Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f30d2b-2abd-4872-b17e-fbdf94a11e6f/1/0amjr-ykBDXEbQi_cMXvoQKh8bk.roa
File: 0amjr-ykBDXEbQi_cMXvoQKh8bk.roa (raw, json)
Hash identifier: pJpLLUDDlGjGkAROaE4HmHEdylVREbndXEfDAHQqlPs=
Subject key identifier: D1:A9:A3:AF:EC:A4:04:35:C4:6D:08:BF:70:C5:EF:A1:02:A1:F1:B9
Certificate issuer: /CN=73df91fb3c68ceb8650ee19a63ce40b3c592a56b
Certificate serial: 01941F8C684310411F2C3F2BD1AD7E643729
Authority key identifier: 73:DF:91:FB:3C:68:CE:B8:65:0E:E1:9A:63:CE:40:B3:C5:92:A5:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c9-R-zxozrhlDuGaY85As8WSpWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f30d2b-2abd-4872-b17e-fbdf94a11e6f/1/0amjr-ykBDXEbQi_cMXvoQKh8bk.roa
Signing time: Wed 01 Jan 2025 01:48:02 +0000
ROA not before: Wed 01 Jan 2025 01:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50655
IP address blocks: 178.20.168.0/21 maxlen: 21
178.20.174.0/24 maxlen: 24
2a00:1d38::/32 maxlen: 32
2a00:1d38:fa::/48 maxlen: 48
2a00:1d38:feed::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:68:43:10:41:1f:2c:3f:2b:d1:ad:7e:64:37:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73df91fb3c68ceb8650ee19a63ce40b3c592a56b
Validity
Not Before: Jan 1 01:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1a9a3afeca40435c46d08bf70c5efa102a1f1b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:89:5d:cc:f7:60:f4:88:b9:1a:c9:08:3a:08:
f5:65:01:de:59:e8:4c:69:dd:d2:cb:ca:6c:2c:5a:
c0:c5:f3:8d:43:bf:e9:77:18:dc:8f:9b:37:24:9b:
4e:d8:10:31:8a:43:f8:64:a0:ba:12:67:78:6d:90:
81:9d:94:9a:34:8e:e9:02:4c:94:73:a4:9c:8a:40:
e7:a6:44:74:1e:8b:de:1c:af:6c:8d:83:8b:d4:a3:
f0:50:6a:30:f2:78:72:20:0b:62:57:37:77:0f:ec:
9e:ec:0f:4b:5e:19:17:e3:c6:54:9d:de:4d:53:6f:
c6:da:5a:15:96:bf:41:2b:ad:c3:16:62:78:a5:28:
14:61:1f:ca:24:f3:2f:ca:d2:3c:b1:96:78:2d:57:
1e:83:f7:52:de:25:7b:7b:57:fb:22:b8:df:0a:7d:
bb:b2:95:36:28:95:32:bd:cf:e5:da:9b:1e:48:99:
47:ad:fe:90:b3:6a:c4:ed:ca:44:56:61:12:48:af:
09:6e:e6:b8:a1:56:7c:b1:89:2b:58:e0:45:13:01:
62:f1:c6:a8:e6:ef:1b:db:a7:af:93:fa:4e:f2:05:
cf:5a:a4:65:49:80:c2:0d:bb:dd:ba:8b:9f:df:2b:
4d:95:9b:ba:b4:68:be:16:1f:5f:70:9b:6e:51:d9:
de:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A9:A3:AF:EC:A4:04:35:C4:6D:08:BF:70:C5:EF:A1:02:A1:F1:B9
X509v3 Authority Key Identifier:
keyid:73:DF:91:FB:3C:68:CE:B8:65:0E:E1:9A:63:CE:40:B3:C5:92:A5:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9-R-zxozrhlDuGaY85As8WSpWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f30d2b-2abd-4872-b17e-fbdf94a11e6f/1/0amjr-ykBDXEbQi_cMXvoQKh8bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f30d2b-2abd-4872-b17e-fbdf94a11e6f/1/c9-R-zxozrhlDuGaY85As8WSpWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.20.168.0/21
IPv6:
2a00:1d38::/32
Signature Algorithm: sha256WithRSAEncryption
1f:7c:1c:9a:0a:e6:fc:47:05:41:58:91:27:30:90:c5:61:8a:
f1:65:e2:90:fc:fe:0d:88:06:87:51:8f:5c:86:a2:44:2f:6a:
cd:c9:70:d0:69:b3:a3:54:b1:cd:aa:6d:02:9a:5f:6f:3b:54:
43:24:e7:cb:ad:c2:2e:b0:db:2e:c4:23:e7:cb:47:c2:81:a8:
d3:fc:8a:55:e9:e3:16:80:4e:3b:15:3d:4e:93:50:97:10:ff:
7c:10:f6:cb:19:d3:3c:06:7d:ab:d4:1a:19:1b:d1:8a:ae:47:
f2:a8:8b:bc:8d:0b:c9:b4:b1:a2:62:6e:9d:55:33:a5:86:56:
fb:95:40:4b:c4:69:0c:ef:31:d8:9a:80:2c:d1:88:07:36:a2:
e9:73:f6:de:64:ab:c6:f2:e9:c1:ae:f3:fe:14:62:bf:d1:27:
d7:94:66:64:cd:19:b9:8a:0b:be:4b:e3:ab:c9:88:6e:1c:61:
98:a4:2c:5a:17:5b:ba:ba:d0:dc:ed:46:f5:42:73:29:67:bb:
b3:24:26:3e:a9:be:ae:9a:31:11:4a:ee:0e:ae:31:53:15:f1:
4d:e1:a3:19:5c:53:0b:f5:bb:1d:f7:c0:4e:97:69:92:90:2d:
aa:c1:a2:96:33:64:d4:33:c4:c5:62:65:84:55:30:48:5e:38:
e4:68:bc:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjGhDEEEfLD8r0a1+ZDcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZGY5MWZiM2M2OGNlYjg2NTBlZTE5YTYzY2U0MGIzYzU5
MmE1NmIwHhcNMjUwMTAxMDE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWE5YTNhZmVjYTQwNDM1YzQ2ZDA4YmY3MGM1ZWZhMTAyYTFmMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIldzPdg9Ii5GskIOgj1ZQHeWehM
ad3Sy8psLFrAxfONQ7/pdxjcj5s3JJtO2BAxikP4ZKC6Emd4bZCBnZSaNI7pAkyU
c6ScikDnpkR0HoveHK9sjYOL1KPwUGow8nhyIAtiVzd3D+ye7A9LXhkX48ZUnd5N
U2/G2loVlr9BK63DFmJ4pSgUYR/KJPMvytI8sZZ4LVceg/dS3iV7e1f7IrjfCn27
spU2KJUyvc/l2pseSJlHrf6Qs2rE7cpEVmESSK8Jbua4oVZ8sYkrWOBFEwFi8cao
5u8b26evk/pO8gXPWqRlSYDCDbvduouf3ytNlZu6tGi+Fh9fcJtuUdneHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNGpo6/spAQ1xG0Iv3DF76ECofG5MB8GA1UdIwQY
MBaAFHPfkfs8aM64ZQ7hmmPOQLPFkqVrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzktUi16eG96cmhsRHVHYVk4NUFzOFdTcFdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mMzBkMmItMmFiZC00ODcyLWIxN2Ut
ZmJkZjk0YTExZTZmLzEvMGFtanIteWtCRFhFYlFpX2NNWHZvUUtoOGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mMzBkMmItMmFiZC00ODcyLWIxN2UtZmJkZjk0YTExZTZm
LzEvYzktUi16eG96cmhsRHVHYVk4NUFzOFdTcFdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDshSoMA0E
AgACMAcDBQAqAB04MA0GCSqGSIb3DQEBCwUAA4IBAQAffByaCub8RwVBWJEnMJDF
YYrxZeKQ/P4NiAaHUY9chqJEL2rNyXDQabOjVLHNqm0Cml9vO1RDJOfLrcIusNsu
xCPny0fCgajT/IpV6eMWgE47FT1Ok1CXEP98EPbLGdM8Bn2r1BoZG9GKrkfyqIu8
jQvJtLGiYm6dVTOlhlb7lUBLxGkM7zHYmoAs0YgHNqLpc/beZKvG8unBrvP+FGK/
0SfXlGZkzRm5igu+S+OryYhuHGGYpCxaF1u6utDc7Ub1QnMpZ7uzJCY+qb6umjER
Su4OrjFTFfFN4aMZXFML9bsd98BOl2mSkC2qwaKWM2TUM8TFYmWEVTBIXjjkaLxO
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:41 2025 by rpki-client