53iE3+4S66Pg5+KU3lFckLF4cbYCzYIkLvAPT
wsOczFvO1JhjQwpW5BNHIr0EkItFrwTh57EyTo54TcqL+W12BPvMeHd2NeXv52cM
iPH6r3cgpGEQHxp4ahkGnUcod3vc24gzFjGaEkdjL9Ds2DLNCfDCd47iD9JZswJt
RAW0EnmkZ2pRsSTYge4jl9JTLbkBt7EFGos0QVdX7XTNQM1g4eAYe6NCRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG7PirN/Bz4hRNFc7vYQjgE/79qpMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvYnMtS3MzOEhQaUZFMFZ6dTloQ09BVF92MnFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATmz7AwQA
1EacMA0GCSqGSIb3DQEBCwUAA4IBAQANrb03/CYW9xfXsknwYQKAaeK2VwQoc7TT
pXGwS0ZvflnIE76DmjU8e0MRXlU2V/opZP6JbL3kehC8GwrtkhVdAKlUuG2eew/O
OO00vbAvAcUqI4+RFNQLg2qoZaCHMI2Ge4YQAiGrX6PAQtj2VfO5Nrf2uBZOxLPv
vdW0UC0P0hOR5R5A6kq3lFqJRSppKHVu3l84tPb3N2+3otDoZ0Gx1C4/L7ueXtNP
iSR2CYV31Eq208Fii/iijUs9+noMF8kdhpsKUUDqyqYyGKbE8ennShUt/dDiKzCq
XoY/MM0VwiemgdMi38ZNfIcogHGvmXjgWCfNofx5X73B4Zxg4fXy
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:09:25 2025 by rpki-client