Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/2oA3INWUsApTbrlcqGy8fdftXUI.roa
File: 2oA3INWUsApTbrlcqGy8fdftXUI.roa (raw, json)
Hash identifier: kZBuiNeEgnUMl8KvVig4sfaoFhAnRD3f/7kZVXcHiUI=
Subject key identifier: DA:80:37:20:D5:94:B0:0A:53:6E:B9:5C:A8:6C:BC:7D:D7:ED:5D:42
Certificate issuer: /CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Certificate serial: 018C68F0469D1AE28F24A82C65B28659D495
Authority key identifier: B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/2oA3INWUsApTbrlcqGy8fdftXUI.roa
Signing time: Thu 14 Dec 2023 15:27:06 +0000
ROA not before: Thu 14 Dec 2023 15:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24768
IP address blocks: 178.248.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:f0:46:9d:1a:e2:8f:24:a8:2c:65:b2:86:59:d4:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Validity
Not Before: Dec 14 15:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da803720d594b00a536eb95ca86cbc7dd7ed5d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7c:fa:43:3d:85:da:6b:2c:98:b6:b0:f9:e7:
01:15:0a:58:28:d8:3b:b9:ff:6c:e5:35:33:eb:e2:
f3:50:04:97:64:f2:e6:f5:bf:31:15:ca:22:7f:c3:
ee:cf:a3:2c:37:d6:79:6b:32:c4:3a:eb:55:64:d6:
64:81:c2:bc:83:2c:a3:14:e2:37:e7:e7:b3:26:6d:
2e:79:b6:0b:38:64:eb:67:f3:ce:f5:29:52:58:63:
7f:7b:4c:d2:7e:a9:50:13:0f:53:c3:4e:f0:81:bb:
f0:8e:90:16:9f:02:b1:da:47:0b:bb:67:78:20:36:
e3:8e:92:d2:3b:0b:83:e7:c5:7c:fe:59:25:d7:b2:
3f:9e:2f:b9:85:f2:0c:da:a1:f3:7a:0b:46:03:9f:
b6:55:56:a0:12:b8:79:00:3c:5b:b6:97:9b:1d:39:
d6:77:d1:68:b0:9b:7e:ee:09:64:1b:83:ac:da:c9:
01:b7:01:c1:1d:24:07:ae:d8:1e:74:ae:0b:8c:a1:
3e:9e:c7:b4:bc:c2:d1:6d:5e:61:4b:5b:ea:d8:00:
c8:3f:11:70:ff:fe:3f:08:7d:31:84:8d:0f:63:f9:
48:2d:bb:02:73:e2:70:66:fd:1b:0a:32:b5:f1:c0:
dd:6c:30:a3:c9:be:d5:75:08:9d:76:3b:0b:08:5c:
e4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:80:37:20:D5:94:B0:0A:53:6E:B9:5C:A8:6C:BC:7D:D7:ED:5D:42
X509v3 Authority Key Identifier:
keyid:B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/2oA3INWUsApTbrlcqGy8fdftXUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.79.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ff:7d:9d:7e:48:90:d5:5d:f5:31:75:5e:62:76:7e:e3:36:
ad:43:51:fd:b4:a4:f1:3e:b1:04:35:52:aa:8f:18:10:bc:a8:
6c:35:a5:f0:4c:75:04:7f:71:e4:99:63:64:63:6a:dd:ab:8d:
c2:5f:b7:46:79:60:94:55:6a:1f:79:b8:65:26:72:e9:cf:06:
41:e7:aa:d5:69:34:89:a0:7c:f9:5b:27:36:35:fb:5a:72:b7:
63:42:55:07:5b:40:c9:12:19:4b:9e:30:a4:71:83:82:60:f4:
e9:5b:4e:0e:74:ad:fb:70:3c:86:f2:1b:51:3d:85:5f:68:b2:
26:2b:16:4e:30:74:83:ab:7c:22:ea:b7:38:14:e0:c7:90:89:
c4:76:11:a1:7f:33:7a:62:1f:7f:4f:13:c8:6b:70:93:3b:7a:
cd:72:71:29:3b:04:29:8b:ec:df:87:81:49:f6:52:6c:8b:b6:
18:db:b2:ec:27:f7:89:1d:00:ae:b6:ef:86:6e:23:a1:b0:73:
d8:56:41:60:0b:e4:80:f7:36:b0:07:80:7d:7d:3b:53:3a:1a:
56:12:45:7f:dd:46:9b:c2:ff:c1:f3:f2:9a:f8:64:96:8b:35:
3f:af:c9:cb:2d:03:93:af:42:e2:33:96:7c:aa:6d:97:08:f3:
9f:80:91:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxo8EadGuKPJKgsZbKGWdSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOWVjZDI0ZjMyMTk4OGRlYjdjMTlkY2EwNTJhNGUzYzQ5
YjYwZWEwHhcNMjMxMjE0MTUyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTgwMzcyMGQ1OTRiMDBhNTM2ZWI5NWNhODZjYmM3ZGQ3ZWQ1ZDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHz6Qz2F2mssmLaw+ecBFQpYKNg7
uf9s5TUz6+LzUASXZPLm9b8xFcoif8Puz6MsN9Z5azLEOutVZNZkgcK8gyyjFOI3
5+ezJm0uebYLOGTrZ/PO9SlSWGN/e0zSfqlQEw9Tw07wgbvwjpAWnwKx2kcLu2d4
IDbjjpLSOwuD58V8/lkl17I/ni+5hfIM2qHzegtGA5+2VVagErh5ADxbtpebHTnW
d9FosJt+7glkG4Os2skBtwHBHSQHrtgedK4LjKE+nse0vMLRbV5hS1vq2ADIPxFw
//4/CH0xhI0PY/lILbsCc+JwZv0bCjK18cDdbDCjyb7VdQiddjsLCFzk4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqANyDVlLAKU265XKhsvH3X7V1CMB8GA1UdIwQY
MBaAFLOezSTzIZiN63wZ3KBSpOPEm2DqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQt
MWJhNjk1ZmFlZjI1LzEvMm9BM0lOV1VzQXBUYnJsY3FHeThmZGZ0WFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQtMWJhNjk1ZmFlZjI1
LzEvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsvhPMA0G
CSqGSIb3DQEBCwUAA4IBAQAk/32dfkiQ1V31MXVeYnZ+4zatQ1H9tKTxPrEENVKq
jxgQvKhsNaXwTHUEf3HkmWNkY2rdq43CX7dGeWCUVWofebhlJnLpzwZB56rVaTSJ
oHz5Wyc2NftacrdjQlUHW0DJEhlLnjCkcYOCYPTpW04OdK37cDyG8htRPYVfaLIm
KxZOMHSDq3wi6rc4FODHkInEdhGhfzN6Yh9/TxPIa3CTO3rNcnEpOwQpi+zfh4FJ
9lJsi7YY27LsJ/eJHQCutu+GbiOhsHPYVkFgC+SA9zawB4B9fTtTOhpWEkV/3Uab
wv/B8/Ka+GSWizU/r8nLLQOTr0LiM5Z8qm2XCPOfgJFv
-----END CERTIFICATE-----
Generated at Mon May 12 05:00:17 2025 by rpki-client