Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/f0775c-da2e-4d7d-8019-d2b02a403c7b/1/bdP3lbH5ZQAyroCoiOKXaEW3gls.roa
File: bdP3lbH5ZQAyroCoiOKXaEW3gls.roa (raw, json)
Hash identifier: cDp8fKJxsr66s5SbMWdrl57QdYSD9f5YI04JxjPak0U=
Subject key identifier: 6D:D3:F7:95:B1:F9:65:00:32:AE:80:A8:88:E2:97:68:45:B7:82:5B
Certificate issuer: /CN=631aca5f9a1dcfa19704d1f0377f1b9fe9145e08
Certificate serial: 019460BDAEECF898D3F57F572FE09EF54525
Authority key identifier: 63:1A:CA:5F:9A:1D:CF:A1:97:04:D1:F0:37:7F:1B:9F:E9:14:5E:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YxrKX5odz6GXBNHwN38bn-kUXgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/f0775c-da2e-4d7d-8019-d2b02a403c7b/1/bdP3lbH5ZQAyroCoiOKXaEW3gls.roa
Signing time: Mon 13 Jan 2025 17:37:11 +0000
ROA not before: Mon 13 Jan 2025 17:37:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209162
IP address blocks: 178.239.24.0/24 maxlen: 24
178.239.26.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:bd:ae:ec:f8:98:d3:f5:7f:57:2f:e0:9e:f5:45:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=631aca5f9a1dcfa19704d1f0377f1b9fe9145e08
Validity
Not Before: Jan 13 17:37:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dd3f795b1f9650032ae80a888e2976845b7825b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:af:28:e6:4f:f1:0e:98:25:cf:c0:7b:62:26:
8f:bb:20:70:4b:ce:dd:8f:98:fd:5a:a0:2c:c5:97:
ae:9a:42:19:3a:df:1d:a2:50:8b:6b:73:12:e8:ac:
3a:5f:76:9c:eb:f3:d3:de:8c:cc:7e:95:e2:e0:8f:
d9:1c:d5:c4:1f:28:2d:90:01:0a:0c:0a:5f:ba:7c:
96:b3:c1:dd:5a:61:35:d6:53:47:a4:8d:6c:e5:20:
ce:ec:9d:65:39:e5:f7:06:e5:99:79:fd:fd:f0:0e:
f7:96:31:86:38:d3:67:8e:aa:f9:21:5c:9f:d5:f0:
7e:a5:0e:43:28:1b:4b:b2:66:55:35:fa:cf:bf:98:
7e:44:9d:9b:5c:a6:e4:6a:1f:c9:0b:d3:a8:2e:9c:
26:d6:af:79:f0:23:25:66:9a:f2:7a:5d:5f:7e:1e:
fe:e4:90:91:fa:47:54:f0:61:2d:2b:83:42:de:fc:
08:bf:ec:d8:28:27:e4:7e:da:45:eb:32:5a:0a:ba:
95:00:d2:86:78:5c:3c:d4:11:2a:ea:56:78:f3:84:
97:44:8d:eb:d9:08:ba:3b:36:1d:d0:38:5a:e6:a9:
9b:1e:b9:7c:dd:11:c9:35:b2:b5:1f:50:eb:8d:c3:
a0:d7:1f:e3:f2:87:64:36:0d:34:41:f4:de:9a:4f:
5c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D3:F7:95:B1:F9:65:00:32:AE:80:A8:88:E2:97:68:45:B7:82:5B
X509v3 Authority Key Identifier:
keyid:63:1A:CA:5F:9A:1D:CF:A1:97:04:D1:F0:37:7F:1B:9F:E9:14:5E:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxrKX5odz6GXBNHwN38bn-kUXgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/f0775c-da2e-4d7d-8019-d2b02a403c7b/1/bdP3lbH5ZQAyroCoiOKXaEW3gls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/f0775c-da2e-4d7d-8019-d2b02a403c7b/1/YxrKX5odz6GXBNHwN38bn-kUXgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.24.0/24
178.239.26.0/24
Signature Algorithm: sha256WithRSAEncryption
55:0e:29:5f:2c:be:63:30:3c:6b:1d:74:ab:37:c0:bd:ee:7b:
12:01:87:01:3e:08:8b:ee:f7:23:28:0d:0c:49:61:c3:3d:02:
02:42:41:ae:ea:f7:66:e0:84:1e:eb:2f:a0:a6:5c:a3:b4:91:
0f:08:8c:7b:c0:97:57:1f:ce:e5:be:50:05:24:b7:41:f4:1a:
32:60:d5:7c:6f:c9:56:dc:06:d0:04:9b:0f:c0:4d:7d:e7:30:
9a:fe:ed:f8:2e:fa:be:dc:14:ef:a9:a2:2b:35:bc:3b:98:0e:
fa:de:11:bc:80:25:ab:9e:04:24:89:c5:13:83:0c:cb:11:8a:
45:b4:39:df:16:c3:0e:ae:6d:26:92:66:13:ad:e5:9e:84:72:
22:93:dc:2b:c4:62:a4:ca:b4:bf:0e:9c:59:a0:06:b4:a5:e1:
29:14:ac:af:e5:d3:a2:a2:e4:38:12:70:43:95:48:b2:ed:33:
52:0d:32:10:c3:60:68:f3:71:c7:8c:ac:9a:e4:c1:ca:ec:67:
48:01:8e:53:7b:9e:29:d8:cb:22:68:25:00:cf:76:25:a0:23:
02:98:19:21:e8:3e:4f:cd:1b:3e:0c:e5:da:ff:9e:95:26:e4:
53:e4:79:54:1f:8b:7a:c3:7e:99:51:d1:30:fc:74:ee:b7:b9:
90:0e:f8:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRgva7s+JjT9X9XL+Ce9UUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMWFjYTVmOWExZGNmYTE5NzA0ZDFmMDM3N2YxYjlmZTkx
NDVlMDgwHhcNMjUwMTEzMTczNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQzZjc5NWIxZjk2NTAwMzJhZTgwYTg4OGUyOTc2ODQ1Yjc4MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq8o5k/xDpglz8B7YiaPuyBwS87d
j5j9WqAsxZeumkIZOt8dolCLa3MS6Kw6X3ac6/PT3ozMfpXi4I/ZHNXEHygtkAEK
DApfunyWs8HdWmE11lNHpI1s5SDO7J1lOeX3BuWZef398A73ljGGONNnjqr5IVyf
1fB+pQ5DKBtLsmZVNfrPv5h+RJ2bXKbkah/JC9OoLpwm1q958CMlZpryel1ffh7+
5JCR+kdU8GEtK4NC3vwIv+zYKCfkftpF6zJaCrqVANKGeFw81BEq6lZ484SXRI3r
2Qi6OzYd0Dha5qmbHrl83RHJNbK1H1DrjcOg1x/j8odkNg00QfTemk9cswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG3T95Wx+WUAMq6AqIjil2hFt4JbMB8GA1UdIwQY
MBaAFGMayl+aHc+hlwTR8Dd/G5/pFF4IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXhyS1g1b2R6NkdYQk5Id04zOGJuLWtVWGdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mMDc3NWMtZGEyZS00ZDdkLTgwMTkt
ZDJiMDJhNDAzYzdiLzEvYmRQM2xiSDVaUUF5cm9Db2lPS1hhRVczZ2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mMDc3NWMtZGEyZS00ZDdkLTgwMTktZDJiMDJhNDAzYzdi
LzEvWXhyS1g1b2R6NkdYQk5Id04zOGJuLWtVWGdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsu8YAwQA
su8aMA0GCSqGSIb3DQEBCwUAA4IBAQBVDilfLL5jMDxrHXSrN8C97nsSAYcBPgiL
7vcjKA0MSWHDPQICQkGu6vdm4IQe6y+gplyjtJEPCIx7wJdXH87lvlAFJLdB9Boy
YNV8b8lW3AbQBJsPwE195zCa/u34Lvq+3BTvqaIrNbw7mA763hG8gCWrngQkicUT
gwzLEYpFtDnfFsMOrm0mkmYTreWehHIik9wrxGKkyrS/DpxZoAa0peEpFKyv5dOi
ouQ4EnBDlUiy7TNSDTIQw2Bo83HHjKya5MHK7GdIAY5Te54p2MsiaCUAz3YloCMC
mBkh6D5PzRs+DOXa/56VJuRT5HlUH4t6w36ZUdEw/HTut7mQDvjM
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:10 2025 by rpki-client on console.sobornost.net