Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/41_o2BIwv76TF64VP1DAdfjTxPo.roa
File: 41_o2BIwv76TF64VP1DAdfjTxPo.roa (raw, json)
Hash identifier: ZsvXvwGlxNqhMT0bqp079C/5ezKY6fiYSiOoxT1NO2o=
Subject key identifier: E3:5F:E8:D8:12:30:BF:BE:93:17:AE:15:3F:50:C0:75:F8:D3:C4:FA
Certificate issuer: /CN=a42000c4f4ec4a03cd4d3657e01b70034ec23b97
Certificate serial: 019422FC085A51AB16496CBAAA3EED5B3F90
Authority key identifier: A4:20:00:C4:F4:EC:4A:03:CD:4D:36:57:E0:1B:70:03:4E:C2:3B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCAAxPTsSgPNTTZX4BtwA07CO5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/41_o2BIwv76TF64VP1DAdfjTxPo.roa
Signing time: Wed 01 Jan 2025 17:48:50 +0000
ROA not before: Wed 01 Jan 2025 17:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208507
IP address blocks: 178.218.240.0/23 maxlen: 23
178.218.240.0/24 maxlen: 24
178.218.241.0/24 maxlen: 24
178.218.242.0/23 maxlen: 23
178.218.242.0/24 maxlen: 24
178.218.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:08:5a:51:ab:16:49:6c:ba:aa:3e:ed:5b:3f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42000c4f4ec4a03cd4d3657e01b70034ec23b97
Validity
Not Before: Jan 1 17:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e35fe8d81230bfbe9317ae153f50c075f8d3c4fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:66:3e:da:fb:3a:f7:28:d0:74:ca:ce:f6:61:
5c:24:fd:6b:df:4c:6e:2d:fa:3a:57:fc:dc:7c:ae:
ac:8f:0f:72:2d:c7:98:78:0d:a8:f0:a0:ea:d7:e2:
a0:37:53:0b:51:5a:12:9e:ea:ba:ab:66:9b:73:26:
f5:d4:fc:6a:1c:a7:4c:56:34:5b:ff:58:85:16:20:
9e:3d:1d:57:c0:d6:81:77:c0:cf:6a:34:06:87:e3:
63:18:38:9c:97:89:a8:91:8f:e0:63:55:a6:e5:ae:
dd:3d:bc:11:51:7d:17:12:0c:94:0d:34:0a:cb:99:
67:19:cb:79:1b:bd:49:6c:55:56:b2:db:a2:8f:40:
a0:a8:c7:f5:ff:3c:32:42:f9:dd:d1:b7:c6:4c:15:
5c:ea:f4:e7:bb:56:33:c7:a8:2a:ff:0b:0b:d8:0f:
0d:21:ac:97:e5:e7:67:4f:9f:59:b1:62:37:a5:57:
0d:08:87:6c:9b:7e:26:e7:b7:f1:a8:5a:ca:43:f9:
84:80:00:25:24:b4:49:18:3f:82:ae:d8:93:1f:e2:
de:a7:3c:d2:cc:31:af:6b:f5:b3:cb:c7:e7:29:de:
5c:c5:3c:75:83:a6:0a:6d:54:e2:1d:ad:df:e2:ca:
47:4f:e8:40:aa:6f:b7:70:57:d3:b7:cf:0d:00:4e:
ee:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:5F:E8:D8:12:30:BF:BE:93:17:AE:15:3F:50:C0:75:F8:D3:C4:FA
X509v3 Authority Key Identifier:
keyid:A4:20:00:C4:F4:EC:4A:03:CD:4D:36:57:E0:1B:70:03:4E:C2:3B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCAAxPTsSgPNTTZX4BtwA07CO5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/41_o2BIwv76TF64VP1DAdfjTxPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/pCAAxPTsSgPNTTZX4BtwA07CO5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.218.240.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:fa:d1:fb:0a:46:99:30:6d:7b:6f:37:7d:ab:46:04:5c:6d:
fc:c5:47:7c:a9:07:54:ff:23:d6:41:a6:0a:4d:2a:87:76:e8:
e7:d1:83:85:8f:fe:eb:67:c5:b5:12:68:7c:52:7f:5e:7e:59:
4e:b7:e3:b1:5b:95:be:86:03:a4:8c:bb:e5:0f:92:27:04:97:
87:81:3e:f5:56:c1:ef:28:ae:e2:68:6d:15:b7:fe:68:3d:6c:
22:8b:37:47:9f:2b:41:b0:ed:9e:65:f2:3f:2a:93:8b:4d:1f:
b0:b0:c8:1e:40:94:84:e3:3d:44:fd:24:c1:d2:83:95:d8:f4:
19:8c:b0:10:c1:56:6d:8f:52:f0:da:dc:ad:1a:7a:42:32:53:
22:48:0a:db:6e:fe:14:83:da:3d:d2:f9:60:e0:c3:5d:2f:8b:
56:06:52:26:3c:09:a1:41:11:b1:a8:a4:d7:e3:12:ca:f7:ee:
f0:54:be:e6:c7:cb:41:f8:b9:f4:2a:b9:e2:83:09:53:f7:1f:
db:fb:12:c2:77:71:f1:17:69:e2:d0:01:b4:56:0e:54:55:d6:
29:96:38:ae:95:77:5e:a4:7a:2c:e9:16:ca:c7:a5:4e:21:9a:
44:75:c8:4e:69:21:73:ca:52:3e:be:2b:5b:1f:5b:c6:b6:68:
d1:3c:10:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/AhaUasWSWy6qj7tWz+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjAwMGM0ZjRlYzRhMDNjZDRkMzY1N2UwMWI3MDAzNGVj
MjNiOTcwHhcNMjUwMTAxMTc0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzVmZThkODEyMzBiZmJlOTMxN2FlMTUzZjUwYzA3NWY4ZDNjNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWY+2vs69yjQdMrO9mFcJP1r30xu
Lfo6V/zcfK6sjw9yLceYeA2o8KDq1+KgN1MLUVoSnuq6q2abcyb11PxqHKdMVjRb
/1iFFiCePR1XwNaBd8DPajQGh+NjGDicl4mokY/gY1Wm5a7dPbwRUX0XEgyUDTQK
y5lnGct5G71JbFVWstuij0CgqMf1/zwyQvnd0bfGTBVc6vTnu1Yzx6gq/wsL2A8N
IayX5ednT59ZsWI3pVcNCIdsm34m57fxqFrKQ/mEgAAlJLRJGD+CrtiTH+LepzzS
zDGva/Wzy8fnKd5cxTx1g6YKbVTiHa3f4spHT+hAqm+3cFfTt88NAE7uKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONf6NgSML++kxeuFT9QwHX408T6MB8GA1UdIwQY
MBaAFKQgAMT07EoDzU02V+AbcANOwjuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENBQXhQVHNTZ1BOVFRaWDRCdHdBMDdDTzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNjNkNzctNGZlYS00MTMxLWJlY2It
MGYyMmQ4OTY4OWEwLzEvNDFfbzJCSXd2NzZURjY0VlAxREFkZmpUeFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNjNkNzctNGZlYS00MTMxLWJlY2ItMGYyMmQ4OTY4OWEw
LzEvcENBQXhQVHNTZ1BOVFRaWDRCdHdBMDdDTzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCstrwMA0G
CSqGSIb3DQEBCwUAA4IBAQAc+tH7CkaZMG17bzd9q0YEXG38xUd8qQdU/yPWQaYK
TSqHdujn0YOFj/7rZ8W1Emh8Un9efllOt+OxW5W+hgOkjLvlD5InBJeHgT71VsHv
KK7iaG0Vt/5oPWwiizdHnytBsO2eZfI/KpOLTR+wsMgeQJSE4z1E/STB0oOV2PQZ
jLAQwVZtj1Lw2tytGnpCMlMiSArbbv4Ug9o90vlg4MNdL4tWBlImPAmhQRGxqKTX
4xLK9+7wVL7mx8tB+Ln0KrnigwlT9x/b+xLCd3HxF2ni0AG0Vg5UVdYpljiulXde
pHos6RbKx6VOIZpEdchOaSFzylI+vitbH1vGtmjRPBDn
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:34 2025 by rpki-client on console.sobornost.net