Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/85ee02-6f43-4927-ab5d-ed57b24b4465/1/4vVSxg0KLKszb_U4S9rSdoaFOw8.roa
File: 4vVSxg0KLKszb_U4S9rSdoaFOw8.roa (raw, json)
Hash identifier: RPAXRjtOt5jMNeEYJ4PrQAbbA73WZ8/bw4emEczQVts=
Subject key identifier: E2:F5:52:C6:0D:0A:2C:AB:33:6F:F5:38:4B:DA:D2:76:86:85:3B:0F
Certificate issuer: /CN=0b1936281b86707a05d55a01f88b2e653d7b3ee9
Certificate serial: 0194236A06C9B5DC99429B014DB424698BD2
Authority key identifier: 0B:19:36:28:1B:86:70:7A:05:D5:5A:01:F8:8B:2E:65:3D:7B:3E:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cxk2KBuGcHoF1VoB-IsuZT17Puk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/85ee02-6f43-4927-ab5d-ed57b24b4465/1/4vVSxg0KLKszb_U4S9rSdoaFOw8.roa
Signing time: Wed 01 Jan 2025 19:48:58 +0000
ROA not before: Wed 01 Jan 2025 19:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16057
IP address blocks: 212.78.32.0/24 maxlen: 24
212.78.33.0/24 maxlen: 24
212.78.34.0/24 maxlen: 24
212.78.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:06:c9:b5:dc:99:42:9b:01:4d:b4:24:69:8b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1936281b86707a05d55a01f88b2e653d7b3ee9
Validity
Not Before: Jan 1 19:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2f552c60d0a2cab336ff5384bdad27686853b0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6e:34:75:19:6c:58:aa:9f:8a:c1:14:4a:5d:
b3:d1:f4:bb:fd:93:49:44:88:d9:d8:53:6d:b7:60:
31:6e:4f:c2:15:41:4d:50:bc:cc:37:e4:18:37:4e:
23:44:77:e5:85:19:1b:87:3d:1b:4f:a3:22:a0:71:
71:2b:43:d2:0a:08:ad:a4:24:d3:e8:75:ed:21:c2:
b6:5c:b2:58:73:ff:a6:4b:9e:10:b7:e9:fd:41:d3:
2b:b6:3e:1c:8a:90:d3:46:b0:f6:0f:4b:46:bb:4b:
b3:d4:13:97:08:58:6e:07:4a:00:ee:b2:27:e6:ea:
49:48:61:e9:b6:80:17:d2:6c:87:08:00:6d:be:83:
32:02:61:1a:83:d5:4f:a7:3e:a8:ac:5d:f2:75:96:
32:ad:ce:a0:f6:a7:a0:18:65:73:b3:92:c7:55:97:
09:c5:7a:d6:0c:1c:b0:0c:f9:54:c4:6c:30:86:51:
c2:44:97:07:de:cd:66:0d:cb:db:1f:4a:73:b0:ec:
ac:36:36:8a:1d:89:ba:cf:4c:bb:b6:0c:b9:24:60:
16:8c:d8:99:e7:97:d5:f7:5a:69:67:1c:4b:e2:0f:
28:51:db:e3:c0:bb:91:1e:06:74:bf:f3:1e:20:d2:
11:96:2d:76:8d:e5:e9:01:c7:34:a1:45:60:7f:28:
b0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F5:52:C6:0D:0A:2C:AB:33:6F:F5:38:4B:DA:D2:76:86:85:3B:0F
X509v3 Authority Key Identifier:
keyid:0B:19:36:28:1B:86:70:7A:05:D5:5A:01:F8:8B:2E:65:3D:7B:3E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cxk2KBuGcHoF1VoB-IsuZT17Puk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/85ee02-6f43-4927-ab5d-ed57b24b4465/1/4vVSxg0KLKszb_U4S9rSdoaFOw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/85ee02-6f43-4927-ab5d-ed57b24b4465/1/Cxk2KBuGcHoF1VoB-IsuZT17Puk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.78.32.0/22
Signature Algorithm: sha256WithRSAEncryption
74:97:6b:fc:44:e3:d7:8d:7a:70:ff:94:1c:9a:6a:45:b4:40:
e2:50:92:ce:ab:ec:e2:c1:18:3b:c0:4f:e9:76:92:00:7a:82:
d4:65:3d:aa:57:07:de:1f:df:d6:b2:c8:55:83:c2:af:66:99:
cc:57:88:b1:7f:e5:94:d1:2f:4a:ec:cc:0d:7c:cb:44:66:68:
dc:d0:f3:df:b3:fa:fc:b3:f0:0a:c0:e3:45:0a:57:2d:ce:12:
a2:4e:ef:3d:23:1e:fc:d2:b1:aa:4f:17:41:01:2c:4c:2c:a0:
5e:5c:d9:1c:7a:9c:71:22:f2:fa:98:05:1c:8c:3c:4b:74:ab:
56:17:ea:96:5c:10:ed:33:96:8c:2e:67:49:13:bc:eb:f0:33:
14:5a:fb:db:79:59:b7:62:97:37:50:25:28:2f:c5:48:c4:8c:
91:a1:02:39:b0:9a:6e:6a:0d:a0:6d:14:df:9d:e1:64:91:d4:
73:6d:31:e0:7f:fe:e5:82:91:b7:50:2d:b4:bd:8c:4c:f0:9c:
be:53:2d:4d:86:3e:96:71:b3:25:ca:be:8b:e7:fd:0c:6a:5f:
3b:e2:99:35:31:fc:4f:c4:a3:5f:a2:6d:35:d9:72:9e:cd:8d:
d5:4e:95:af:cb:db:af:53:b6:04:00:58:1d:61:5b:e8:96:6c:
24:b1:07:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjagbJtdyZQpsBTbQkaYvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMTkzNjI4MWI4NjcwN2EwNWQ1NWEwMWY4OGIyZTY1M2Q3
YjNlZTkwHhcNMjUwMTAxMTk0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmY1NTJjNjBkMGEyY2FiMzM2ZmY1Mzg0YmRhZDI3Njg2ODUzYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr240dRlsWKqfisEUSl2z0fS7/ZNJ
RIjZ2FNtt2Axbk/CFUFNULzMN+QYN04jRHflhRkbhz0bT6MioHFxK0PSCgitpCTT
6HXtIcK2XLJYc/+mS54Qt+n9QdMrtj4cipDTRrD2D0tGu0uz1BOXCFhuB0oA7rIn
5upJSGHptoAX0myHCABtvoMyAmEag9VPpz6orF3ydZYyrc6g9qegGGVzs5LHVZcJ
xXrWDBywDPlUxGwwhlHCRJcH3s1mDcvbH0pzsOysNjaKHYm6z0y7tgy5JGAWjNiZ
55fV91ppZxxL4g8oUdvjwLuRHgZ0v/MeINIRli12jeXpAcc0oUVgfyiwKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOL1UsYNCiyrM2/1OEva0naGhTsPMB8GA1UdIwQY
MBaAFAsZNigbhnB6BdVaAfiLLmU9ez7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hrMktCdUdjSG9GMVZvQi1Jc3VaVDE3UHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84NWVlMDItNmY0My00OTI3LWFiNWQt
ZWQ1N2IyNGI0NDY1LzEvNHZWU3hnMEtMS3N6Yl9VNFM5clNkb2FGT3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84NWVlMDItNmY0My00OTI3LWFiNWQtZWQ1N2IyNGI0NDY1
LzEvQ3hrMktCdUdjSG9GMVZvQi1Jc3VaVDE3UHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1E4gMA0G
CSqGSIb3DQEBCwUAA4IBAQB0l2v8ROPXjXpw/5QcmmpFtEDiUJLOq+ziwRg7wE/p
dpIAeoLUZT2qVwfeH9/WsshVg8KvZpnMV4ixf+WU0S9K7MwNfMtEZmjc0PPfs/r8
s/AKwONFClctzhKiTu89Ix780rGqTxdBASxMLKBeXNkcepxxIvL6mAUcjDxLdKtW
F+qWXBDtM5aMLmdJE7zr8DMUWvvbeVm3Ypc3UCUoL8VIxIyRoQI5sJpuag2gbRTf
neFkkdRzbTHgf/7lgpG3UC20vYxM8Jy+Uy1Nhj6WcbMlyr6L5/0Mal874pk1MfxP
xKNfom012XKezY3VTpWvy9uvU7YEAFgdYVvolmwksQe0
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:04:27 2025 by rpki-client