Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/sD_dX7pupy2DcLlmE7QFIJ2MGkQ.roa
File: sD_dX7pupy2DcLlmE7QFIJ2MGkQ.roa (raw, json)
Hash identifier: N/4cy3GtLTvRW9uw8BRyRspOVsX90+cI/TGL47ddSl0=
Subject key identifier: B0:3F:DD:5F:BA:6E:A7:2D:83:70:B9:66:13:B4:05:20:9D:8C:1A:44
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 019424B3CA667CE1B3C1E033B93E1CBEE217
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/sD_dX7pupy2DcLlmE7QFIJ2MGkQ.roa
Signing time: Thu 02 Jan 2025 01:49:09 +0000
ROA not before: Thu 02 Jan 2025 01:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199698
IP address blocks: 217.113.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ca:66:7c:e1:b3:c1:e0:33:b9:3e:1c:be:e2:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Jan 2 01:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b03fdd5fba6ea72d8370b96613b405209d8c1a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d0:0b:88:7f:2e:54:dd:89:d0:74:e9:53:fd:
45:1e:8c:d0:dd:9e:d6:86:b6:db:86:09:ca:f4:8c:
18:40:32:10:d2:03:90:16:44:41:3d:af:9c:db:63:
ef:76:7f:f8:86:d2:9b:9b:48:07:3e:bf:f1:c9:5f:
62:0f:c7:1b:a4:07:27:9a:00:cd:eb:86:c3:50:35:
8a:b2:3b:67:72:1a:bf:05:74:86:cf:9b:87:da:02:
28:47:10:c3:5c:d9:bd:e6:d5:e3:83:58:de:dc:fa:
84:bc:c9:21:0b:eb:d4:db:fb:84:5f:68:3d:a1:a4:
a5:3c:bd:58:ce:d8:74:60:6a:32:f0:c1:ce:7e:cb:
46:f4:1e:87:ed:cd:02:b2:35:c2:b0:24:f6:b1:20:
e2:d6:00:7b:1a:b6:31:bb:f9:b9:f0:d8:67:3a:1e:
10:5a:42:61:2e:11:57:87:ab:3e:c4:ab:b8:43:b0:
ca:f5:6c:b8:9f:a6:c6:32:4d:2b:b6:74:1a:05:f7:
4b:cf:2a:0d:13:0e:4b:c7:81:1e:30:14:e4:60:b8:
09:63:28:73:9e:1e:7b:31:b2:b5:87:1f:a0:4c:f6:
64:9c:44:7a:f7:04:d1:80:9f:61:ac:31:ef:f1:15:
19:85:a1:09:6e:44:1c:00:48:40:97:50:34:0c:9a:
28:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3F:DD:5F:BA:6E:A7:2D:83:70:B9:66:13:B4:05:20:9D:8C:1A:44
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/sD_dX7pupy2DcLlmE7QFIJ2MGkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.29.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:42:c0:e9:43:cb:b7:1e:ae:19:aa:06:14:57:79:eb:d0:58:
60:a9:71:41:55:f4:18:d5:76:9c:f7:25:7a:c0:4a:28:12:35:
b0:a2:f3:fc:d3:af:46:b3:ba:4e:61:aa:36:80:6a:d7:c7:0f:
70:de:53:71:a1:85:82:27:db:ea:8e:67:fe:40:4b:c6:50:eb:
fe:74:db:73:03:3f:b1:27:53:20:58:8f:4e:70:a0:5b:ae:21:
85:09:0d:31:e6:d5:e0:9d:cb:88:88:ba:94:62:b2:a8:f8:c5:
3b:5e:0c:f7:de:49:fc:73:91:14:6d:d9:45:6a:79:9a:8c:38:
74:a8:58:88:e0:d4:cb:9f:8d:05:e3:19:3e:b5:7e:1d:4d:c8:
a2:fa:5e:93:92:8b:50:f3:62:50:84:90:6f:20:c6:8d:fa:12:
fa:6e:f0:91:48:85:9d:c0:e7:24:3e:e2:c7:57:ca:75:a3:c3:
70:cf:b3:af:62:f9:42:56:91:fe:e6:a3:52:f5:1e:c4:ba:49:
92:a8:a5:e6:b9:6c:e8:63:ec:76:0e:eb:b4:4a:da:a6:90:94:
c2:b8:7c:f0:b5:6a:0d:e1:44:9a:2a:8c:8a:49:79:6c:2b:c3:
ad:69:28:e5:fe:2d:a0:ad:4b:c2:dc:db:31:52:77:51:cc:76:
43:c6:c1:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks8pmfOGzweAzuT4cvuIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjUwMTAyMDE0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDNmZGQ1ZmJhNmVhNzJkODM3MGI5NjYxM2I0MDUyMDlkOGMxYTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtALiH8uVN2J0HTpU/1FHozQ3Z7W
hrbbhgnK9IwYQDIQ0gOQFkRBPa+c22Pvdn/4htKbm0gHPr/xyV9iD8cbpAcnmgDN
64bDUDWKsjtnchq/BXSGz5uH2gIoRxDDXNm95tXjg1je3PqEvMkhC+vU2/uEX2g9
oaSlPL1Yzth0YGoy8MHOfstG9B6H7c0CsjXCsCT2sSDi1gB7GrYxu/m58NhnOh4Q
WkJhLhFXh6s+xKu4Q7DK9Wy4n6bGMk0rtnQaBfdLzyoNEw5Lx4EeMBTkYLgJYyhz
nh57MbK1hx+gTPZknER69wTRgJ9hrDHv8RUZhaEJbkQcAEhAl1A0DJoocQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLA/3V+6bqctg3C5ZhO0BSCdjBpEMB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvc0RfZFg3cHVweTJEY0xsbUU3UUZJSjJNR2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XEdMA0G
CSqGSIb3DQEBCwUAA4IBAQBcQsDpQ8u3Hq4ZqgYUV3nr0FhgqXFBVfQY1Xac9yV6
wEooEjWwovP8069Gs7pOYao2gGrXxw9w3lNxoYWCJ9vqjmf+QEvGUOv+dNtzAz+x
J1MgWI9OcKBbriGFCQ0x5tXgncuIiLqUYrKo+MU7Xgz33kn8c5EUbdlFanmajDh0
qFiI4NTLn40F4xk+tX4dTcii+l6TkotQ82JQhJBvIMaN+hL6bvCRSIWdwOckPuLH
V8p1o8Nwz7OvYvlCVpH+5qNS9R7EukmSqKXmuWzoY+x2Duu0StqmkJTCuHzwtWoN
4USaKoyKSXlsK8OtaSjl/i2grUvC3NsxUndRzHZDxsFZ
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:16:45 2025 by rpki-client