Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/499vYtwuw8upiAA2ubHtry-MPMw.roa
File: 499vYtwuw8upiAA2ubHtry-MPMw.roa (raw, json)
Hash identifier: Z3mdQWlNWDCy7MpQvjVwxOFHXRgVUsKCd9CYyZydkdQ=
Subject key identifier: E3:DF:6F:62:DC:2E:C3:CB:A9:88:00:36:B9:B1:ED:AF:2F:8C:3C:CC
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 019423D6A87EA4DE018CAA09433DBA80D010
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/499vYtwuw8upiAA2ubHtry-MPMw.roa
Signing time: Wed 01 Jan 2025 21:47:37 +0000
ROA not before: Wed 01 Jan 2025 21:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12395
IP address blocks: 178.249.167.0/24 maxlen: 24
2a01:728:108::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:a8:7e:a4:de:01:8c:aa:09:43:3d:ba:80:d0:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Jan 1 21:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3df6f62dc2ec3cba9880036b9b1edaf2f8c3ccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2c:25:a1:c0:60:2d:7b:8a:ca:c3:fd:2e:36:
bf:b7:48:bd:f9:5d:73:d7:a3:ca:a3:ec:0a:f0:01:
28:a6:1b:f7:e1:1f:f5:56:b3:b9:63:fd:97:ba:7e:
69:a7:d7:60:30:e7:31:ea:e2:16:a9:8a:15:08:a1:
5f:d7:44:a0:4b:0e:84:a9:91:2b:28:8b:45:91:7d:
e0:4a:14:13:d4:a2:4d:80:ff:8b:17:3a:55:32:5d:
42:0e:14:32:e4:56:5f:8f:e5:81:a9:2b:be:f3:ac:
71:c6:a9:96:c7:4a:28:e3:6f:57:54:25:3c:9a:4b:
97:af:5c:18:a3:d4:35:58:52:96:6b:ca:be:8e:8e:
9d:62:9b:30:fb:69:95:f6:e0:3e:95:48:73:c3:2b:
9b:8b:33:92:17:a4:24:24:1d:5c:d8:da:0c:a2:55:
0f:d3:6d:8b:11:63:df:71:ea:92:0d:17:57:7d:83:
da:72:9c:3c:59:43:3d:13:b1:42:07:b2:b9:d0:f7:
24:63:fe:52:ab:02:1a:43:7f:74:85:58:40:81:9c:
3c:d4:07:65:e7:b6:65:d7:08:f2:10:21:b1:0c:10:
a4:c5:b4:9d:d6:ba:ea:93:5a:0a:0f:c9:88:ab:62:
d9:06:fb:56:11:35:3f:7d:1f:aa:ec:a4:95:68:21:
ce:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DF:6F:62:DC:2E:C3:CB:A9:88:00:36:B9:B1:ED:AF:2F:8C:3C:CC
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/499vYtwuw8upiAA2ubHtry-MPMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.249.167.0/24
IPv6:
2a01:728:108::/48
Signature Algorithm: sha256WithRSAEncryption
6e:79:94:b2:24:a5:3a:8f:c7:19:6b:0e:0e:a3:fc:ff:43:26:
68:1c:c4:df:38:64:fb:b8:0b:31:24:7f:fa:7a:4f:05:23:b7:
50:db:8c:32:00:1c:6d:02:1d:a0:7e:71:ab:54:7a:d8:a6:db:
36:a1:0d:95:b4:4e:e3:82:eb:fc:07:8c:9e:72:99:1a:a7:17:
e9:da:65:2f:85:fd:a7:05:1a:54:7b:0b:34:fa:18:97:90:72:
be:c1:c6:41:5d:90:b1:11:7f:76:20:90:d8:0c:ec:50:6b:67:
ec:03:9f:b1:97:f6:a1:0f:9b:f7:a1:22:95:9c:94:3a:4a:7f:
b3:e9:90:76:a4:1b:d4:9d:eb:63:8d:60:0b:82:7f:4a:1e:f4:
c9:0c:10:3c:63:8d:0e:67:fa:6b:04:9a:60:84:48:ef:05:01:
08:5e:80:ee:81:7b:2b:95:42:47:53:51:67:48:13:4c:1b:db:
c6:c5:52:20:78:d2:7f:d2:d3:bd:0e:75:2f:e9:47:63:13:87:
c2:41:26:b4:bb:c9:05:7b:25:e9:c1:32:31:00:dd:79:86:8e:
01:04:74:93:06:22:ea:30:b7:a8:bf:c2:07:9c:9c:1e:da:a6:
c6:97:ed:17:b3:51:d1:2e:db:41:ff:a5:fc:a9:1c:44:2d:8c:
b0:d6:8a:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQj1qh+pN4BjKoJQz26gNAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjUwMTAxMjE0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2RmNmY2MmRjMmVjM2NiYTk4ODAwMzZiOWIxZWRhZjJmOGMzY2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviwlocBgLXuKysP9Lja/t0i9+V1z
16PKo+wK8AEophv34R/1VrO5Y/2Xun5pp9dgMOcx6uIWqYoVCKFf10SgSw6EqZEr
KItFkX3gShQT1KJNgP+LFzpVMl1CDhQy5FZfj+WBqSu+86xxxqmWx0oo429XVCU8
mkuXr1wYo9Q1WFKWa8q+jo6dYpsw+2mV9uA+lUhzwyubizOSF6QkJB1c2NoMolUP
022LEWPfceqSDRdXfYPacpw8WUM9E7FCB7K50PckY/5SqwIaQ390hVhAgZw81Adl
57Zl1wjyECGxDBCkxbSd1rrqk1oKD8mIq2LZBvtWETU/fR+q7KSVaCHOewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOPfb2LcLsPLqYgANrmx7a8vjDzMMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvNDk5dll0d3V3OHVwaUFBMnViSHRyeS1NUE13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAsvmnMA8E
AgACMAkDBwAqAQcoAQgwDQYJKoZIhvcNAQELBQADggEBAG55lLIkpTqPxxlrDg6j
/P9DJmgcxN84ZPu4CzEkf/p6TwUjt1DbjDIAHG0CHaB+catUetim2zahDZW0TuOC
6/wHjJ5ymRqnF+naZS+F/acFGlR7CzT6GJeQcr7BxkFdkLERf3YgkNgM7FBrZ+wD
n7GX9qEPm/ehIpWclDpKf7PpkHakG9Sd62ONYAuCf0oe9MkMEDxjjQ5n+msEmmCE
SO8FAQhegO6BeyuVQkdTUWdIE0wb28bFUiB40n/S070OdS/pR2MTh8JBJrS7yQV7
JenBMjEA3XmGjgEEdJMGIuowt6i/wgecnB7apsaX7RezUdEu20H/pfypHEQtjLDW
iiQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:54:03 2025 by rpki-client