Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/cc920d-8109-4119-b840-664ef0da8c30/1/b9B102wOebSEH0EiAU4o7haSTNE.roa
File: b9B102wOebSEH0EiAU4o7haSTNE.roa (raw, json)
Hash identifier: w8TiYlYrrX0BopJEemJvanYXKIEW88KrCZAniAUGX7I=
Subject key identifier: 6F:D0:75:D3:6C:0E:79:B4:84:1F:41:22:01:4E:28:EE:16:92:4C:D1
Certificate issuer: /CN=6aa34a4bac3bf7813cd2a66b4f45b9c786dd3542
Certificate serial: 019425FC478EA1C30791F3BAF0C838999743
Authority key identifier: 6A:A3:4A:4B:AC:3B:F7:81:3C:D2:A6:6B:4F:45:B9:C7:86:DD:35:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqNKS6w794E80qZrT0W5x4bdNUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/cc920d-8109-4119-b840-664ef0da8c30/1/b9B102wOebSEH0EiAU4o7haSTNE.roa
Signing time: Thu 02 Jan 2025 07:47:57 +0000
ROA not before: Thu 02 Jan 2025 07:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59877
IP address blocks: 217.197.108.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:47:8e:a1:c3:07:91:f3:ba:f0:c8:38:99:97:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa34a4bac3bf7813cd2a66b4f45b9c786dd3542
Validity
Not Before: Jan 2 07:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fd075d36c0e79b4841f4122014e28ee16924cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6d:d5:95:29:73:e2:2f:12:2f:de:25:a9:f4:
b8:aa:d4:b7:c0:16:1a:07:37:d5:01:fc:b2:60:40:
16:38:d1:0a:19:61:7e:66:da:69:24:ef:9a:ef:03:
8f:0d:74:76:a3:96:b9:6a:b2:48:01:f1:a9:63:a5:
50:33:e9:bb:9c:53:32:e8:3c:60:63:3e:05:3a:cd:
65:79:b0:96:43:40:0a:b9:74:e1:ee:cb:5b:d2:9e:
d8:69:54:1e:91:ed:4f:48:2e:0b:1e:19:db:92:33:
b7:80:35:ab:62:25:32:71:91:67:a9:01:5e:d2:28:
e8:10:b1:6b:08:c6:52:e6:0c:4c:f4:82:f4:40:d9:
65:94:93:e0:26:02:80:61:a6:e6:a4:60:88:bd:81:
51:da:b2:5a:0c:60:fc:47:35:4b:18:7f:96:c1:30:
51:d1:97:5b:4a:b4:a5:5d:8b:cc:f7:b1:27:17:d8:
ef:2c:0b:bc:90:28:3a:38:2e:e4:bb:64:f0:46:35:
2f:6a:2a:af:42:a3:4d:77:f4:8c:ee:0b:67:51:fb:
c7:09:c6:ec:c5:42:78:12:1a:98:43:00:42:07:dd:
45:7f:b4:e7:3c:2a:6d:8f:1f:73:66:30:0d:85:e2:
86:83:da:94:26:bb:22:9c:a0:97:06:35:f9:da:62:
d8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D0:75:D3:6C:0E:79:B4:84:1F:41:22:01:4E:28:EE:16:92:4C:D1
X509v3 Authority Key Identifier:
keyid:6A:A3:4A:4B:AC:3B:F7:81:3C:D2:A6:6B:4F:45:B9:C7:86:DD:35:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqNKS6w794E80qZrT0W5x4bdNUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc920d-8109-4119-b840-664ef0da8c30/1/b9B102wOebSEH0EiAU4o7haSTNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc920d-8109-4119-b840-664ef0da8c30/1/aqNKS6w794E80qZrT0W5x4bdNUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.108.0/24
Signature Algorithm: sha256WithRSAEncryption
31:d4:a4:26:c4:b2:bc:9a:dc:ab:5f:d9:3c:36:bc:d9:da:f3:
4f:cc:74:dc:ec:49:01:8c:20:5f:d0:f4:2a:5d:4e:39:4d:76:
76:7f:20:e7:2b:95:5d:71:01:03:fa:d3:9d:18:a0:63:91:29:
4e:95:14:6c:5a:c0:81:e4:96:4a:28:3c:7c:75:3d:55:26:cc:
b7:1c:86:67:ee:9d:23:d9:ab:a9:34:e2:72:f1:d7:bc:8c:87:
94:7a:d4:dc:fa:c2:e8:37:ba:94:ec:e6:c5:c1:43:c7:2f:d5:
02:f0:9b:d2:d7:88:9b:68:46:41:ab:56:8f:3e:2d:1a:39:f0:
6f:aa:2a:14:58:0b:3b:ee:a8:82:70:b4:8b:8c:39:4b:85:00:
a8:18:ea:3f:c9:68:bb:19:e8:f1:6d:41:5b:7c:f2:21:a2:7c:
16:12:11:b8:fa:68:4c:2a:ec:de:c8:1e:07:b1:ef:77:40:67:
3d:46:7a:5a:81:36:30:5d:ff:48:73:80:4b:85:02:c2:82:79:
12:f8:41:ae:f9:9b:d7:30:eb:e1:38:c2:35:f0:a5:bc:09:89:
71:d9:58:4c:76:41:7b:4d:f2:94:bf:ce:2c:df:89:00:ec:b7:
d2:f6:75:30:4c:f2:c8:02:0e:f9:73:80:4d:e5:87:5c:a4:11:
56:5e:78:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/EeOocMHkfO68Mg4mZdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYTM0YTRiYWMzYmY3ODEzY2QyYTY2YjRmNDViOWM3ODZk
ZDM1NDIwHhcNMjUwMTAyMDc0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQwNzVkMzZjMGU3OWI0ODQxZjQxMjIwMTRlMjhlZTE2OTI0Y2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG3VlSlz4i8SL94lqfS4qtS3wBYa
BzfVAfyyYEAWONEKGWF+ZtppJO+a7wOPDXR2o5a5arJIAfGpY6VQM+m7nFMy6Dxg
Yz4FOs1lebCWQ0AKuXTh7stb0p7YaVQeke1PSC4LHhnbkjO3gDWrYiUycZFnqQFe
0ijoELFrCMZS5gxM9IL0QNlllJPgJgKAYabmpGCIvYFR2rJaDGD8RzVLGH+WwTBR
0ZdbSrSlXYvM97EnF9jvLAu8kCg6OC7ku2TwRjUvaiqvQqNNd/SM7gtnUfvHCcbs
xUJ4EhqYQwBCB91Ff7TnPCptjx9zZjANheKGg9qUJrsinKCXBjX52mLYCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/QddNsDnm0hB9BIgFOKO4WkkzRMB8GA1UdIwQY
MBaAFGqjSkusO/eBPNKma09FuceG3TVCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFOS1M2dzc5NEU4MHFaclQwVzV4NGJkTlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jYzkyMGQtODEwOS00MTE5LWI4NDAt
NjY0ZWYwZGE4YzMwLzEvYjlCMTAyd09lYlNFSDBFaUFVNG83aGFTVE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jYzkyMGQtODEwOS00MTE5LWI4NDAtNjY0ZWYwZGE4YzMw
LzEvYXFOS1M2dzc5NEU4MHFaclQwVzV4NGJkTlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cVsMA0G
CSqGSIb3DQEBCwUAA4IBAQAx1KQmxLK8mtyrX9k8NrzZ2vNPzHTc7EkBjCBf0PQq
XU45TXZ2fyDnK5VdcQED+tOdGKBjkSlOlRRsWsCB5JZKKDx8dT1VJsy3HIZn7p0j
2aupNOJy8de8jIeUetTc+sLoN7qU7ObFwUPHL9UC8JvS14ibaEZBq1aPPi0aOfBv
qioUWAs77qiCcLSLjDlLhQCoGOo/yWi7GejxbUFbfPIhonwWEhG4+mhMKuzeyB4H
se93QGc9RnpagTYwXf9Ic4BLhQLCgnkS+EGu+ZvXMOvhOMI18KW8CYlx2VhMdkF7
TfKUv84s34kA7LfS9nUwTPLIAg75c4BN5YdcpBFWXnio
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:10:38 2025 by rpki-client