Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/118e24-742b-4392-8dfa-071518e0573e/1/v3SUAtR9QWFlr-gp81uV9PqvwlY.roa
File: v3SUAtR9QWFlr-gp81uV9PqvwlY.roa (raw, json)
Hash identifier: mn3Ww15BCRBB13Jmxz3hObcdL3yCXwDoxW+3UuBjkwM=
Subject key identifier: BF:74:94:02:D4:7D:41:61:65:AF:E8:29:F3:5B:95:F4:FA:AF:C2:56
Certificate issuer: /CN=69f7352d07135623e33f5a7e62925d4bab722fc6
Certificate serial: 019421B1DCFEF32F98CD459E30A84A43DEC8
Authority key identifier: 69:F7:35:2D:07:13:56:23:E3:3F:5A:7E:62:92:5D:4B:AB:72:2F:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/afc1LQcTViPjP1p-YpJdS6tyL8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/118e24-742b-4392-8dfa-071518e0573e/1/v3SUAtR9QWFlr-gp81uV9PqvwlY.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210094
IP address blocks: 178.251.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:dc:fe:f3:2f:98:cd:45:9e:30:a8:4a:43:de:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69f7352d07135623e33f5a7e62925d4bab722fc6
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf749402d47d416165afe829f35b95f4faafc256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:51:6c:57:35:6f:e3:a3:38:9f:10:2d:70:2e:
a2:75:dc:61:f2:ef:a6:44:08:b2:7f:c7:5b:64:34:
93:f3:46:e5:93:ea:50:98:02:a2:8f:da:6c:0e:31:
58:2d:6e:1c:67:b4:03:8b:af:b2:39:6f:00:e2:7c:
28:9d:da:e8:ba:24:83:d3:36:76:1c:2d:a1:a1:70:
bd:60:6c:fe:db:d9:49:81:2e:d8:e5:d2:da:41:eb:
07:64:5e:9d:f6:a6:85:9d:d0:a4:c8:21:cd:49:0e:
dc:7c:a1:1f:9b:8e:0e:48:fa:07:a0:5b:c7:c8:eb:
de:01:d9:8d:79:a5:e2:57:d6:bb:8f:fd:14:2a:ac:
03:40:e4:40:57:0f:8f:4d:57:e7:e0:ea:34:1e:b9:
a1:1a:92:1f:17:05:c6:00:a3:a2:66:6f:23:77:fb:
4b:5a:48:52:47:a3:cd:65:8e:71:da:ab:9d:85:9d:
76:34:6c:6a:53:26:e2:90:75:0d:c2:ed:9b:4c:c0:
d1:b5:3b:10:80:23:20:8b:9c:c6:b2:48:64:49:b1:
fc:b8:2e:e3:92:48:47:84:e0:96:69:82:93:2e:2b:
1a:2c:16:c4:f1:13:0f:09:f0:8d:c2:5f:c6:15:5c:
bc:aa:d8:98:e4:c9:c2:54:4a:8a:51:e0:d3:14:95:
57:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:74:94:02:D4:7D:41:61:65:AF:E8:29:F3:5B:95:F4:FA:AF:C2:56
X509v3 Authority Key Identifier:
keyid:69:F7:35:2D:07:13:56:23:E3:3F:5A:7E:62:92:5D:4B:AB:72:2F:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afc1LQcTViPjP1p-YpJdS6tyL8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/118e24-742b-4392-8dfa-071518e0573e/1/v3SUAtR9QWFlr-gp81uV9PqvwlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/118e24-742b-4392-8dfa-071518e0573e/1/afc1LQcTViPjP1p-YpJdS6tyL8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.20.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:58:b0:81:2b:be:be:7c:66:b8:67:1f:90:d7:8b:c0:a7:36:
92:33:f3:95:e5:df:65:54:c5:9f:45:d5:1a:30:b0:59:c6:f0:
7b:a7:2f:78:3a:80:ff:82:97:f7:ed:10:c1:11:c4:74:3d:60:
0f:6a:35:0e:ab:69:47:64:01:97:ac:1e:00:f7:f6:23:eb:b7:
19:f4:a0:8c:01:ec:b7:4c:8e:95:cd:a8:50:5a:07:6a:c2:8a:
5f:ad:ab:7d:e9:2b:08:2b:62:29:0a:92:8e:8b:60:ea:a5:4a:
a0:f4:f8:71:5b:a4:61:a7:40:14:20:e0:8f:e4:0f:b2:c4:91:
f8:67:60:38:3d:1c:df:f1:ca:08:40:02:16:44:39:75:9f:c9:
28:58:83:6d:fd:de:ac:68:9b:1d:d5:3c:1a:36:7b:d1:15:97:
4f:79:89:b0:97:22:18:b1:c2:5e:a5:6f:06:46:de:d8:b1:63:
56:6b:4d:6c:6e:d4:71:03:39:66:10:56:0d:74:4c:0b:1d:49:
cf:fc:b4:9f:30:5c:8e:07:0a:85:d4:fe:8c:61:80:20:37:5f:
5b:1e:bd:75:f6:71:96:86:14:98:5a:36:4c:41:cc:05:66:54:
c1:f2:f5:d4:54:c8:a3:3c:f5:79:ce:6d:79:f2:fa:e5:df:8c:
0a:f6:22:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsdz+8y+YzUWeMKhKQ97IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjczNTJkMDcxMzU2MjNlMzNmNWE3ZTYyOTI1ZDRiYWI3
MjJmYzYwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjc0OTQwMmQ0N2Q0MTYxNjVhZmU4MjlmMzViOTVmNGZhYWZjMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VFsVzVv46M4nxAtcC6iddxh8u+m
RAiyf8dbZDST80blk+pQmAKij9psDjFYLW4cZ7QDi6+yOW8A4nwondrouiSD0zZ2
HC2hoXC9YGz+29lJgS7Y5dLaQesHZF6d9qaFndCkyCHNSQ7cfKEfm44OSPoHoFvH
yOveAdmNeaXiV9a7j/0UKqwDQORAVw+PTVfn4Oo0HrmhGpIfFwXGAKOiZm8jd/tL
WkhSR6PNZY5x2qudhZ12NGxqUybikHUNwu2bTMDRtTsQgCMgi5zGskhkSbH8uC7j
kkhHhOCWaYKTLisaLBbE8RMPCfCNwl/GFVy8qtiY5MnCVEqKUeDTFJVXcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL90lALUfUFhZa/oKfNblfT6r8JWMB8GA1UdIwQY
MBaAFGn3NS0HE1Yj4z9afmKSXUurci/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZjMUxRY1RWaVBqUDFwLVlwSmRTNnR5TDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xMThlMjQtNzQyYi00MzkyLThkZmEt
MDcxNTE4ZTA1NzNlLzEvdjNTVUF0UjlRV0Zsci1ncDgxdVY5UHF2d2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xMThlMjQtNzQyYi00MzkyLThkZmEtMDcxNTE4ZTA1NzNl
LzEvYWZjMUxRY1RWaVBqUDFwLVlwSmRTNnR5TDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvsUMA0G
CSqGSIb3DQEBCwUAA4IBAQDUWLCBK76+fGa4Zx+Q14vApzaSM/OV5d9lVMWfRdUa
MLBZxvB7py94OoD/gpf37RDBEcR0PWAPajUOq2lHZAGXrB4A9/Yj67cZ9KCMAey3
TI6VzahQWgdqwopfrat96SsIK2IpCpKOi2DqpUqg9PhxW6Rhp0AUIOCP5A+yxJH4
Z2A4PRzf8coIQAIWRDl1n8koWINt/d6saJsd1TwaNnvRFZdPeYmwlyIYscJepW8G
Rt7YsWNWa01sbtRxAzlmEFYNdEwLHUnP/LSfMFyOBwqF1P6MYYAgN19bHr119nGW
hhSYWjZMQcwFZlTB8vXUVMijPPV5zm158vrl34wK9iI5
-----END CERTIFICATE-----
Generated at Tue Apr 29 21:18:42 2025 by rpki-client