Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/un7p1oX6IuixEnJw52S1lgp4k0A.roa
File: un7p1oX6IuixEnJw52S1lgp4k0A.roa (raw, json)
Hash identifier: zhKv5DC0Mh83opPQLWP9MGfrzkdDgqEhOQ8/1xd2cZA=
Subject key identifier: BA:7E:E9:D6:85:FA:22:E8:B1:12:72:70:E7:64:B5:96:0A:78:93:40
Certificate issuer: /CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Certificate serial: 01942369C5F252BB6FAD63F1DD4A9729E831
Authority key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/un7p1oX6IuixEnJw52S1lgp4k0A.roa
Signing time: Wed 01 Jan 2025 19:48:41 +0000
ROA not before: Wed 01 Jan 2025 19:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42105
IP address blocks: 217.9.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c5:f2:52:bb:6f:ad:63:f1:dd:4a:97:29:e8:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Validity
Not Before: Jan 1 19:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba7ee9d685fa22e8b1127270e764b5960a789340
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5b:dd:60:fe:f2:20:d2:79:d8:d4:60:2f:98:
a2:a8:66:fa:bd:c5:3f:17:a3:2a:c4:c3:32:8e:99:
76:77:5b:08:e1:09:6f:3b:d4:88:15:85:18:71:ab:
15:28:f6:47:21:a6:a7:7c:28:e5:e8:63:7e:79:be:
73:54:06:04:78:28:c2:05:ec:dd:f1:f7:7e:7e:40:
5e:e4:6c:cb:eb:d9:0e:e4:2f:e2:5e:05:85:44:92:
60:06:f6:b0:b3:0f:83:20:cc:8d:af:33:30:8c:1b:
d6:ac:64:36:19:c0:29:65:d9:f3:94:9b:af:dd:6a:
f6:9d:47:a7:78:bf:d9:ca:c9:f0:d8:17:17:bb:ff:
f5:86:38:b5:81:b9:9d:bd:d4:f0:7a:57:35:3b:84:
ec:b0:f4:00:2d:66:25:90:2c:de:46:28:80:97:82:
a0:2e:f3:86:0b:cb:48:75:b9:33:32:85:b7:ec:e4:
97:79:0a:c0:6b:47:e7:00:55:39:3f:5d:6d:f7:22:
85:bb:f2:d6:1a:c9:17:4d:ef:b2:db:26:00:4b:15:
6a:7e:84:83:3d:34:9c:e6:2e:fe:46:71:d3:37:c6:
7b:a9:b3:46:08:cc:53:35:e9:be:f3:38:f4:55:4d:
97:cf:95:20:a8:e8:f5:57:b6:7d:7c:7f:c9:7d:59:
b0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:7E:E9:D6:85:FA:22:E8:B1:12:72:70:E7:64:B5:96:0A:78:93:40
X509v3 Authority Key Identifier:
keyid:A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/un7p1oX6IuixEnJw52S1lgp4k0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.8.0/24
Signature Algorithm: sha256WithRSAEncryption
93:c5:21:c7:da:e3:e8:f0:7a:da:a6:5e:f5:70:08:e8:fa:87:
fa:98:a9:cf:88:5e:5f:df:f4:17:dc:37:a9:66:a5:00:42:49:
4e:c4:d6:63:a3:a7:af:7c:47:c4:cc:f4:b1:53:b7:89:13:72:
d8:15:91:9c:e3:d1:41:02:01:26:bd:1d:a1:0c:5c:05:08:5c:
6b:01:9c:8b:a6:c6:46:8c:d1:07:ca:81:5f:2e:14:35:1b:b7:
6a:7c:11:d1:32:23:48:5d:a0:46:2e:55:4a:8f:c6:3f:5c:f4:
62:5e:0f:ec:d8:69:9d:9d:1c:9b:81:a7:92:d2:49:a6:e2:16:
f7:a6:c5:be:1e:d0:af:77:b1:ed:ec:f3:7d:db:24:a8:bc:82:
33:0b:b5:a5:d9:cd:89:26:77:03:da:7a:e3:18:90:b3:c9:5d:
43:d2:45:f5:b4:71:24:e5:03:20:ed:e4:fa:75:75:ef:66:a6:
22:90:aa:99:08:f6:e1:26:6a:1e:e7:76:02:8f:09:64:66:0a:
b0:a1:37:ea:fe:73:85:9d:20:2d:56:78:2d:11:7c:a4:51:bd:
4c:dd:1a:53:b3:08:16:7a:b5:c3:b8:99:13:d1:ad:b3:6c:62:
98:8f:ca:c0:11:ae:eb:48:1d:c9:5b:e0:f1:4f:f4:8f:04:23:
bf:18:0a:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjacXyUrtvrWPx3UqXKegxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZWUxODJkOWM0M2E1Y2U3MDY4ZGZkOWJhN2FhOGVkOTBl
NWUwYmEwHhcNMjUwMTAxMTk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTdlZTlkNjg1ZmEyMmU4YjExMjcyNzBlNzY0YjU5NjBhNzg5MzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVvdYP7yINJ52NRgL5iiqGb6vcU/
F6MqxMMyjpl2d1sI4QlvO9SIFYUYcasVKPZHIaanfCjl6GN+eb5zVAYEeCjCBezd
8fd+fkBe5GzL69kO5C/iXgWFRJJgBvawsw+DIMyNrzMwjBvWrGQ2GcApZdnzlJuv
3Wr2nUeneL/Zysnw2BcXu//1hji1gbmdvdTwelc1O4TssPQALWYlkCzeRiiAl4Kg
LvOGC8tIdbkzMoW37OSXeQrAa0fnAFU5P11t9yKFu/LWGskXTe+y2yYASxVqfoSD
PTSc5i7+RnHTN8Z7qbNGCMxTNem+8zj0VU2Xz5UgqOj1V7Z9fH/JfVmwBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLp+6daF+iLosRJycOdktZYKeJNAMB8GA1UdIwQY
MBaAFKfuGC2cQ6XOcGjf2bp6qO2Q5eC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDkt
NmI1ZjY4NTIyYTdkLzEvdW43cDFvWDZJdWl4RW5KdzUyUzFsZ3A0azBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDktNmI1ZjY4NTIyYTdk
LzEvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2QkIMA0G
CSqGSIb3DQEBCwUAA4IBAQCTxSHH2uPo8Hrapl71cAjo+of6mKnPiF5f3/QX3Dep
ZqUAQklOxNZjo6evfEfEzPSxU7eJE3LYFZGc49FBAgEmvR2hDFwFCFxrAZyLpsZG
jNEHyoFfLhQ1G7dqfBHRMiNIXaBGLlVKj8Y/XPRiXg/s2GmdnRybgaeS0kmm4hb3
psW+HtCvd7Ht7PN92ySovIIzC7Wl2c2JJncD2nrjGJCzyV1D0kX1tHEk5QMg7eT6
dXXvZqYikKqZCPbhJmoe53YCjwlkZgqwoTfq/nOFnSAtVngtEXykUb1M3RpTswgW
erXDuJkT0a2zbGKYj8rAEa7rSB3JW+DxT/SPBCO/GArt
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:51:13 2025 by rpki-client