Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/tCBCZkdZFIegl0allg62wVbeH1Q.roa
File: tCBCZkdZFIegl0allg62wVbeH1Q.roa (raw, json)
Hash identifier: F9BLqElTomUF9mrqt6Awfg8woe+OpyYGWzMEJd9qmJM=
Subject key identifier: B4:20:42:66:47:59:14:87:A0:97:46:A5:96:0E:B6:C1:56:DE:1F:54
Certificate issuer: /CN=54b48731e29f27d687576d6863adbda080709bfe
Certificate serial: 0194AD723631A09093B4356D7B56101A0468
Authority key identifier: 54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/tCBCZkdZFIegl0allg62wVbeH1Q.roa
Signing time: Tue 28 Jan 2025 15:05:30 +0000
ROA not before: Tue 28 Jan 2025 15:05:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209505
IP address blocks: 78.41.136.0/24 maxlen: 24
2a13:3840:1000::/39 maxlen: 39
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ad:72:36:31:a0:90:93:b4:35:6d:7b:56:10:1a:04:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54b48731e29f27d687576d6863adbda080709bfe
Validity
Not Before: Jan 28 15:05:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b420426647591487a09746a5960eb6c156de1f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1e:93:a6:ba:8c:eb:3d:a8:39:4e:aa:1e:c3:
36:4b:d5:61:45:37:02:de:df:49:c7:4b:a7:5f:af:
14:cf:83:d0:88:5f:ca:fd:c4:3b:bb:eb:93:b8:29:
a7:73:e9:2c:01:1d:66:85:52:1f:13:38:24:f0:0e:
f4:f3:60:b1:fb:22:cf:ef:06:03:8b:3f:a5:56:29:
0a:13:af:d0:dc:cc:c6:91:20:ce:a2:5d:73:02:e2:
fb:7d:fd:d1:db:0e:61:10:ea:ac:d5:7f:d3:05:d8:
d0:4b:f4:ce:fd:c4:20:bd:97:54:7d:e6:da:5f:11:
3d:ad:63:5a:93:e8:ca:60:51:ba:e2:10:2b:c2:eb:
77:60:02:1c:fa:c7:72:dd:08:3f:a3:2e:5c:56:3a:
70:26:85:71:83:29:db:4c:a6:12:0c:d5:8a:cf:a6:
ba:7e:3d:65:05:c2:cb:77:e7:9c:58:c3:05:dc:63:
f7:f1:ab:6c:50:a8:b1:8b:3e:5a:1a:a2:bd:ae:51:
7f:c8:98:c5:a5:61:3d:a8:e7:9d:44:fb:b6:33:36:
ec:d5:91:9a:17:a5:7e:66:0d:bc:ac:7f:52:35:7a:
50:1b:cb:24:4a:63:78:ff:79:c4:71:9b:d9:62:7d:
92:19:c3:83:41:28:f1:eb:db:3f:85:ee:c1:60:fe:
b9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:20:42:66:47:59:14:87:A0:97:46:A5:96:0E:B6:C1:56:DE:1F:54
X509v3 Authority Key Identifier:
keyid:54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/tCBCZkdZFIegl0allg62wVbeH1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/VLSHMeKfJ9aHV21oY629oIBwm_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.136.0/24
IPv6:
2a13:3840:1000::/39
Signature Algorithm: sha256WithRSAEncryption
23:dd:60:99:14:53:52:9e:8e:eb:fa:8c:e7:a4:f8:12:6c:e8:
3f:78:80:8d:d6:83:5c:61:06:39:2f:28:cf:a4:9c:91:45:3e:
6b:bf:04:e1:e1:76:66:75:8c:38:0d:2b:5e:2d:41:cc:26:c3:
5d:40:f8:72:9c:58:bd:e0:7a:46:b3:7e:c2:75:bb:da:c1:8b:
71:96:37:57:8a:83:e5:a4:24:38:b0:d3:04:eb:42:11:e0:56:
d8:3e:0c:79:0c:8c:db:1a:ad:12:fe:2d:6d:14:68:cc:31:48:
7c:b7:c1:f9:5f:46:9a:16:7f:ef:0a:6f:aa:4e:10:1e:db:32:
ad:43:25:e1:11:8f:34:b4:15:e1:26:c2:6c:48:0a:59:24:5c:
49:53:d8:0c:ff:55:47:ac:1f:b7:f0:79:7d:8f:58:bf:ee:72:
25:e4:62:a2:ce:70:56:b4:4e:eb:67:23:b5:f7:42:44:93:07:
55:3c:f3:96:5a:01:d6:3c:5f:dc:90:ef:ee:7c:21:de:2f:93:
f2:17:00:86:1d:76:8c:fc:71:57:d8:83:6a:21:14:ec:39:4e:
f0:4f:b3:c8:23:5d:ce:53:d8:5e:ff:ef:74:59:f0:b8:6d:07:
3c:f5:84:f8:ac:42:32:b9:ca:45:cf:27:36:02:36:95:e4:89:
6e:3d:e0:d8
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZStcjYxoJCTtDVte1YQGgRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YjQ4NzMxZTI5ZjI3ZDY4NzU3NmQ2ODYzYWRiZGEwODA3
MDliZmUwHhcNMjUwMTI4MTUwNTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDIwNDI2NjQ3NTkxNDg3YTA5NzQ2YTU5NjBlYjZjMTU2ZGUxZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnx6TprqM6z2oOU6qHsM2S9VhRTcC
3t9Jx0unX68Uz4PQiF/K/cQ7u+uTuCmnc+ksAR1mhVIfEzgk8A7082Cx+yLP7wYD
iz+lVikKE6/Q3MzGkSDOol1zAuL7ff3R2w5hEOqs1X/TBdjQS/TO/cQgvZdUfeba
XxE9rWNak+jKYFG64hArwut3YAIc+sdy3Qg/oy5cVjpwJoVxgynbTKYSDNWKz6a6
fj1lBcLLd+ecWMMF3GP38atsUKixiz5aGqK9rlF/yJjFpWE9qOedRPu2Mzbs1ZGa
F6V+Zg28rH9SNXpQG8skSmN4/3nEcZvZYn2SGcODQSjx69s/he7BYP65cwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLQgQmZHWRSHoJdGpZYOtsFW3h9UMB8GA1UdIwQY
MBaAFFS0hzHinyfWh1dtaGOtvaCAcJv+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMt
NWRmY2NkNjFhOWIxLzEvdENCQ1prZFpGSWVnbDBhbGxnNjJ3VmJlSDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMtNWRmY2NkNjFhOWIx
LzEvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQATimIMA4E
AgACMAgDBgEqEzhAEDANBgkqhkiG9w0BAQsFAAOCAQEAI91gmRRTUp6O6/qM56T4
EmzoP3iAjdaDXGEGOS8oz6SckUU+a78E4eF2ZnWMOA0rXi1BzCbDXUD4cpxYveB6
RrN+wnW72sGLcZY3V4qD5aQkOLDTBOtCEeBW2D4MeQyM2xqtEv4tbRRozDFIfLfB
+V9GmhZ/7wpvqk4QHtsyrUMl4RGPNLQV4SbCbEgKWSRcSVPYDP9VR6wft/B5fY9Y
v+5yJeRios5wVrRO62cjtfdCRJMHVTzzlloB1jxf3JDv7nwh3i+T8hcAhh12jPxx
V9iDaiEU7DlO8E+zyCNdzlPYXv/vdFnwuG0HPPWE+KxCMrnKRc8nNgI2leSJbj3g
2A==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:09:54 2025 by rpki-client