Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/l3M8kdRsQU6UzbVkh8uRfrUQKlc.roa
File: l3M8kdRsQU6UzbVkh8uRfrUQKlc.roa (raw, json)
Hash identifier: 2LBeLj4fa3U87DnMsOyci6LHtFuqvsHvDpawoNTEVR4=
Subject key identifier: 97:73:3C:91:D4:6C:41:4E:94:CD:B5:64:87:CB:91:7E:B5:10:2A:57
Certificate issuer: /CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Certificate serial: 019425FCFF78D91DC8929D7F2975657E1EB9
Authority key identifier: 52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/l3M8kdRsQU6UzbVkh8uRfrUQKlc.roa
Signing time: Thu 02 Jan 2025 07:48:44 +0000
ROA not before: Thu 02 Jan 2025 07:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 78.136.252.0/23 maxlen: 24
78.136.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:ff:78:d9:1d:c8:92:9d:7f:29:75:65:7e:1e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529c273098b52768ca0e44a3a2c16efed4a65ca0
Validity
Not Before: Jan 2 07:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97733c91d46c414e94cdb56487cb917eb5102a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9d:85:4e:d4:a1:f7:10:d2:4d:af:65:87:66:
70:61:f7:73:bd:09:64:80:af:1f:e2:8a:95:65:cd:
5e:ed:57:61:10:6a:6c:33:42:f4:bd:af:56:f7:db:
15:22:c4:33:4c:26:af:f4:73:1a:f0:a3:5d:f0:36:
fb:6d:b7:14:db:89:1b:20:89:29:26:f1:70:b5:ba:
6f:b4:a1:5a:d0:04:5f:b3:7a:a2:c6:bf:22:2a:ee:
0b:c6:c9:46:68:4d:d8:31:35:1e:7b:4e:40:ae:6f:
58:ef:b9:43:46:0f:b5:9c:b8:95:1a:08:19:8f:f0:
8a:b8:81:fe:ef:86:0b:84:a1:9a:a3:15:9f:03:59:
63:79:cd:b4:8e:75:43:cb:ce:58:be:0a:48:ab:73:
de:0b:a9:71:56:da:85:e9:b0:1a:c8:e7:a5:cb:2d:
ff:b7:ef:30:6d:b0:ba:ca:8a:45:a4:b8:c0:0c:0f:
fa:7b:42:ab:fe:a6:fb:d8:cd:7c:43:b9:c3:78:f3:
54:61:2f:1f:a3:6b:bd:76:89:37:0a:a6:a5:e4:ea:
6a:b2:1d:ee:45:4e:fb:df:24:0e:81:99:3c:b1:86:
68:13:ef:11:4b:ff:8d:0b:47:51:5b:10:95:30:fd:
ef:18:04:27:62:a3:02:49:5d:3f:e4:3a:d2:91:cd:
0a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:73:3C:91:D4:6C:41:4E:94:CD:B5:64:87:CB:91:7E:B5:10:2A:57
X509v3 Authority Key Identifier:
keyid:52:9C:27:30:98:B5:27:68:CA:0E:44:A3:A2:C1:6E:FE:D4:A6:5C:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpwnMJi1J2jKDkSjosFu_tSmXKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/l3M8kdRsQU6UzbVkh8uRfrUQKlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6d9359-afef-4535-9c93-f33d3bb36484/1/UpwnMJi1J2jKDkSjosFu_tSmXKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.136.252.0-78.136.254.255
Signature Algorithm: sha256WithRSAEncryption
2d:fa:71:44:ec:40:61:9f:26:75:cd:0f:58:a6:22:8f:94:3c:
f6:52:a8:f9:c5:85:d0:69:db:70:74:0a:1a:0a:c9:56:c5:b4:
2b:2b:97:6b:10:2b:45:c1:a0:e0:83:04:b4:fb:6d:2c:45:89:
95:78:ca:c8:78:74:30:51:38:ba:b0:30:3d:86:d3:b4:91:5b:
86:83:63:89:37:34:38:81:d3:b3:f0:70:8d:6d:36:57:69:89:
d5:29:ab:f5:7c:10:9b:aa:89:3c:cd:49:13:f4:46:a8:37:2b:
69:15:52:28:64:e6:9f:ad:ce:1c:c2:dd:89:13:7e:18:45:7b:
50:23:9f:5d:5c:ad:26:48:51:88:5d:0c:ff:ab:71:9b:89:b7:
b4:e2:25:f9:98:7c:a6:75:67:70:60:7c:81:96:3f:f5:a6:bb:
8e:19:91:d6:28:9c:78:6f:95:21:17:42:30:9e:78:86:93:23:
8e:ca:de:92:25:ac:eb:91:84:77:88:4c:52:8f:a5:e7:93:b9:
e0:26:21:e0:f4:33:29:72:e1:0f:c1:c3:62:c3:06:dd:93:d2:
5d:45:57:dc:75:83:b0:13:75:a7:f7:63:af:a8:8c:ed:a3:8c:
2a:ef:80:5f:16:29:a7:a2:9f:3b:d5:d3:81:94:5f:f5:3e:8b:
a5:53:80:89
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQl/P942R3Ikp1/KXVlfh65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOWMyNzMwOThiNTI3NjhjYTBlNDRhM2EyYzE2ZWZlZDRh
NjVjYTAwHhcNMjUwMTAyMDc0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzczM2M5MWQ0NmM0MTRlOTRjZGI1NjQ4N2NiOTE3ZWI1MTAyYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp2FTtSh9xDSTa9lh2ZwYfdzvQlk
gK8f4oqVZc1e7VdhEGpsM0L0va9W99sVIsQzTCav9HMa8KNd8Db7bbcU24kbIIkp
JvFwtbpvtKFa0ARfs3qixr8iKu4LxslGaE3YMTUee05Arm9Y77lDRg+1nLiVGggZ
j/CKuIH+74YLhKGaoxWfA1ljec20jnVDy85YvgpIq3PeC6lxVtqF6bAayOelyy3/
t+8wbbC6yopFpLjADA/6e0Kr/qb72M18Q7nDePNUYS8fo2u9dok3Cqal5Opqsh3u
RU773yQOgZk8sYZoE+8RS/+NC0dRWxCVMP3vGAQnYqMCSV0/5DrSkc0KyQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJdzPJHUbEFOlM21ZIfLkX61ECpXMB8GA1UdIwQY
MBaAFFKcJzCYtSdoyg5Eo6LBbv7UplygMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMt
ZjMzZDNiYjM2NDg0LzEvbDNNOGtkUnNRVTZVemJWa2g4dVJmclVRS2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82ZDkzNTktYWZlZi00NTM1LTljOTMtZjMzZDNiYjM2NDg0
LzEvVXB3bk1KaTFKMmpLRGtTam9zRnVfdFNtWEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJOiPwD
BABOiP4wDQYJKoZIhvcNAQELBQADggEBAC36cUTsQGGfJnXND1imIo+UPPZSqPnF
hdBp23B0ChoKyVbFtCsrl2sQK0XBoOCDBLT7bSxFiZV4ysh4dDBROLqwMD2G07SR
W4aDY4k3NDiB07PwcI1tNldpidUpq/V8EJuqiTzNSRP0Rqg3K2kVUihk5p+tzhzC
3YkTfhhFe1Ajn11crSZIUYhdDP+rcZuJt7TiJfmYfKZ1Z3BgfIGWP/Wmu44ZkdYo
nHhvlSEXQjCeeIaTI47K3pIlrOuRhHeITFKPpeeTueAmIeD0Myly4Q/Bw2LDBt2T
0l1FV9x1g7ATdaf3Y6+ojO2jjCrvgF8WKaeinzvV04GUX/U+i6VTgIk=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:59:02 2025 by rpki-client