Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/dH9xmN_c-ogf3lMo2xsIcwvlDWE.roa
File: dH9xmN_c-ogf3lMo2xsIcwvlDWE.roa (raw, json)
Hash identifier: SFJ3H40oDJz+xjK+HZI55sajPf6JpJrE0sfXbpnpYH0=
Subject key identifier: 74:7F:71:98:DF:DC:FA:88:1F:DE:53:28:DB:1B:08:73:0B:E5:0D:61
Certificate issuer: /CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Certificate serial: 01942748514E4448C7C337B3E0ECF0B8221F
Authority key identifier: 70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/dH9xmN_c-ogf3lMo2xsIcwvlDWE.roa
Signing time: Thu 02 Jan 2025 13:50:38 +0000
ROA not before: Thu 02 Jan 2025 13:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200862
IP address blocks: 217.11.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:51:4e:44:48:c7:c3:37:b3:e0:ec:f0:b8:22:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Validity
Not Before: Jan 2 13:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=747f7198dfdcfa881fde5328db1b08730be50d61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d0:df:a9:85:a3:59:a8:7d:65:2b:db:57:81:
d6:43:d0:4d:25:fc:c0:02:37:95:94:ec:52:64:6b:
67:f2:40:ec:9a:b8:34:a0:b0:c3:ec:c9:30:8d:e8:
02:f7:4c:3e:1b:48:cd:d3:2c:a2:bc:9c:76:e6:f6:
55:d0:69:06:9d:7c:36:43:43:b8:ca:67:be:50:f3:
94:09:67:1b:99:c8:5a:ee:d7:84:8c:45:96:c8:9f:
73:8c:64:d6:e1:c0:0c:30:a4:50:72:e1:f6:9b:44:
4f:96:08:8c:33:66:0e:8d:81:21:ec:70:97:32:b0:
0e:05:cc:55:06:08:49:a0:b6:c9:e5:0a:e6:a2:f6:
cd:80:ea:3f:b2:11:8b:43:12:0f:1e:81:42:bc:8d:
89:f5:a7:f5:ba:75:12:bd:69:6f:d8:ee:4a:ed:c9:
67:ac:0b:9b:8c:37:ef:54:90:3e:a0:be:12:80:46:
69:eb:89:24:2a:45:c6:34:3a:f5:3b:9f:1a:d8:05:
20:dd:f1:0c:16:4d:78:92:7e:be:f3:ae:9e:ae:66:
63:92:54:8a:de:48:b3:b8:9b:bf:5e:76:7e:b0:7c:
83:2e:50:43:4c:58:99:ea:f9:3b:88:2a:4d:92:00:
87:53:4a:03:e6:65:74:6c:b1:61:65:35:96:83:8f:
37:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7F:71:98:DF:DC:FA:88:1F:DE:53:28:DB:1B:08:73:0B:E5:0D:61
X509v3 Authority Key Identifier:
keyid:70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/dH9xmN_c-ogf3lMo2xsIcwvlDWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.11.132.0/24
Signature Algorithm: sha256WithRSAEncryption
36:79:81:f1:e5:89:30:46:0d:00:92:a2:31:29:b6:a1:1e:e3:
03:b2:ee:87:f4:c4:d9:9c:f6:ec:ca:8e:0b:1f:4a:e0:ac:b9:
07:21:50:bb:01:ed:1a:f1:01:5e:c2:4e:6a:7d:36:f1:9b:9a:
44:85:a5:ee:fd:51:3e:c4:f5:3e:e8:bd:8b:af:ee:89:38:3d:
9f:de:65:9d:31:6f:a5:72:c2:4f:e8:b5:12:00:5d:4d:fd:ec:
62:13:ca:6d:fd:01:59:ab:99:f2:99:ea:38:cb:43:87:fb:b5:
d2:a1:d5:56:ab:e5:26:d9:b4:e9:a3:e0:8c:c5:72:93:a3:b9:
c7:2e:a6:7d:92:32:6a:d3:3a:80:d5:a0:54:8b:fa:bd:6d:5e:
46:c4:57:e4:b7:c2:1a:27:a0:00:06:52:78:51:98:65:8c:04:
7c:8a:df:d3:b8:85:99:5f:8e:2c:7b:8c:00:29:3e:4a:fb:8b:
da:63:68:ba:a6:6a:bb:ff:d5:d3:b5:93:d3:88:03:d7:98:91:
07:e0:d6:9e:da:2d:2a:1b:ea:6f:c2:ca:f9:62:12:df:59:a1:
17:a0:86:60:60:f6:d5:91:de:71:fc:1c:75:3d:fc:c1:0e:f7:
87:02:1d:09:dc:82:ae:14:0e:41:5a:b1:54:e5:7a:06:fc:49:
4a:6a:c8:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSFFOREjHwzez4OzwuCIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGExMjMxZDFjMjdhNzU0ZTQ2ZWYxMGU5MmE3MzBhZTE1
ZDBmNTUwHhcNMjUwMTAyMTM1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDdmNzE5OGRmZGNmYTg4MWZkZTUzMjhkYjFiMDg3MzBiZTUwZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltDfqYWjWah9ZSvbV4HWQ9BNJfzA
AjeVlOxSZGtn8kDsmrg0oLDD7MkwjegC90w+G0jN0yyivJx25vZV0GkGnXw2Q0O4
yme+UPOUCWcbmcha7teEjEWWyJ9zjGTW4cAMMKRQcuH2m0RPlgiMM2YOjYEh7HCX
MrAOBcxVBghJoLbJ5QrmovbNgOo/shGLQxIPHoFCvI2J9af1unUSvWlv2O5K7cln
rAubjDfvVJA+oL4SgEZp64kkKkXGNDr1O58a2AUg3fEMFk14kn6+866ermZjklSK
3kizuJu/XnZ+sHyDLlBDTFiZ6vk7iCpNkgCHU0oD5mV0bLFhZTWWg4830wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHR/cZjf3PqIH95TKNsbCHML5Q1hMB8GA1UdIwQY
MBaAFHAKEjHRwnp1TkbvEOkqcwrhXQ9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgt
YWI3OWEzNzg5ZjhmLzEvZEg5eG1OX2Mtb2dmM2xNbzJ4c0ljd3ZsRFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kY2MyYjQtOWRlZC00Njc4LTgzOTgtYWI3OWEzNzg5Zjhm
LzEvY0FvU01kSENlblZPUnU4UTZTcHpDdUZkRDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2QuEMA0G
CSqGSIb3DQEBCwUAA4IBAQA2eYHx5YkwRg0AkqIxKbahHuMDsu6H9MTZnPbsyo4L
H0rgrLkHIVC7Ae0a8QFewk5qfTbxm5pEhaXu/VE+xPU+6L2Lr+6JOD2f3mWdMW+l
csJP6LUSAF1N/exiE8pt/QFZq5nymeo4y0OH+7XSodVWq+Um2bTpo+CMxXKTo7nH
LqZ9kjJq0zqA1aBUi/q9bV5GxFfkt8IaJ6AABlJ4UZhljAR8it/TuIWZX44se4wA
KT5K+4vaY2i6pmq7/9XTtZPTiAPXmJEH4Nae2i0qG+pvwsr5YhLfWaEXoIZgYPbV
kd5x/Bx1PfzBDveHAh0J3IKuFA5BWrFU5XoG/ElKasit
-----END CERTIFICATE-----
Generated at Mon Apr 28 14:40:46 2025 by rpki-client