Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/TK8oRVgmC_iGkqpkIUxL12Jskyo.roa
File: TK8oRVgmC_iGkqpkIUxL12Jskyo.roa (raw, json)
Hash identifier: WWQSgn1wOK2i+o7wtaeqJibMN9Pjr41qBXdRO7I04u0=
Subject key identifier: 4C:AF:28:45:58:26:0B:F8:86:92:AA:64:21:4C:4B:D7:62:6C:93:2A
Certificate issuer: /CN=ae8ed33b70be6cc20c89fbbac77a59ca3b4c0934
Certificate serial: 01942444E89C65F9FA4ADBD6CE429D298394
Authority key identifier: AE:8E:D3:3B:70:BE:6C:C2:0C:89:FB:BA:C7:7A:59:CA:3B:4C:09:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ro7TO3C-bMIMifu6x3pZyjtMCTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/TK8oRVgmC_iGkqpkIUxL12Jskyo.roa
Signing time: Wed 01 Jan 2025 23:48:03 +0000
ROA not before: Wed 01 Jan 2025 23:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43108
IP address blocks: 178.213.48.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:e8:9c:65:f9:fa:4a:db:d6:ce:42:9d:29:83:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae8ed33b70be6cc20c89fbbac77a59ca3b4c0934
Validity
Not Before: Jan 1 23:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4caf284558260bf88692aa64214c4bd7626c932a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:51:24:4f:da:e2:f5:63:65:81:2d:1c:ef:94:
39:d4:b8:4e:64:2e:b3:c8:95:37:9a:fd:8d:5c:6a:
5a:f3:2d:cf:73:10:f4:b8:45:37:da:e8:29:b9:02:
ae:33:64:8d:bd:07:1f:7d:14:dd:50:7c:ba:4e:9f:
de:25:8f:9f:1f:da:c7:e6:ed:de:49:e5:65:f9:e5:
68:e5:61:7b:7a:2e:38:03:7b:87:b5:d0:43:2d:bc:
18:07:cc:4c:c2:f7:57:99:c3:4b:e6:38:f2:2f:b3:
2c:43:7d:48:d6:35:1a:70:e4:f8:ed:2e:39:8b:ef:
a3:7b:14:c9:54:97:29:79:14:77:ea:34:53:af:3c:
52:b5:97:bb:9b:9e:7d:63:0e:96:5e:52:7f:4c:e6:
44:0c:3d:7f:f6:cc:c2:c0:7e:45:f9:79:53:4a:de:
ed:81:b9:ce:d3:99:30:1b:36:64:fc:0b:d0:36:06:
af:a8:b4:04:2d:15:6c:68:8c:9c:c7:24:e7:c2:db:
df:0f:33:f8:c1:ef:97:d4:7b:6f:2f:1b:1f:91:e9:
b2:4b:c6:73:a4:05:75:ef:7f:21:e5:03:1f:a1:53:
d3:3d:fa:fc:f0:ec:d7:96:9b:db:f4:bf:98:3a:e6:
64:dc:30:aa:cc:15:11:33:46:69:2a:ec:5a:a1:5c:
99:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AF:28:45:58:26:0B:F8:86:92:AA:64:21:4C:4B:D7:62:6C:93:2A
X509v3 Authority Key Identifier:
keyid:AE:8E:D3:3B:70:BE:6C:C2:0C:89:FB:BA:C7:7A:59:CA:3B:4C:09:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ro7TO3C-bMIMifu6x3pZyjtMCTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/TK8oRVgmC_iGkqpkIUxL12Jskyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b71d9f-f1da-400a-b485-04dbc9ac1444/1/ro7TO3C-bMIMifu6x3pZyjtMCTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.213.48.0/21
Signature Algorithm: sha256WithRSAEncryption
71:cf:60:5b:df:a6:e4:a0:78:60:64:4d:84:92:f4:2f:40:4a:
03:46:c5:41:62:72:ac:81:3f:fc:16:20:9c:d5:39:4c:70:60:
55:7a:89:76:2d:fd:ff:2c:be:f5:bc:5a:40:22:ed:ac:fb:c4:
e2:fb:27:81:e8:30:73:65:59:37:8c:d9:08:2c:8e:b6:2f:a7:
01:fa:32:2c:c7:5b:48:d3:e5:02:4b:3e:c9:90:e5:65:9c:08:
ff:80:16:0d:b8:95:96:2d:0b:62:a5:1b:18:31:31:ad:49:dc:
b5:57:67:eb:be:01:c4:97:80:cb:a8:ee:96:2d:10:c2:ce:26:
ae:14:e6:34:a8:4b:f7:47:da:77:75:ea:15:c7:b0:05:50:a2:
73:87:76:87:4d:16:4b:77:78:b9:68:5f:20:c7:2e:26:85:ad:
eb:be:3f:ff:fa:b2:29:5e:ec:da:e6:2e:28:f0:e9:87:25:0a:
47:3e:6b:ec:b4:3e:b6:de:08:a6:09:84:2a:31:27:58:15:3a:
b9:15:7b:ae:74:cf:b8:ea:37:1b:41:66:4b:4a:06:e8:17:51:
a4:96:46:27:fd:d8:6d:76:c7:9d:44:ed:06:6a:8b:a7:03:49:
ad:42:8f:38:89:63:a9:ac:4f:84:f8:24:46:3d:a3:41:17:7d:
cb:6b:f5:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkROicZfn6StvWzkKdKYOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlOGVkMzNiNzBiZTZjYzIwYzg5ZmJiYWM3N2E1OWNhM2I0
YzA5MzQwHhcNMjUwMTAxMjM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FmMjg0NTU4MjYwYmY4ODY5MmFhNjQyMTRjNGJkNzYyNmM5MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVEkT9ri9WNlgS0c75Q51LhOZC6z
yJU3mv2NXGpa8y3PcxD0uEU32ugpuQKuM2SNvQcffRTdUHy6Tp/eJY+fH9rH5u3e
SeVl+eVo5WF7ei44A3uHtdBDLbwYB8xMwvdXmcNL5jjyL7MsQ31I1jUacOT47S45
i++jexTJVJcpeRR36jRTrzxStZe7m559Yw6WXlJ/TOZEDD1/9szCwH5F+XlTSt7t
gbnO05kwGzZk/AvQNgavqLQELRVsaIycxyTnwtvfDzP4we+X1HtvLxsfkemyS8Zz
pAV1738h5QMfoVPTPfr88OzXlpvb9L+YOuZk3DCqzBURM0ZpKuxaoVyZPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyvKEVYJgv4hpKqZCFMS9dibJMqMB8GA1UdIwQY
MBaAFK6O0ztwvmzCDIn7usd6Wco7TAk0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm83VE8zQy1iTUlNaWZ1NngzcFp5anRNQ1RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iNzFkOWYtZjFkYS00MDBhLWI0ODUt
MDRkYmM5YWMxNDQ0LzEvVEs4b1JWZ21DX2lHa3Fwa0lVeEwxMkpza3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9iNzFkOWYtZjFkYS00MDBhLWI0ODUtMDRkYmM5YWMxNDQ0
LzEvcm83VE8zQy1iTUlNaWZ1NngzcFp5anRNQ1RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstUwMA0G
CSqGSIb3DQEBCwUAA4IBAQBxz2Bb36bkoHhgZE2EkvQvQEoDRsVBYnKsgT/8FiCc
1TlMcGBVeol2Lf3/LL71vFpAIu2s+8Ti+yeB6DBzZVk3jNkILI62L6cB+jIsx1tI
0+UCSz7JkOVlnAj/gBYNuJWWLQtipRsYMTGtSdy1V2frvgHEl4DLqO6WLRDCziau
FOY0qEv3R9p3deoVx7AFUKJzh3aHTRZLd3i5aF8gxy4mha3rvj//+rIpXuza5i4o
8OmHJQpHPmvstD623gimCYQqMSdYFTq5FXuudM+46jcbQWZLSgboF1GklkYn/dht
dsedRO0GaounA0mtQo84iWOprE+E+CRGPaNBF33La/XX
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:52:30 2025 by rpki-client