Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/tICvfkE-wd7ljGY6sghDtS75C50.roa
File: tICvfkE-wd7ljGY6sghDtS75C50.roa (raw, json)
Hash identifier: EofEa7cxTHv8xJhHBChQPwYV0i7JZnqjIowIrpKVJDg=
Subject key identifier: B4:80:AF:7E:41:3E:C1:DE:E5:8C:66:3A:B2:08:43:B5:2E:F9:0B:9D
Certificate issuer: /CN=0a4bd1d30f7235cd71739c042310dc26080738f6
Certificate serial: 0194221F7F9CD05451276F53927939C2539A
Authority key identifier: 0A:4B:D1:D3:0F:72:35:CD:71:73:9C:04:23:10:DC:26:08:07:38:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkvR0w9yNc1xc5wEIxDcJggHOPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/tICvfkE-wd7ljGY6sghDtS75C50.roa
Signing time: Wed 01 Jan 2025 13:47:57 +0000
ROA not before: Wed 01 Jan 2025 13:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51269
IP address blocks: 178.255.96.0/21 maxlen: 24
185.103.140.0/22 maxlen: 24
2a03:b700::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7f:9c:d0:54:51:27:6f:53:92:79:39:c2:53:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a4bd1d30f7235cd71739c042310dc26080738f6
Validity
Not Before: Jan 1 13:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b480af7e413ec1dee58c663ab20843b52ef90b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:83:bc:cb:9e:b5:8d:48:c9:85:dc:55:2a:52:
4d:37:d5:9b:74:4c:59:c7:aa:f3:c0:92:b6:a9:1a:
20:13:0b:c2:17:fa:d5:79:c5:88:0b:f0:4d:fe:18:
3a:f5:bf:ac:3e:db:4a:e4:c8:f9:be:7f:e3:32:ce:
11:2d:72:26:8e:48:30:c6:e8:4e:11:a2:6a:2b:82:
06:62:d8:5c:3c:c3:a6:e1:c9:4c:a4:a2:ac:6e:e9:
73:4a:fd:fe:ab:1c:b5:39:1c:bf:f0:af:c4:24:86:
6f:c8:22:a4:c2:03:9b:ec:33:2e:68:0e:48:9b:be:
40:2a:d0:53:c2:48:ae:95:a9:7d:28:f2:a6:39:11:
dc:d5:ee:65:43:c0:b8:9e:e2:12:ff:82:5f:b0:79:
77:ac:7a:cc:4f:ea:54:79:1d:50:e5:34:1f:33:87:
70:e0:08:2c:ac:91:d9:1b:f8:f8:0c:a3:42:98:f6:
63:7a:51:7f:37:8c:8a:53:5b:b2:b9:dc:40:c2:8f:
cb:67:54:ae:62:97:23:87:f5:0e:e2:e3:cc:60:c5:
79:6b:ac:4b:b4:e0:b0:15:77:4b:77:98:3e:c7:2c:
38:9f:7f:0a:4c:06:d3:43:24:84:db:e1:67:53:2e:
b2:a0:06:57:b6:f9:a0:4b:b8:87:09:9a:f0:45:ff:
f0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:80:AF:7E:41:3E:C1:DE:E5:8C:66:3A:B2:08:43:B5:2E:F9:0B:9D
X509v3 Authority Key Identifier:
keyid:0A:4B:D1:D3:0F:72:35:CD:71:73:9C:04:23:10:DC:26:08:07:38:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkvR0w9yNc1xc5wEIxDcJggHOPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/tICvfkE-wd7ljGY6sghDtS75C50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/CkvR0w9yNc1xc5wEIxDcJggHOPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.96.0/21
185.103.140.0/22
IPv6:
2a03:b700::/29
Signature Algorithm: sha256WithRSAEncryption
4e:3e:fb:0e:b5:13:0d:3d:58:13:bd:39:6d:d0:ec:f0:2c:4a:
a9:3f:1c:b9:9f:67:d1:91:1b:a3:b2:e9:dd:e7:7f:a2:bb:6d:
78:25:0e:44:4a:33:c7:60:a4:e3:c5:80:78:87:9d:0e:30:31:
e2:1d:4f:89:8b:70:e5:d4:a9:82:06:9f:d8:dc:c2:19:f9:58:
62:0d:17:c6:64:32:1e:23:41:c0:4a:ec:93:75:b4:2b:70:df:
c6:09:ee:57:08:38:1a:00:c7:42:b1:8b:a5:e4:b3:55:1b:85:
f9:81:a0:f3:ae:d0:41:3e:45:29:a3:4a:28:3b:1b:70:63:86:
93:25:fa:5f:ed:d8:69:e1:1a:4d:f8:2a:1e:55:da:ef:53:e5:
67:72:3f:34:7f:0d:32:98:d5:de:c6:94:92:ab:43:cb:28:b0:
fd:a8:3d:a6:5d:3b:22:91:f0:8f:07:ae:c6:98:42:76:cc:40:
9b:b9:b0:67:6e:c5:21:ef:e9:ee:53:68:3d:ec:07:86:4c:17:
40:dd:51:ac:76:64:e4:be:20:57:b7:e6:9a:e2:97:da:18:e2:
d8:b5:f6:5f:2a:35:df:d0:18:41:a1:57:76:be:34:07:9f:97:
81:26:58:24:83:18:b4:70:81:63:b9:98:bd:62:42:04:33:f2:
76:8d:83:16
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQiH3+c0FRRJ29Tknk5wlOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNGJkMWQzMGY3MjM1Y2Q3MTczOWMwNDIzMTBkYzI2MDgw
NzM4ZjYwHhcNMjUwMTAxMTM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDgwYWY3ZTQxM2VjMWRlZTU4YzY2M2FiMjA4NDNiNTJlZjkwYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYO8y561jUjJhdxVKlJNN9WbdExZ
x6rzwJK2qRogEwvCF/rVecWIC/BN/hg69b+sPttK5Mj5vn/jMs4RLXImjkgwxuhO
EaJqK4IGYthcPMOm4clMpKKsbulzSv3+qxy1ORy/8K/EJIZvyCKkwgOb7DMuaA5I
m75AKtBTwkiulal9KPKmORHc1e5lQ8C4nuIS/4JfsHl3rHrMT+pUeR1Q5TQfM4dw
4AgsrJHZG/j4DKNCmPZjelF/N4yKU1uyudxAwo/LZ1SuYpcjh/UO4uPMYMV5a6xL
tOCwFXdLd5g+xyw4n38KTAbTQySE2+FnUy6yoAZXtvmgS7iHCZrwRf/wfwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLSAr35BPsHe5YxmOrIIQ7Uu+QudMB8GA1UdIwQY
MBaAFApL0dMPcjXNcXOcBCMQ3CYIBzj2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2t2UjB3OXlOYzF4YzV3RUl4RGNKZ2dIT1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi84ZDUwOWYtZmI2NC00MjNkLWIyNjEt
Mzg4NDQzZDVmMDBmLzEvdElDdmZrRS13ZDdsakdZNnNnaER0Uzc1QzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi84ZDUwOWYtZmI2NC00MjNkLWIyNjEtMzg4NDQzZDVmMDBm
LzEvQ2t2UjB3OXlOYzF4YzV3RUl4RGNKZ2dIT1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsv9gAwQC
uWeMMA0EAgACMAcDBQMqA7cAMA0GCSqGSIb3DQEBCwUAA4IBAQBOPvsOtRMNPVgT
vTlt0OzwLEqpPxy5n2fRkRujsund53+iu214JQ5ESjPHYKTjxYB4h50OMDHiHU+J
i3Dl1KmCBp/Y3MIZ+VhiDRfGZDIeI0HASuyTdbQrcN/GCe5XCDgaAMdCsYul5LNV
G4X5gaDzrtBBPkUpo0ooOxtwY4aTJfpf7dhp4RpN+CoeVdrvU+Vncj80fw0ymNXe
xpSSq0PLKLD9qD2mXTsikfCPB67GmEJ2zECbubBnbsUh7+nuU2g97AeGTBdA3VGs
dmTkviBXt+aa4pfaGOLYtfZfKjXf0BhBoVd2vjQHn5eBJlgkgxi0cIFjuZi9YkIE
M/J2jYMW
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:21:20 2025 by rpki-client