Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/48db10-3ba8-4e80-b3dc-ab31eacbffca/1/806ngxQFbLg-MFXB9RB492466i0.roa
File: 806ngxQFbLg-MFXB9RB492466i0.roa (raw, json)
Hash identifier: p/nhUvWIiglPDhL2yjGq+wAsIWcIw+TsOyuSheiCKGg=
Subject key identifier: F3:4E:A7:83:14:05:6C:B8:3E:30:55:C1:F5:10:78:F7:6E:3A:EA:2D
Certificate issuer: /CN=8110149fd12130b3cdcf35862b0dcdb98a9471c9
Certificate serial: 019428236D88348089E87F5E60EF6CC6BDC2
Authority key identifier: 81:10:14:9F:D1:21:30:B3:CD:CF:35:86:2B:0D:CD:B9:8A:94:71:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gRAUn9EhMLPNzzWGKw3NuYqUcck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/48db10-3ba8-4e80-b3dc-ab31eacbffca/1/806ngxQFbLg-MFXB9RB492466i0.roa
Signing time: Thu 02 Jan 2025 17:49:57 +0000
ROA not before: Thu 02 Jan 2025 17:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8560
IP address blocks: 217.73.68.0/24 maxlen: 24
217.73.69.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:6d:88:34:80:89:e8:7f:5e:60:ef:6c:c6:bd:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8110149fd12130b3cdcf35862b0dcdb98a9471c9
Validity
Not Before: Jan 2 17:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f34ea78314056cb83e3055c1f51078f76e3aea2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:af:17:f8:47:53:26:3d:b1:65:a7:4e:5c:c7:
ac:e8:bf:6b:64:1c:36:d7:c8:fb:9a:43:28:41:5c:
f5:b4:6d:e0:6f:8d:a6:7e:41:fe:86:17:62:9b:f5:
06:d6:da:ea:b3:80:b0:dd:f9:cf:e4:08:fb:ed:73:
eb:78:70:6e:48:33:ea:fa:0d:6b:ea:fa:9d:9c:02:
97:33:59:3b:e7:1c:d1:e7:b4:c9:ec:dd:29:b2:96:
eb:7e:4c:e2:fb:3e:73:18:c2:a6:3c:2d:43:83:15:
eb:68:73:09:62:07:61:ca:40:f8:70:09:ce:91:78:
42:85:39:84:da:7d:b5:3a:cd:1e:d5:07:cd:18:13:
58:4b:5b:0e:e6:31:b2:63:52:43:bf:63:7d:43:dd:
bf:53:21:07:6b:15:3b:6c:9a:4e:1a:37:f5:69:76:
f1:97:64:60:fb:c2:35:b7:df:33:3d:00:a4:4d:c2:
38:a7:67:6b:2a:c0:84:ba:85:4b:fa:cf:40:f5:20:
4b:b7:19:dd:b5:fe:38:05:96:51:83:b4:80:9a:0f:
77:5c:02:59:5d:fa:75:86:36:25:e9:fe:a9:a2:08:
9d:a9:77:f1:0e:a4:0e:24:60:dd:70:86:f3:64:81:
a1:17:c6:d9:7b:40:65:4e:d9:61:29:11:b5:4b:a2:
60:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:4E:A7:83:14:05:6C:B8:3E:30:55:C1:F5:10:78:F7:6E:3A:EA:2D
X509v3 Authority Key Identifier:
keyid:81:10:14:9F:D1:21:30:B3:CD:CF:35:86:2B:0D:CD:B9:8A:94:71:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gRAUn9EhMLPNzzWGKw3NuYqUcck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/48db10-3ba8-4e80-b3dc-ab31eacbffca/1/806ngxQFbLg-MFXB9RB492466i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/48db10-3ba8-4e80-b3dc-ab31eacbffca/1/gRAUn9EhMLPNzzWGKw3NuYqUcck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.73.68.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:4c:bf:2b:b2:27:99:05:6a:e1:e9:2f:7d:c5:ab:84:87:fc:
2f:91:84:17:0d:13:df:01:c2:65:00:32:a9:7a:96:bf:3c:3e:
fa:2b:63:82:29:20:f0:a2:64:a2:cc:28:a6:15:d8:a8:c3:39:
28:b9:31:72:04:7c:ae:24:82:3a:49:05:fb:86:b8:27:79:da:
95:87:87:11:5c:f9:3e:09:5a:fe:9d:d9:fc:ef:fe:a8:e9:b2:
08:f4:99:de:52:fd:0a:c6:26:7c:42:09:6c:2b:b2:1b:b2:7d:
4a:7d:3c:83:27:6a:15:b1:bf:f9:5f:19:93:e7:3d:4e:5c:36:
b7:ec:10:a6:37:0f:a6:2b:03:37:18:78:92:6d:18:2b:f2:b6:
92:14:4d:0c:9a:1e:4f:db:78:87:85:42:a9:13:22:3f:4b:58:
95:20:5c:95:53:6e:bd:5c:f4:36:5b:95:45:e3:d0:b0:79:c0:
f8:50:8b:1a:91:47:17:ee:a4:5b:c1:86:7e:ee:e2:bd:37:c7:
6b:7a:11:66:3b:56:e0:2c:b4:d2:dd:25:69:50:f1:5c:42:ce:
b6:97:02:4f:0c:5a:9a:9b:bb:c1:29:8e:78:87:8c:5c:c9:e9:
da:a4:59:5f:d8:8d:b2:bf:ac:2d:37:5c:cf:ef:2c:72:57:85:
25:db:b3:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI22INICJ6H9eYO9sxr3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMTAxNDlmZDEyMTMwYjNjZGNmMzU4NjJiMGRjZGI5OGE5
NDcxYzkwHhcNMjUwMTAyMTc0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzRlYTc4MzE0MDU2Y2I4M2UzMDU1YzFmNTEwNzhmNzZlM2FlYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK8X+EdTJj2xZadOXMes6L9rZBw2
18j7mkMoQVz1tG3gb42mfkH+hhdim/UG1trqs4Cw3fnP5Aj77XPreHBuSDPq+g1r
6vqdnAKXM1k75xzR57TJ7N0pspbrfkzi+z5zGMKmPC1DgxXraHMJYgdhykD4cAnO
kXhChTmE2n21Os0e1QfNGBNYS1sO5jGyY1JDv2N9Q92/UyEHaxU7bJpOGjf1aXbx
l2Rg+8I1t98zPQCkTcI4p2drKsCEuoVL+s9A9SBLtxndtf44BZZRg7SAmg93XAJZ
Xfp1hjYl6f6pogidqXfxDqQOJGDdcIbzZIGhF8bZe0BlTtlhKRG1S6JgWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPNOp4MUBWy4PjBVwfUQePduOuotMB8GA1UdIwQY
MBaAFIEQFJ/RITCzzc81hisNzbmKlHHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1JBVW45RWhNTFBOenpXR0t3M051WXFVY2NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80OGRiMTAtM2JhOC00ZTgwLWIzZGMt
YWIzMWVhY2JmZmNhLzEvODA2bmd4UUZiTGctTUZYQjlSQjQ5MjQ2NmkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80OGRiMTAtM2JhOC00ZTgwLWIzZGMtYWIzMWVhY2JmZmNh
LzEvZ1JBVW45RWhNTFBOenpXR0t3M051WXFVY2NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2UlEMA0G
CSqGSIb3DQEBCwUAA4IBAQCoTL8rsieZBWrh6S99xauEh/wvkYQXDRPfAcJlADKp
epa/PD76K2OCKSDwomSizCimFdiowzkouTFyBHyuJII6SQX7hrgnedqVh4cRXPk+
CVr+ndn87/6o6bII9JneUv0KxiZ8QglsK7Ibsn1KfTyDJ2oVsb/5XxmT5z1OXDa3
7BCmNw+mKwM3GHiSbRgr8raSFE0Mmh5P23iHhUKpEyI/S1iVIFyVU269XPQ2W5VF
49CwecD4UIsakUcX7qRbwYZ+7uK9N8drehFmO1bgLLTS3SVpUPFcQs62lwJPDFqa
m7vBKY54h4xcyenapFlf2I2yv6wtN1zP7yxyV4Ul27M8
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:32:06 2025 by rpki-client