Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ynIgMwcMUfu6aoySdoB2_fxZ-2g.roa
File: ynIgMwcMUfu6aoySdoB2_fxZ-2g.roa (raw, json)
Hash identifier: Ad2Ob20F2PglYmj0nGXoA2H7TNg37jxfUh38S1QtL8E=
Subject key identifier: CA:72:20:33:07:0C:51:FB:BA:6A:8C:92:76:80:76:FD:FC:59:FB:68
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 0194266B5C76011F7641A19CC0420CF92FB6
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ynIgMwcMUfu6aoySdoB2_fxZ-2g.roa
Signing time: Thu 02 Jan 2025 09:49:17 +0000
ROA not before: Thu 02 Jan 2025 09:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44967
IP address blocks: 78.108.253.0/24 maxlen: 24
78.108.254.0/24 maxlen: 24
78.108.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:5c:76:01:1f:76:41:a1:9c:c0:42:0c:f9:2f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 2 09:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca722033070c51fbba6a8c92768076fdfc59fb68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:76:3b:90:9f:f0:0a:ca:ab:c8:04:53:b3:2a:
c5:01:64:83:e5:51:4c:fc:f4:9a:18:a6:27:1d:df:
07:fc:c7:48:bb:57:ce:fb:48:80:02:e3:b9:d3:69:
86:00:49:b6:23:a5:8f:b9:4b:fe:c8:e5:5a:d6:84:
2b:4b:31:98:20:b7:60:c8:91:a9:03:2f:b1:f6:10:
13:38:95:74:b4:29:f5:eb:17:ed:f4:0a:d3:b2:d0:
15:03:b4:01:50:44:e0:a7:95:1e:8d:70:1c:dd:ed:
b7:bc:31:a8:15:9e:d0:33:ba:fd:3f:30:7f:b9:77:
ea:4a:4a:04:1c:07:ef:8c:b9:07:14:e7:cf:c8:69:
80:e8:50:2d:29:ea:f4:27:af:e9:80:b1:c2:ca:73:
08:da:bb:c7:6a:3e:f7:59:26:10:79:97:f6:5f:26:
e6:a5:e0:99:03:bc:91:02:c5:26:f9:96:96:8a:fc:
17:0d:d5:62:c2:8e:dd:cb:6d:14:3f:95:6e:32:52:
a2:ef:67:c5:bd:a7:9b:97:c6:d4:a0:69:dc:8e:79:
3d:18:b2:ce:09:0c:0e:b8:1a:68:83:ca:a8:b7:3c:
14:7d:1e:14:14:a1:64:4d:c3:ee:db:71:31:de:a3:
98:a8:e5:34:d9:4f:45:44:66:d4:26:26:b3:56:12:
fa:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:72:20:33:07:0C:51:FB:BA:6A:8C:92:76:80:76:FD:FC:59:FB:68
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ynIgMwcMUfu6aoySdoB2_fxZ-2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.253.0-78.108.255.255
Signature Algorithm: sha256WithRSAEncryption
6b:ad:e5:a7:d3:78:99:d0:f0:07:84:bc:68:aa:e4:59:eb:c3:
cb:37:d9:10:47:a9:05:d5:d0:72:9f:f7:58:c5:58:bc:ab:29:
e6:11:34:01:69:43:e3:d6:da:ca:5d:21:f7:7d:10:28:da:94:
b9:ef:83:6b:4d:ba:cf:c0:0a:7a:a2:f8:20:ad:8c:43:88:c4:
05:2c:4e:7d:af:ff:78:41:35:4e:9d:77:d3:85:90:3b:d7:e9:
23:89:18:07:99:f2:d0:82:ba:f4:3e:3a:d1:d9:c2:9e:84:f9:
17:3e:99:15:23:89:e6:79:ae:f5:9f:f1:c6:cb:38:f2:c1:db:
cc:b5:b7:0d:63:63:55:9a:f1:12:c0:3c:c7:37:56:1d:e0:73:
f9:97:58:cc:ec:4a:67:02:8d:1b:8f:b8:61:13:e6:a5:98:70:
07:4f:e0:6a:2b:32:e5:fe:aa:dd:8b:db:70:97:3d:22:0f:82:
cb:7a:cc:80:db:ea:0e:ee:82:ce:fc:8e:61:af:99:5d:23:38:
3e:20:b7:54:ae:3b:ed:64:68:37:4c:b8:72:6c:70:cc:11:fd:
fe:09:4f:10:e2:e6:a3:71:5a:08:2b:50:42:34:84:1d:3e:a1:
a9:3b:db:5a:a9:a8:ca:ce:16:38:e7:4f:2c:58:02:1c:53:e8:
b4:25:a5:d9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQma1x2AR92QaGcwEIM+S+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjUwMTAyMDk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTcyMjAzMzA3MGM1MWZiYmE2YThjOTI3NjgwNzZmZGZjNTlmYjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23Y7kJ/wCsqryARTsyrFAWSD5VFM
/PSaGKYnHd8H/MdIu1fO+0iAAuO502mGAEm2I6WPuUv+yOVa1oQrSzGYILdgyJGp
Ay+x9hATOJV0tCn16xft9ArTstAVA7QBUETgp5UejXAc3e23vDGoFZ7QM7r9PzB/
uXfqSkoEHAfvjLkHFOfPyGmA6FAtKer0J6/pgLHCynMI2rvHaj73WSYQeZf2Xybm
peCZA7yRAsUm+ZaWivwXDdViwo7dy20UP5VuMlKi72fFvaebl8bUoGncjnk9GLLO
CQwOuBpog8qotzwUfR4UFKFkTcPu23Ex3qOYqOU02U9FRGbUJiazVhL6GQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFMpyIDMHDFH7umqMknaAdv38WftoMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEveW5JZ013Y01VZnU2YW95U2RvQjJfZnhaLTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDBABObP0D
AwBObDANBgkqhkiG9w0BAQsFAAOCAQEAa63lp9N4mdDwB4S8aKrkWevDyzfZEEep
BdXQcp/3WMVYvKsp5hE0AWlD49bayl0h930QKNqUue+Da026z8AKeqL4IK2MQ4jE
BSxOfa//eEE1Tp1304WQO9fpI4kYB5ny0IK69D460dnCnoT5Fz6ZFSOJ5nmu9Z/x
xss48sHbzLW3DWNjVZrxEsA8xzdWHeBz+ZdYzOxKZwKNG4+4YRPmpZhwB0/gaisy
5f6q3YvbcJc9Ig+Cy3rMgNvqDu6CzvyOYa+ZXSM4PiC3VK477WRoN0y4cmxwzBH9
/glPEOLmo3FaCCtQQjSEHT6hqTvbWqmoys4WOOdPLFgCHFPotCWl2Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:03:05 2025 by rpki-client