Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/eBlI5fYlwU-hqPNae0UC9cusTO4.roa
File: eBlI5fYlwU-hqPNae0UC9cusTO4.roa (raw, json)
Hash identifier: 3AE3XHL3YDzuuqRVxicnDD9A9BkMYu4bqpc83LOUodY=
Subject key identifier: 78:19:48:E5:F6:25:C1:4F:A1:A8:F3:5A:7B:45:02:F5:CB:AC:4C:EE
Certificate issuer: /CN=71d83fd8dabfe14b174cccd35b35b80713334ba5
Certificate serial: 0194A78210DA0A70FEFFB1B41AAB1065F05F
Authority key identifier: 71:D8:3F:D8:DA:BF:E1:4B:17:4C:CC:D3:5B:35:B8:07:13:33:4B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdg_2Nq_4UsXTMzTWzW4BxMzS6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/eBlI5fYlwU-hqPNae0UC9cusTO4.roa
Signing time: Mon 27 Jan 2025 11:25:06 +0000
ROA not before: Mon 27 Jan 2025 11:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213556
IP address blocks: 78.41.59.0/24 maxlen: 24
2a14:4580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:82:10:da:0a:70:fe:ff:b1:b4:1a:ab:10:65:f0:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d83fd8dabfe14b174cccd35b35b80713334ba5
Validity
Not Before: Jan 27 11:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=781948e5f625c14fa1a8f35a7b4502f5cbac4cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cf:ef:9a:13:e4:6e:eb:16:40:e8:3a:8b:21:
d2:1b:f3:ad:b0:bb:65:ff:02:d8:71:d5:08:30:7c:
60:c2:0d:91:27:b6:19:2b:d3:28:36:f8:71:ac:a8:
a6:ef:76:d3:d9:64:36:8b:a8:16:98:7f:86:bc:6a:
a8:50:6b:76:c0:b7:05:4d:64:b4:3f:75:fd:38:40:
26:98:ff:be:fa:9e:5a:7c:a7:24:16:03:fd:95:e1:
f4:01:bb:6a:78:b6:69:29:2b:53:a1:63:e3:5f:df:
88:64:7e:bb:df:88:45:f1:bd:03:7e:9b:1d:a7:db:
a4:99:18:71:14:56:0b:40:9b:3c:62:36:06:0d:97:
84:48:96:04:eb:aa:12:c4:e3:a8:b2:e6:2f:8c:e8:
67:29:cd:98:50:64:d8:ce:51:7f:97:b4:1b:06:2f:
1e:b8:10:97:a1:ea:11:ca:b0:3f:46:3d:fa:8e:9f:
b9:7f:82:3f:fc:c7:a7:65:57:d1:26:e0:d6:8d:33:
96:0d:88:a1:20:39:40:f1:e3:5c:d7:02:dc:6b:ac:
ea:4f:ba:b7:fa:0b:89:a6:6e:7a:b6:56:67:49:3c:
94:68:ed:fb:64:6f:17:83:9b:bd:12:46:63:2e:f6:
c3:c5:11:12:3b:ca:2c:20:83:7b:af:49:87:88:3b:
c3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:19:48:E5:F6:25:C1:4F:A1:A8:F3:5A:7B:45:02:F5:CB:AC:4C:EE
X509v3 Authority Key Identifier:
keyid:71:D8:3F:D8:DA:BF:E1:4B:17:4C:CC:D3:5B:35:B8:07:13:33:4B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdg_2Nq_4UsXTMzTWzW4BxMzS6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/eBlI5fYlwU-hqPNae0UC9cusTO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6d7ecf-4b62-4367-9b50-064d7adf4be3/1/cdg_2Nq_4UsXTMzTWzW4BxMzS6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.59.0/24
IPv6:
2a14:4580::/29
Signature Algorithm: sha256WithRSAEncryption
92:29:0e:14:0d:c2:8c:f4:eb:40:42:f1:ba:50:f1:9a:53:c2:
ed:7a:28:b1:0c:4d:3d:dd:43:ff:fa:b8:b6:82:d3:23:31:4e:
9c:c6:18:5a:57:96:03:c1:4d:2d:92:3b:08:ac:60:eb:db:2b:
3a:e8:7a:50:c7:77:f3:ee:e1:2c:c6:22:09:32:34:ab:18:e7:
db:f2:d4:aa:d7:13:6b:b1:ee:f0:a6:d7:69:fd:77:f5:53:97:
91:56:83:f7:6f:65:ad:1c:7b:78:e4:ea:3e:79:69:ab:b9:5e:
08:56:6c:75:51:c0:44:ac:83:c8:95:bd:20:a2:ad:87:18:62:
23:16:a3:d3:c9:36:34:7d:3a:19:b1:fb:2d:ce:d7:57:9d:0f:
f9:84:a7:85:2f:c3:1c:26:b8:03:e4:2e:6a:c1:79:a9:f7:19:
c2:f6:a2:0f:44:d6:92:78:24:0f:d1:a0:85:9a:6d:03:06:12:
f3:57:99:46:0e:ad:16:10:c5:79:57:b6:ab:19:c0:fc:76:49:
c5:8b:9e:8b:53:fa:a6:55:c7:2a:a4:11:1a:91:eb:c2:09:22:
95:ff:7d:6c:f1:ad:51:9e:a5:18:6a:48:c9:7a:d8:32:c0:18:
a8:10:05:57:84:04:4a:01:df:7a:52:d8:d7:84:78:3d:cf:45:
32:51:eb:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSnghDaCnD+/7G0GqsQZfBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZDgzZmQ4ZGFiZmUxNGIxNzRjY2NkMzViMzViODA3MTMz
MzRiYTUwHhcNMjUwMTI3MTEyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODE5NDhlNWY2MjVjMTRmYTFhOGYzNWE3YjQ1MDJmNWNiYWM0Y2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAos/vmhPkbusWQOg6iyHSG/OtsLtl
/wLYcdUIMHxgwg2RJ7YZK9MoNvhxrKim73bT2WQ2i6gWmH+GvGqoUGt2wLcFTWS0
P3X9OEAmmP+++p5afKckFgP9leH0AbtqeLZpKStToWPjX9+IZH6734hF8b0Dfpsd
p9ukmRhxFFYLQJs8YjYGDZeESJYE66oSxOOosuYvjOhnKc2YUGTYzlF/l7QbBi8e
uBCXoeoRyrA/Rj36jp+5f4I//MenZVfRJuDWjTOWDYihIDlA8eNc1wLca6zqT7q3
+guJpm56tlZnSTyUaO37ZG8Xg5u9EkZjLvbDxRESO8osIIN7r0mHiDvDRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHgZSOX2JcFPoajzWntFAvXLrEzuMB8GA1UdIwQY
MBaAFHHYP9jav+FLF0zM01s1uAcTM0ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2RnXzJOcV80VXNYVE16VFd6VzRCeE16UzZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82ZDdlY2YtNGI2Mi00MzY3LTliNTAt
MDY0ZDdhZGY0YmUzLzEvZUJsSTVmWWx3VS1ocVBOYWUwVUM5Y3VzVE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82ZDdlY2YtNGI2Mi00MzY3LTliNTAtMDY0ZDdhZGY0YmUz
LzEvY2RnXzJOcV80VXNYVE16VFd6VzRCeE16UzZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQATik7MA0E
AgACMAcDBQMqFEWAMA0GCSqGSIb3DQEBCwUAA4IBAQCSKQ4UDcKM9OtAQvG6UPGa
U8LteiixDE093UP/+ri2gtMjMU6cxhhaV5YDwU0tkjsIrGDr2ys66HpQx3fz7uEs
xiIJMjSrGOfb8tSq1xNrse7wptdp/Xf1U5eRVoP3b2WtHHt45Oo+eWmruV4IVmx1
UcBErIPIlb0goq2HGGIjFqPTyTY0fToZsfstztdXnQ/5hKeFL8McJrgD5C5qwXmp
9xnC9qIPRNaSeCQP0aCFmm0DBhLzV5lGDq0WEMV5V7arGcD8dknFi56LU/qmVccq
pBEakevCCSKV/31s8a1RnqUYakjJetgywBioEAVXhARKAd96UtjXhHg9z0UyUevN
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:01:45 2025 by rpki-client