Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/HG0sxwCI7w4fkh8VU0N2fcVMuLU.roa
File: HG0sxwCI7w4fkh8VU0N2fcVMuLU.roa (raw, json)
Hash identifier: 1EixzIypMSg7Afd2h1TllH/pBszhQ8LEEsFtCe9BNAQ=
Subject key identifier: 1C:6D:2C:C7:00:88:EF:0E:1F:92:1F:15:53:43:76:7D:C5:4C:B8:B5
Certificate issuer: /CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Certificate serial: 01942369C535F71683245194964640B32996
Authority key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/HG0sxwCI7w4fkh8VU0N2fcVMuLU.roa
Signing time: Wed 01 Jan 2025 19:48:41 +0000
ROA not before: Wed 01 Jan 2025 19:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28776
IP address blocks: 217.9.4.0/24 maxlen: 24
217.9.5.0/24 maxlen: 24
217.9.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c5:35:f7:16:83:24:51:94:96:46:40:b3:29:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Validity
Not Before: Jan 1 19:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c6d2cc70088ef0e1f921f155343767dc54cb8b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9d:2b:5d:43:c5:b7:8b:56:fc:78:85:1c:c8:
d8:33:bb:35:f8:d4:66:e3:14:6d:69:a0:35:68:5e:
bc:99:77:50:eb:63:c2:56:85:0a:fe:c1:3e:13:91:
5d:64:e3:d9:b9:36:77:42:e6:c4:1e:ef:10:62:31:
6d:59:32:f9:84:67:87:48:cb:06:49:bd:9a:51:d6:
98:22:6b:cb:d2:fa:d5:90:0f:96:7f:72:56:8e:91:
c3:a7:5d:29:71:ea:5b:4d:fc:8d:27:67:a5:61:4a:
56:26:a6:91:99:2b:fe:90:71:04:eb:26:ac:66:6e:
ac:3e:c6:e9:bd:cc:dd:5b:c4:ff:cb:72:9b:f9:89:
98:b0:47:78:7a:97:e5:45:f4:9e:10:3d:ef:e8:22:
a9:e2:c4:10:28:60:f8:fb:64:14:86:26:72:a1:d9:
d4:e7:df:e4:e7:bc:ed:12:66:2f:de:c9:62:55:19:
50:b9:69:e4:38:c5:7b:13:f2:54:ad:1b:9a:2d:cc:
a2:8e:90:b4:dc:0e:b1:5e:28:01:e2:82:d5:51:47:
e9:76:4e:55:b0:1f:68:68:42:79:21:e0:df:b5:5c:
16:ff:48:e3:0f:6c:a1:8a:fd:44:69:ee:8a:7f:1f:
38:45:f7:83:93:2a:7f:c1:40:f0:99:e9:da:b0:9c:
36:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:6D:2C:C7:00:88:EF:0E:1F:92:1F:15:53:43:76:7D:C5:4C:B8:B5
X509v3 Authority Key Identifier:
keyid:A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/HG0sxwCI7w4fkh8VU0N2fcVMuLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.4.0-217.9.6.255
Signature Algorithm: sha256WithRSAEncryption
cb:88:54:bb:a4:ed:1e:c2:ea:6e:83:30:c5:bd:ac:f4:a6:44:
ed:7c:bb:0c:41:0f:c2:4c:bd:48:52:34:c7:b3:d2:c3:aa:9f:
1c:1c:e8:3a:b9:1e:8a:88:d3:30:4c:3b:c7:93:74:9e:46:6c:
6c:e2:ff:9e:bd:8e:19:90:3b:fa:d0:05:76:70:db:8d:ff:2b:
f9:74:7d:2c:28:74:3f:fe:bb:33:24:6d:53:bb:60:52:0c:7b:
ce:90:95:a2:70:e1:5d:ca:95:8f:14:10:5d:78:e3:f2:e0:60:
a3:83:a6:b2:e9:9e:19:c4:28:95:51:1b:71:1a:35:1e:b3:bf:
89:59:9a:57:60:cd:74:db:03:37:cf:c5:6e:86:21:99:bf:7d:
d6:b4:e9:db:4c:32:d6:c2:d3:08:9e:b3:a9:95:d9:bc:fe:ce:
76:1a:f7:ac:43:f8:11:9e:43:f4:4e:8b:78:b1:cc:67:51:be:
fa:bf:bc:37:24:9a:59:f8:6f:ae:73:02:0e:7b:40:f3:51:26:
5f:83:7a:01:88:96:00:c4:3f:e2:42:48:5f:af:50:a8:f2:3c:
2f:f8:ed:68:d0:3e:00:0e:de:a8:9d:53:62:9e:e9:b9:c8:cd:
bc:f4:4a:8f:4d:ef:60:84:9a:98:83:cc:18:a3:58:a4:2f:b1:
0e:df:0d:fe
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQjacU19xaDJFGUlkZAsymWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZWUxODJkOWM0M2E1Y2U3MDY4ZGZkOWJhN2FhOGVkOTBl
NWUwYmEwHhcNMjUwMTAxMTk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzZkMmNjNzAwODhlZjBlMWY5MjFmMTU1MzQzNzY3ZGM1NGNiOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp50rXUPFt4tW/HiFHMjYM7s1+NRm
4xRtaaA1aF68mXdQ62PCVoUK/sE+E5FdZOPZuTZ3QubEHu8QYjFtWTL5hGeHSMsG
Sb2aUdaYImvL0vrVkA+Wf3JWjpHDp10pcepbTfyNJ2elYUpWJqaRmSv+kHEE6yas
Zm6sPsbpvczdW8T/y3Kb+YmYsEd4epflRfSeED3v6CKp4sQQKGD4+2QUhiZyodnU
59/k57ztEmYv3sliVRlQuWnkOMV7E/JUrRuaLcyijpC03A6xXigB4oLVUUfpdk5V
sB9oaEJ5IeDftVwW/0jjD2yhiv1Eae6Kfx84RfeDkyp/wUDwmenasJw2LQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBxtLMcAiO8OH5IfFVNDdn3FTLi1MB8GA1UdIwQY
MBaAFKfuGC2cQ6XOcGjf2bp6qO2Q5eC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDkt
NmI1ZjY4NTIyYTdkLzEvSEcwc3h3Q0k3dzRma2g4VlUwTjJmY1ZNdUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDktNmI1ZjY4NTIyYTdk
LzEvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALZCQQD
BADZCQYwDQYJKoZIhvcNAQELBQADggEBAMuIVLuk7R7C6m6DMMW9rPSmRO18uwxB
D8JMvUhSNMez0sOqnxwc6Dq5HoqI0zBMO8eTdJ5GbGzi/569jhmQO/rQBXZw243/
K/l0fSwodD/+uzMkbVO7YFIMe86QlaJw4V3KlY8UEF144/LgYKODprLpnhnEKJVR
G3EaNR6zv4lZmldgzXTbAzfPxW6GIZm/fda06dtMMtbC0wies6mV2bz+znYa96xD
+BGeQ/ROi3ixzGdRvvq/vDckmln4b65zAg57QPNRJl+DegGIlgDEP+JCSF+vUKjy
PC/47WjQPgAO3qidU2Ke6bnIzbz0So9N72CEmpiDzBijWKQvsQ7fDf4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:40 2025 by rpki-client