Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/LttXh5eMv2jde6QYSngEubF_oow.roa
File: LttXh5eMv2jde6QYSngEubF_oow.roa (raw, json)
Hash identifier: Yan1EozpbgDCzFrwbK/bTYuqkgAj1nMSodRgwp+TLbk=
Subject key identifier: 2E:DB:57:87:97:8C:BF:68:DD:7B:A4:18:4A:78:04:B9:B1:7F:A2:8C
Certificate issuer: /CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Certificate serial: 019421B238BCE64DE57F01052608913E99FA
Authority key identifier: F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/LttXh5eMv2jde6QYSngEubF_oow.roa
Signing time: Wed 01 Jan 2025 11:48:35 +0000
ROA not before: Wed 01 Jan 2025 11:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33567
IP address blocks: 217.15.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:38:bc:e6:4d:e5:7f:01:05:26:08:91:3e:99:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f497673c78efae5f6bd80a25ace3d3c37193e789
Validity
Not Before: Jan 1 11:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2edb5787978cbf68dd7ba4184a7804b9b17fa28c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ba:cb:35:ba:5f:bf:cc:05:4f:5a:8f:5d:64:
74:8d:d4:7b:4d:93:ce:e3:af:02:ae:f7:7c:ff:5a:
63:74:e8:0f:1e:d4:4d:8e:80:da:08:76:71:40:ed:
ea:3e:73:5d:c0:13:6c:a8:1c:d8:b1:d1:f6:04:e1:
9a:3c:af:c1:2d:4c:ca:a8:be:fb:c7:d1:bd:16:14:
04:57:25:1b:4e:6e:d1:ae:2c:8f:5e:fb:31:e4:d5:
85:7e:3f:a2:46:f0:db:e0:a3:d6:67:3b:79:c9:d6:
13:f2:19:84:1f:79:35:5f:f1:20:d8:38:3e:81:48:
c4:d6:f4:c9:25:ec:8a:b7:c0:bc:4c:b5:48:60:28:
b6:dc:94:d3:cc:37:50:02:70:b1:42:55:5c:7f:0b:
36:ca:99:5f:fa:9c:61:cc:a0:bd:7b:e0:15:e7:3c:
a5:ff:cd:63:a7:c3:27:9b:a2:c1:15:0f:8b:08:7d:
9b:90:3a:bc:46:56:f8:ce:97:6e:45:b2:82:7a:ea:
59:0d:ab:7d:c1:1a:48:90:d7:c6:62:4f:52:b4:96:
67:67:09:63:69:2a:c4:8d:8c:50:fb:6f:6a:cb:8d:
b4:aa:d0:45:27:cb:80:e4:5f:e4:00:07:1d:e7:87:
82:29:97:13:7d:3e:3f:9f:d2:80:8b:31:80:b1:ac:
1e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:DB:57:87:97:8C:BF:68:DD:7B:A4:18:4A:78:04:B9:B1:7F:A2:8C
X509v3 Authority Key Identifier:
keyid:F4:97:67:3C:78:EF:AE:5F:6B:D8:0A:25:AC:E3:D3:C3:71:93:E7:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9JdnPHjvrl9r2AolrOPTw3GT54k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/LttXh5eMv2jde6QYSngEubF_oow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d13658-af7e-4d6e-82ef-6e0696fee8e6/1/9JdnPHjvrl9r2AolrOPTw3GT54k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.15.125.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:09:18:63:60:ce:4f:df:47:79:19:9c:f2:ae:4a:ba:bf:69:
75:b3:4a:70:85:57:47:15:be:de:fb:25:fc:1f:a7:3e:84:ac:
2e:b0:f6:fd:85:6a:52:03:b0:a4:f3:b2:36:ab:dc:bd:b3:c4:
b8:f5:58:aa:e4:6d:10:b6:e8:2f:2c:65:f9:98:ad:bb:af:26:
f4:ba:fc:ac:94:c5:f8:07:18:11:07:9b:11:fc:b6:83:6b:25:
03:06:7d:09:11:95:a3:e5:79:ee:d9:bb:a1:cb:d3:32:7e:c2:
88:b6:96:54:28:8a:7e:81:14:6e:e0:6a:cb:85:cd:c1:7d:06:
73:1d:f4:d6:10:f0:d8:22:61:3e:82:8d:d3:b9:4e:5b:cc:2a:
bf:58:13:bc:25:dd:20:b5:53:a7:3d:3a:78:99:3b:03:af:3a:
8b:74:6d:e6:bf:8b:f1:42:e5:8c:1a:c6:26:33:a5:de:f3:c9:
a1:34:a3:fb:c3:14:31:0e:bd:dc:8d:c8:77:4b:e8:6c:94:b8:
73:65:2d:d0:0b:1b:16:fd:c8:63:9f:50:27:ed:68:69:dd:1b:
38:00:00:a7:c4:dc:a9:36:5a:d8:f6:63:45:6b:bf:2c:bc:b4:
47:20:cd:fd:bf:cf:6f:3a:ed:9b:ed:e3:4e:b4:66:13:7c:1a:
7d:06:38:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsji85k3lfwEFJgiRPpn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0OTc2NzNjNzhlZmFlNWY2YmQ4MGEyNWFjZTNkM2MzNzE5
M2U3ODkwHhcNMjUwMTAxMTE0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWRiNTc4Nzk3OGNiZjY4ZGQ3YmE0MTg0YTc4MDRiOWIxN2ZhMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurrLNbpfv8wFT1qPXWR0jdR7TZPO
468Crvd8/1pjdOgPHtRNjoDaCHZxQO3qPnNdwBNsqBzYsdH2BOGaPK/BLUzKqL77
x9G9FhQEVyUbTm7RriyPXvsx5NWFfj+iRvDb4KPWZzt5ydYT8hmEH3k1X/Eg2Dg+
gUjE1vTJJeyKt8C8TLVIYCi23JTTzDdQAnCxQlVcfws2yplf+pxhzKC9e+AV5zyl
/81jp8Mnm6LBFQ+LCH2bkDq8Rlb4zpduRbKCeupZDat9wRpIkNfGYk9StJZnZwlj
aSrEjYxQ+29qy420qtBFJ8uA5F/kAAcd54eCKZcTfT4/n9KAizGAsawenQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7bV4eXjL9o3XukGEp4BLmxf6KMMB8GA1UdIwQY
MBaAFPSXZzx4765fa9gKJazj08Nxk+eJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUpkblBIanZybDlyMkFvbHJPUFR3M0dUNTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kMTM2NTgtYWY3ZS00ZDZlLTgyZWYt
NmUwNjk2ZmVlOGU2LzEvTHR0WGg1ZU12MmpkZTZRWVNuZ0V1YkZfb293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9kMTM2NTgtYWY3ZS00ZDZlLTgyZWYtNmUwNjk2ZmVlOGU2
LzEvOUpkblBIanZybDlyMkFvbHJPUFR3M0dUNTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Q99MA0G
CSqGSIb3DQEBCwUAA4IBAQB+CRhjYM5P30d5GZzyrkq6v2l1s0pwhVdHFb7e+yX8
H6c+hKwusPb9hWpSA7Ck87I2q9y9s8S49Viq5G0QtugvLGX5mK27ryb0uvyslMX4
BxgRB5sR/LaDayUDBn0JEZWj5Xnu2buhy9MyfsKItpZUKIp+gRRu4GrLhc3BfQZz
HfTWEPDYImE+go3TuU5bzCq/WBO8Jd0gtVOnPTp4mTsDrzqLdG3mv4vxQuWMGsYm
M6Xe88mhNKP7wxQxDr3cjch3S+hslLhzZS3QCxsW/chjn1An7Whp3Rs4AACnxNyp
NlrY9mNFa78svLRHIM39v89vOu2b7eNOtGYTfBp9BjiC
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:48:38 2025 by rpki-client