Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/NMtf5g2h09CpLbmo1MKTK6aenWk.roa
File: NMtf5g2h09CpLbmo1MKTK6aenWk.roa (raw, json)
Hash identifier: tfFi0QE+bzYcqYuU5pyH35ZlykRfgC3AccLaeKevVfo=
Subject key identifier: 34:CB:5F:E6:0D:A1:D3:D0:A9:2D:B9:A8:D4:C2:93:2B:A6:9E:9D:69
Certificate issuer: /CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Certificate serial: 0194274850D44A896E7C391ED526B40FED07
Authority key identifier: 70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/NMtf5g2h09CpLbmo1MKTK6aenWk.roa
Signing time: Thu 02 Jan 2025 13:50:38 +0000
ROA not before: Thu 02 Jan 2025 13:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197091
IP address blocks: 217.11.136.0/22 maxlen: 22
217.11.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:50:d4:4a:89:6e:7c:39:1e:d5:26:b4:0f:ed:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Validity
Not Before: Jan 2 13:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34cb5fe60da1d3d0a92db9a8d4c2932ba69e9d69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f2:35:26:2c:e1:48:78:cb:c2:b4:83:c6:c7:
1a:9c:6a:6c:71:dd:ac:da:15:ef:e6:9f:4a:d2:71:
86:f5:55:5a:e4:b7:9f:0a:1c:eb:f7:26:9f:68:d8:
f7:f8:fd:61:6b:f0:91:d7:a8:99:0e:98:09:64:bb:
14:75:7b:10:0c:57:6e:53:00:fb:bb:75:60:3b:bf:
e9:ba:73:60:1c:0e:80:7b:68:9a:18:a2:03:37:e7:
eb:4f:05:52:0f:f1:18:05:bf:21:5d:06:e2:a9:80:
41:45:d8:07:6e:a5:ff:32:d3:41:ad:59:1c:73:36:
09:2c:0f:ee:b5:2a:2e:e7:44:a4:e4:3a:09:ec:2d:
3f:38:4f:52:6e:fe:d0:e9:ab:02:7d:0b:5f:29:16:
39:46:07:40:d4:71:29:47:69:77:7b:31:9a:23:29:
db:13:30:2e:53:8e:d2:1d:27:9f:d2:5c:9a:9c:31:
22:88:be:17:47:a5:be:2e:18:d0:fe:11:12:34:b1:
7f:95:62:e7:91:76:dc:0d:c4:48:f3:29:56:23:f4:
78:de:ec:21:e2:52:8f:90:0d:3c:2b:dc:e7:d6:ef:
d3:22:a5:e6:14:f9:e4:0d:ed:82:26:f6:89:53:63:
08:c3:62:08:af:86:cf:6c:74:e8:d4:b1:4c:66:00:
91:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:CB:5F:E6:0D:A1:D3:D0:A9:2D:B9:A8:D4:C2:93:2B:A6:9E:9D:69
X509v3 Authority Key Identifier:
keyid:70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/NMtf5g2h09CpLbmo1MKTK6aenWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.11.136.0/22
Signature Algorithm: sha256WithRSAEncryption
66:9b:2d:09:57:61:0a:aa:91:57:85:6d:44:4d:86:76:a0:73:
7f:34:f1:0e:06:f5:e1:9f:0f:e9:34:bf:ee:46:1c:00:3d:de:
e4:1e:0d:c5:ae:d9:86:c1:77:55:d4:b2:c5:9e:ec:82:ee:dc:
5b:55:2c:b4:17:99:95:e5:36:34:23:24:71:1f:3c:40:df:a9:
0a:58:d3:9b:8d:1e:b5:84:9d:64:58:69:68:e3:1d:9b:54:c0:
4a:48:5a:6d:7f:99:33:9b:63:bb:2c:6b:a7:d7:6c:f1:fa:6b:
92:5f:48:79:fd:f7:96:77:72:c9:4b:9b:7e:f6:a0:20:f1:29:
92:6d:b2:df:b6:42:9a:e1:06:31:86:74:84:5a:ef:34:bd:03:
15:53:ec:33:ff:95:7d:3e:85:31:b4:dd:4d:c0:79:84:3c:80:
f9:ef:40:a1:5f:a1:f8:96:c3:e4:e5:b0:14:d8:83:8e:ab:bb:
70:87:a4:e0:c0:78:6e:0a:ec:53:59:f9:9e:30:40:21:45:cf:
8d:bb:71:5d:f0:83:89:bf:4c:3c:91:41:44:b4:48:66:2b:75:
72:59:af:95:60:a5:78:1c:e6:fb:f2:bd:14:02:2d:0c:e4:7b:
58:5c:58:3e:2a:d6:47:41:98:42:6c:03:64:31:90:93:6b:a8:
d9:ce:f0:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSFDUSolufDke1Sa0D+0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGExMjMxZDFjMjdhNzU0ZTQ2ZWYxMGU5MmE3MzBhZTE1
ZDBmNTUwHhcNMjUwMTAyMTM1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGNiNWZlNjBkYTFkM2QwYTkyZGI5YThkNGMyOTMyYmE2OWU5ZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/I1JizhSHjLwrSDxscanGpscd2s
2hXv5p9K0nGG9VVa5LefChzr9yafaNj3+P1ha/CR16iZDpgJZLsUdXsQDFduUwD7
u3VgO7/punNgHA6Ae2iaGKIDN+frTwVSD/EYBb8hXQbiqYBBRdgHbqX/MtNBrVkc
czYJLA/utSou50Sk5DoJ7C0/OE9Sbv7Q6asCfQtfKRY5RgdA1HEpR2l3ezGaIynb
EzAuU47SHSef0lyanDEiiL4XR6W+LhjQ/hESNLF/lWLnkXbcDcRI8ylWI/R43uwh
4lKPkA08K9zn1u/TIqXmFPnkDe2CJvaJU2MIw2IIr4bPbHTo1LFMZgCRCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDTLX+YNodPQqS25qNTCkyumnp1pMB8GA1UdIwQY
MBaAFHAKEjHRwnp1TkbvEOkqcwrhXQ9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgt
YWI3OWEzNzg5ZjhmLzEvTk10ZjVnMmgwOUNwTGJtbzFNS1RLNmFlbldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgtYWI3OWEzNzg5Zjhm
LzEvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2QuIMA0G
CSqGSIb3DQEBCwUAA4IBAQBmmy0JV2EKqpFXhW1ETYZ2oHN/NPEOBvXhnw/pNL/u
RhwAPd7kHg3FrtmGwXdV1LLFnuyC7txbVSy0F5mV5TY0IyRxHzxA36kKWNObjR61
hJ1kWGlo4x2bVMBKSFptf5kzm2O7LGun12zx+muSX0h5/feWd3LJS5t+9qAg8SmS
bbLftkKa4QYxhnSEWu80vQMVU+wz/5V9PoUxtN1NwHmEPID570ChX6H4lsPk5bAU
2IOOq7twh6TgwHhuCuxTWfmeMEAhRc+Nu3Fd8IOJv0w8kUFEtEhmK3VyWa+VYKV4
HOb78r0UAi0M5HtYXFg+KtZHQZhCbANkMZCTa6jZzvBb
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:45:56 2025 by rpki-client