Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/VAOvYC0rpjyTuLuRBfTKmUOuh7I.roa
File: VAOvYC0rpjyTuLuRBfTKmUOuh7I.roa (raw, json)
Hash identifier: 0vjmq1kF1TMQbQcMXUeFVD45hSzNPAtogdVXVCWqxwQ=
Subject key identifier: 54:03:AF:60:2D:2B:A6:3C:93:B8:BB:91:05:F4:CA:99:43:AE:87:B2
Certificate issuer: /CN=aa2a58c697a1449976b0d11d6f126025e14089c6
Certificate serial: 019425215AE8431F3DB47CBF38647F92788A
Authority key identifier: AA:2A:58:C6:97:A1:44:99:76:B0:D1:1D:6F:12:60:25:E1:40:89:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qipYxpehRJl2sNEdbxJgJeFAicY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/VAOvYC0rpjyTuLuRBfTKmUOuh7I.roa
Signing time: Thu 02 Jan 2025 03:48:50 +0000
ROA not before: Thu 02 Jan 2025 03:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50477
IP address blocks: 178.57.56.0/21 maxlen: 21
194.58.168.0/22 maxlen: 22
194.58.168.0/24 maxlen: 24
194.58.169.0/24 maxlen: 24
194.58.170.0/24 maxlen: 24
194.58.171.0/24 maxlen: 24
194.58.172.0/22 maxlen: 22
194.58.184.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:5a:e8:43:1f:3d:b4:7c:bf:38:64:7f:92:78:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa2a58c697a1449976b0d11d6f126025e14089c6
Validity
Not Before: Jan 2 03:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5403af602d2ba63c93b8bb9105f4ca9943ae87b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e7:cc:5b:25:8c:f7:98:89:1c:ff:62:aa:be:
e2:46:a8:f2:b8:b4:35:29:d6:e0:44:00:8c:e4:1c:
99:6d:8b:d0:0a:bc:5d:65:58:6c:c6:24:cd:f8:a8:
09:81:e5:18:05:d6:32:47:4a:d3:37:9d:0a:8a:ff:
c4:d7:28:ec:ed:9a:9e:aa:f2:64:91:17:47:e7:4c:
5e:48:93:3f:23:43:4d:67:90:3f:d3:11:eb:f0:2b:
ef:99:02:c4:a1:68:6e:b7:bf:b4:d2:95:cc:fe:e3:
9c:0a:3d:ef:0f:0a:9b:9c:dc:a4:29:b0:1d:7d:e3:
54:64:bf:4f:72:0a:f4:30:5a:f0:ec:e2:02:ed:ee:
fc:1f:99:15:92:e1:e6:dd:60:9f:d8:2a:d6:39:b6:
27:26:0c:f8:d3:51:3b:b0:c8:98:5f:33:be:26:ff:
d9:4e:a7:3c:d8:b2:d1:07:21:97:6c:d4:0a:fe:2b:
84:41:d2:6c:45:43:95:05:2b:67:4f:a8:b5:0d:98:
a9:8a:dd:78:99:58:b4:f3:b6:d2:0e:9e:ee:57:ac:
06:35:02:39:96:cc:c8:60:b6:1d:04:ac:ac:05:c7:
86:dc:f2:23:8e:84:37:50:d8:9c:f1:58:e3:1c:92:
75:a4:f7:dd:39:fe:66:f3:85:bd:54:11:5f:59:5b:
4d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:03:AF:60:2D:2B:A6:3C:93:B8:BB:91:05:F4:CA:99:43:AE:87:B2
X509v3 Authority Key Identifier:
keyid:AA:2A:58:C6:97:A1:44:99:76:B0:D1:1D:6F:12:60:25:E1:40:89:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qipYxpehRJl2sNEdbxJgJeFAicY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/VAOvYC0rpjyTuLuRBfTKmUOuh7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/qipYxpehRJl2sNEdbxJgJeFAicY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.57.56.0/21
194.58.168.0/21
194.58.184.0/21
Signature Algorithm: sha256WithRSAEncryption
d0:37:26:e3:0c:d5:b1:1f:6a:56:9a:ec:a3:5b:af:e6:42:cd:
a3:a4:09:aa:eb:eb:12:c8:e5:87:04:52:5d:dd:0c:d7:4a:ff:
c3:b2:6a:97:59:ed:a8:50:1e:35:ac:20:92:d9:e0:3e:d3:d8:
d8:e7:a9:4c:2f:14:85:8a:2c:1e:f7:72:d9:23:69:8f:a9:8b:
ae:7a:ce:b3:02:c6:f3:23:16:a9:1f:92:31:3f:fe:8a:48:5d:
8a:cd:81:75:31:9c:ad:30:d6:f2:68:bb:32:19:ed:e2:95:70:
d4:b1:6f:68:42:cf:ac:59:57:00:e6:8b:a5:ec:01:07:a5:bb:
ca:fb:b1:0f:6a:08:a6:32:e2:b8:c8:83:1d:b3:f0:1c:a5:2a:
82:bb:ec:4c:33:2f:8b:df:df:aa:5e:53:44:9f:45:24:7d:65:
11:33:60:a5:19:98:30:a2:b1:03:24:e8:d0:00:a3:b8:d4:68:
89:a5:3a:78:75:16:c9:3d:f3:e6:f0:6a:4a:0d:c2:44:25:e1:
66:d1:a9:fa:52:42:26:bd:33:24:99:da:0c:cf:b6:bd:d7:47:
84:78:37:7d:2c:16:6b:99:70:ac:63:23:68:65:7e:bd:2c:f9:
b6:6f:48:f2:93:1e:6a:15:ef:ad:83:46:e1:0f:d5:5f:12:6b:
05:05:77:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIVroQx89tHy/OGR/kniKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMmE1OGM2OTdhMTQ0OTk3NmIwZDExZDZmMTI2MDI1ZTE0
MDg5YzYwHhcNMjUwMTAyMDM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDAzYWY2MDJkMmJhNjNjOTNiOGJiOTEwNWY0Y2E5OTQzYWU4N2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+fMWyWM95iJHP9iqr7iRqjyuLQ1
KdbgRACM5ByZbYvQCrxdZVhsxiTN+KgJgeUYBdYyR0rTN50Kiv/E1yjs7ZqeqvJk
kRdH50xeSJM/I0NNZ5A/0xHr8CvvmQLEoWhut7+00pXM/uOcCj3vDwqbnNykKbAd
feNUZL9Pcgr0MFrw7OIC7e78H5kVkuHm3WCf2CrWObYnJgz401E7sMiYXzO+Jv/Z
Tqc82LLRByGXbNQK/iuEQdJsRUOVBStnT6i1DZipit14mVi087bSDp7uV6wGNQI5
lszIYLYdBKysBceG3PIjjoQ3UNic8VjjHJJ1pPfdOf5m84W9VBFfWVtNWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFQDr2AtK6Y8k7i7kQX0yplDroeyMB8GA1UdIwQY
MBaAFKoqWMaXoUSZdrDRHW8SYCXhQInGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWlwWXhwZWhSSmwyc05FZGJ4SmdKZUZBaWNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8zMTQyYTUtZDkyZC00ZDA2LTgyMjgt
YmU2MjJjMzEzMmRmLzEvVkFPdllDMHJwanlUdUx1UkJmVEttVU91aDdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8zMTQyYTUtZDkyZC00ZDA2LTgyMjgtYmU2MjJjMzEzMmRm
LzEvcWlwWXhwZWhSSmwyc05FZGJ4SmdKZUZBaWNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDsjk4AwQD
wjqoAwQDwjq4MA0GCSqGSIb3DQEBCwUAA4IBAQDQNybjDNWxH2pWmuyjW6/mQs2j
pAmq6+sSyOWHBFJd3QzXSv/DsmqXWe2oUB41rCCS2eA+09jY56lMLxSFiiwe93LZ
I2mPqYuues6zAsbzIxapH5IxP/6KSF2KzYF1MZytMNbyaLsyGe3ilXDUsW9oQs+s
WVcA5oul7AEHpbvK+7EPagimMuK4yIMds/AcpSqCu+xMMy+L39+qXlNEn0UkfWUR
M2ClGZgworEDJOjQAKO41GiJpTp4dRbJPfPm8GpKDcJEJeFm0an6UkImvTMkmdoM
z7a910eEeDd9LBZrmXCsYyNoZX69LPm2b0jykx5qFe+tg0bhD9VfEmsFBXev
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:14:17 2025 by rpki-client