Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/cIaNp2bTtQ5M6jCssmyGRmD8_eg.roa
File: cIaNp2bTtQ5M6jCssmyGRmD8_eg.roa (raw, json)
Hash identifier: DakUxNySLzPYiUEmVKH8Wuu4g1X+hz1O/JIQ3JCKnTY=
Subject key identifier: 70:86:8D:A7:66:D3:B5:0E:4C:EA:30:AC:B2:6C:86:46:60:FC:FD:E8
Certificate issuer: /CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Certificate serial: 01942521B681868ABFBD5255147126F1D503
Authority key identifier: 42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/cIaNp2bTtQ5M6jCssmyGRmD8_eg.roa
Signing time: Thu 02 Jan 2025 03:49:13 +0000
ROA not before: Thu 02 Jan 2025 03:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201550
IP address blocks: 178.253.96.0/23 maxlen: 23
194.135.106.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:b6:81:86:8a:bf:bd:52:55:14:71:26:f1:d5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Validity
Not Before: Jan 2 03:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70868da766d3b50e4cea30acb26c864660fcfde8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5f:8d:05:ae:fd:2a:c1:ac:90:ae:39:30:a8:
7b:ea:0f:b9:11:28:a7:93:87:4d:ae:cf:61:09:0e:
35:7c:fe:be:d4:22:da:b0:9e:59:fe:73:a9:0f:8e:
26:70:69:52:69:1e:48:79:56:3a:86:6c:2e:06:7f:
4d:6b:e6:75:20:1a:24:d1:c6:6d:2a:0b:79:c2:01:
4b:5f:5d:2b:94:83:84:0a:01:a8:b4:3d:80:db:3a:
c7:95:a4:9e:e3:30:63:b4:29:78:a5:dc:8b:e5:94:
9d:9d:f1:29:64:46:e9:d1:fe:57:46:6b:53:f1:39:
35:ab:26:78:35:13:cc:34:d2:70:26:f2:b9:88:cc:
12:6d:6d:5f:d9:2f:77:e7:10:0f:d4:46:da:25:db:
aa:6b:e0:6b:ce:68:a7:a2:50:bf:69:12:ac:d4:7b:
51:53:40:a3:2b:7f:f6:7e:81:4a:9d:6d:cf:23:74:
e2:67:fe:41:17:35:41:5c:dc:ab:5a:25:f6:dd:b0:
89:e0:8c:39:c4:32:06:76:d2:6c:5f:a6:63:20:de:
a5:1e:a2:04:64:c0:a3:4c:bc:63:14:1b:f5:71:01:
0e:e2:45:cd:61:92:b4:e5:97:53:4e:2c:8a:9e:0c:
92:ff:f1:07:2f:a6:ed:6a:1a:39:1d:12:e2:71:d2:
59:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:86:8D:A7:66:D3:B5:0E:4C:EA:30:AC:B2:6C:86:46:60:FC:FD:E8
X509v3 Authority Key Identifier:
keyid:42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/cIaNp2bTtQ5M6jCssmyGRmD8_eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.96.0/23
194.135.106.0/23
Signature Algorithm: sha256WithRSAEncryption
92:86:f5:bc:f9:75:9a:68:27:0f:5c:f9:3f:ee:fa:e6:fc:5b:
fa:55:85:eb:54:95:a6:f4:e3:66:70:a0:24:f1:c3:bd:8c:b7:
f6:06:70:e8:be:0e:5f:54:05:16:0f:cd:e6:7c:99:09:aa:d4:
af:d0:d5:23:ad:2d:5e:2a:cb:28:45:34:e8:2c:50:b7:9d:b8:
82:da:0a:fe:f2:dd:40:f1:a6:61:e5:a1:79:b8:bf:71:ef:8c:
30:61:e3:b0:fe:b7:f9:b5:f5:27:c4:40:85:96:1e:37:0a:c6:
07:a2:93:60:84:d2:9a:f1:21:e1:1e:ee:12:df:5c:df:0b:94:
7b:8a:f7:3e:c6:ed:5e:80:aa:1a:30:80:76:97:f1:e5:c7:df:
f1:0b:7e:ee:b2:43:9e:23:43:f7:8c:bc:db:ae:a5:75:4b:61:
95:b9:89:cc:2d:b8:a1:9e:dc:d3:59:47:6e:9c:ca:9b:5e:b1:
9f:90:30:1f:33:d5:c2:4c:1b:bf:fb:3a:63:d4:1d:0a:53:74:
6c:13:52:18:cc:9f:af:d8:6b:75:a9:79:c1:eb:44:82:82:26:
db:bd:b6:56:0c:80:1b:17:32:92:3e:34:87:af:76:70:38:7f:
f0:61:2d:2f:f9:7b:5f:d4:bf:af:ff:ff:db:a3:06:7b:6c:14:
b7:2a:e7:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIbaBhoq/vVJVFHEm8dUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODM2OTY3MTZkYmNjMzYwYjlhNjJlZjdkODRiNGQyOGY5
NThiZGQwHhcNMjUwMTAyMDM0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDg2OGRhNzY2ZDNiNTBlNGNlYTMwYWNiMjZjODY0NjYwZmNmZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl+NBa79KsGskK45MKh76g+5ESin
k4dNrs9hCQ41fP6+1CLasJ5Z/nOpD44mcGlSaR5IeVY6hmwuBn9Na+Z1IBok0cZt
Kgt5wgFLX10rlIOECgGotD2A2zrHlaSe4zBjtCl4pdyL5ZSdnfEpZEbp0f5XRmtT
8Tk1qyZ4NRPMNNJwJvK5iMwSbW1f2S935xAP1EbaJduqa+BrzminolC/aRKs1HtR
U0CjK3/2foFKnW3PI3TiZ/5BFzVBXNyrWiX23bCJ4Iw5xDIGdtJsX6ZjIN6lHqIE
ZMCjTLxjFBv1cQEO4kXNYZK05ZdTTiyKngyS//EHL6btaho5HRLicdJZLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHCGjadm07UOTOowrLJshkZg/P3oMB8GA1UdIwQY
MBaAFEKDaWcW28w2C5pi732EtNKPlYvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAt
OTI0MGQ5Zjc1YWU2LzEvY0lhTnAyYlR0UTVNNmpDc3NteUdSbUQ4X2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAtOTI0MGQ5Zjc1YWU2
LzEvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBsv1gAwQB
wodqMA0GCSqGSIb3DQEBCwUAA4IBAQCShvW8+XWaaCcPXPk/7vrm/Fv6VYXrVJWm
9ONmcKAk8cO9jLf2BnDovg5fVAUWD83mfJkJqtSv0NUjrS1eKssoRTToLFC3nbiC
2gr+8t1A8aZh5aF5uL9x74wwYeOw/rf5tfUnxECFlh43CsYHopNghNKa8SHhHu4S
31zfC5R7ivc+xu1egKoaMIB2l/Hlx9/xC37uskOeI0P3jLzbrqV1S2GVuYnMLbih
ntzTWUdunMqbXrGfkDAfM9XCTBu/+zpj1B0KU3RsE1IYzJ+v2Gt1qXnB60SCgibb
vbZWDIAbFzKSPjSHr3ZwOH/wYS0v+Xtf1L+v///bowZ7bBS3Kudl
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:27:03 2025 by rpki-client