Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/CGYCoXePbFBrriJrNgrZF9Uefow.roa
File: CGYCoXePbFBrriJrNgrZF9Uefow.roa (raw, json)
Hash identifier: KPb5usKgdYQ3JpgKFKA1WlcbtVkuv48+f5lB1B8M9IA=
Subject key identifier: 08:66:02:A1:77:8F:6C:50:6B:AE:22:6B:36:0A:D9:17:D5:1E:7E:8C
Certificate issuer: /CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Certificate serial: 0194221F5C417142ABF2666D81C4564A34A6
Authority key identifier: 3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/CGYCoXePbFBrriJrNgrZF9Uefow.roa
Signing time: Wed 01 Jan 2025 13:47:48 +0000
ROA not before: Wed 01 Jan 2025 13:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48506
IP address blocks: 178.76.64.0/21 maxlen: 24
178.76.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:5c:41:71:42:ab:f2:66:6d:81:c4:56:4a:34:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Validity
Not Before: Jan 1 13:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=086602a1778f6c506bae226b360ad917d51e7e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:20:6f:f6:63:00:75:fd:4c:94:74:d4:88:81:
e1:ea:e6:27:82:3f:d0:3f:4d:33:99:a4:61:16:f2:
46:ee:f2:75:19:17:0a:c7:d6:6e:8a:e0:af:7a:db:
4c:97:6d:5b:68:24:2c:de:df:dc:42:07:48:7c:21:
cc:2f:46:bb:e0:8e:12:1d:e9:b4:dd:e6:33:c5:58:
92:a0:11:34:2f:48:f2:bc:db:13:ae:40:c9:33:b0:
6b:bf:b6:c7:9b:62:cb:78:bc:26:53:5e:47:af:ed:
c2:80:82:77:c2:6d:46:a2:a7:81:92:31:30:53:01:
88:cd:8c:53:60:43:2e:5e:0e:02:e2:22:e3:54:0d:
d3:9c:43:32:27:ab:04:58:c5:35:f6:7f:1f:74:42:
09:3d:68:cc:84:69:89:f0:50:da:69:c8:8a:ef:3c:
d0:4c:bc:1b:20:3c:8d:39:8e:a4:f9:0a:a0:47:8f:
1e:93:cb:2a:65:e5:22:42:df:3f:c3:6f:42:43:4e:
a3:79:5f:33:e3:22:e5:68:ee:cd:04:40:6d:51:8e:
85:be:5d:04:db:77:b2:a9:9b:c8:1c:bb:ee:ac:ca:
08:5b:46:6f:bd:d9:f2:62:68:bb:e5:c6:fa:58:e2:
0c:63:8e:f1:93:aa:4a:4e:62:58:42:2c:f1:3a:a0:
f4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:66:02:A1:77:8F:6C:50:6B:AE:22:6B:36:0A:D9:17:D5:1E:7E:8C
X509v3 Authority Key Identifier:
keyid:3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/CGYCoXePbFBrriJrNgrZF9Uefow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/PesQRGPpILRVQravGifVlQ6G6aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.76.64.0-178.76.75.255
Signature Algorithm: sha256WithRSAEncryption
bd:d4:6e:cb:97:56:fe:f1:9e:14:30:58:53:d2:7b:11:5a:4d:
7e:4f:b5:12:c5:ef:ba:1a:8b:9f:b9:cf:85:f6:58:4b:e6:36:
be:ca:58:c9:81:f7:a5:fb:37:2f:db:cd:e0:79:19:55:10:a0:
f3:08:18:cd:a6:b6:82:fd:87:49:d8:82:1e:60:cc:41:01:c4:
c7:8d:4a:35:b7:3e:55:ed:84:36:ef:39:56:b2:e6:07:08:0c:
3a:c9:bf:e7:3e:94:54:7c:41:89:7f:94:11:38:a8:b2:ef:ba:
7b:d3:98:7e:34:8a:38:5a:89:67:46:a4:45:50:e1:b2:0e:fa:
72:01:e9:44:6b:e1:ef:75:bf:09:79:63:28:74:d4:69:aa:8e:
c2:cf:a9:53:4a:36:49:4e:f7:9c:0d:5e:16:3a:a7:54:5b:d7:
5f:88:9e:84:19:b5:30:80:a4:88:d7:63:e2:72:68:cc:a3:13:
c1:d3:17:4b:c6:1f:84:81:6d:2f:46:72:c2:93:ab:c6:eb:73:
63:2e:7e:7a:e2:e0:36:92:60:d5:19:5f:9b:15:07:b2:c3:fd:
04:84:e6:ab:71:dc:ba:36:b8:89:5f:7b:81:eb:b3:59:24:95:
6d:cf:d7:61:ba:01:b0:69:94:c3:26:22:5b:0a:bf:63:14:d8:
e5:c2:66:9d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQiH1xBcUKr8mZtgcRWSjSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZWIxMDQ0NjNlOTIwYjQ1NTQyYjZhZjFhMjdkNTk1MGU4
NmU5YTAwHhcNMjUwMTAxMTM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODY2MDJhMTc3OGY2YzUwNmJhZTIyNmIzNjBhZDkxN2Q1MWU3ZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iBv9mMAdf1MlHTUiIHh6uYngj/Q
P00zmaRhFvJG7vJ1GRcKx9ZuiuCvettMl21baCQs3t/cQgdIfCHML0a74I4SHem0
3eYzxViSoBE0L0jyvNsTrkDJM7Brv7bHm2LLeLwmU15Hr+3CgIJ3wm1GoqeBkjEw
UwGIzYxTYEMuXg4C4iLjVA3TnEMyJ6sEWMU19n8fdEIJPWjMhGmJ8FDaaciK7zzQ
TLwbIDyNOY6k+QqgR48ek8sqZeUiQt8/w29CQ06jeV8z4yLlaO7NBEBtUY6Fvl0E
23eyqZvIHLvurMoIW0ZvvdnyYmi75cb6WOIMY47xk6pKTmJYQizxOqD0fQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAhmAqF3j2xQa64iazYK2RfVHn6MMB8GA1UdIwQY
MBaAFD3rEERj6SC0VUK2rxon1ZUOhumgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGVzUVJHUHBJTFJWUXJhdkdpZlZsUTZHNmFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9jNjg2YjMtZTdhOS00ZjljLTg0MmMt
MTE5ZDhiZjcxN2JiLzEvQ0dZQ29YZVBiRkJycmlKck5nclpGOVVlZm93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9jNjg2YjMtZTdhOS00ZjljLTg0MmMtMTE5ZDhiZjcxN2Ji
LzEvUGVzUVJHUHBJTFJWUXJhdkdpZlZsUTZHNmFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAayTEAD
BAKyTEgwDQYJKoZIhvcNAQELBQADggEBAL3UbsuXVv7xnhQwWFPSexFaTX5PtRLF
77oai5+5z4X2WEvmNr7KWMmB96X7Ny/bzeB5GVUQoPMIGM2mtoL9h0nYgh5gzEEB
xMeNSjW3PlXthDbvOVay5gcIDDrJv+c+lFR8QYl/lBE4qLLvunvTmH40ijhaiWdG
pEVQ4bIO+nIB6URr4e91vwl5Yyh01GmqjsLPqVNKNklO95wNXhY6p1Rb11+InoQZ
tTCApIjXY+JyaMyjE8HTF0vGH4SBbS9GcsKTq8brc2Mufnri4DaSYNUZX5sVB7LD
/QSE5qtx3Lo2uIlfe4Hrs1kklW3P12G6AbBplMMmIlsKv2MU2OXCZp0=
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:33:13 2025 by rpki-client