Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/21Z7HmrOxiobds8TxVCgw76jX2Q.roa
File: 21Z7HmrOxiobds8TxVCgw76jX2Q.roa (raw, json)
Hash identifier: Skfph10GmJAF2gm8sQyaNWU8Upk0+888zHd0gic3TYc=
Subject key identifier: DB:56:7B:1E:6A:CE:C6:2A:1B:76:CF:13:C5:50:A0:C3:BE:A3:5F:64
Certificate issuer: /CN=598fa4201344d4107f792eee2566c62d65714e2d
Certificate serial: 019425203E31F5152C6EC91A6454B00FEB65
Authority key identifier: 59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/21Z7HmrOxiobds8TxVCgw76jX2Q.roa
Signing time: Thu 02 Jan 2025 03:47:37 +0000
ROA not before: Thu 02 Jan 2025 03:47:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203324
IP address blocks: 217.61.137.0/24 maxlen: 24
217.61.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:3e:31:f5:15:2c:6e:c9:1a:64:54:b0:0f:eb:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=598fa4201344d4107f792eee2566c62d65714e2d
Validity
Not Before: Jan 2 03:47:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db567b1e6acec62a1b76cf13c550a0c3bea35f64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:21:7c:6f:14:06:64:9c:0b:58:ff:64:28:67:
e5:eb:eb:ef:a6:39:e8:a8:1d:20:fa:97:10:09:f3:
69:fc:c3:00:b6:be:cc:bb:1f:44:92:0b:93:90:87:
c2:7c:ce:a2:11:66:bc:18:6a:d2:db:b0:f7:89:6d:
63:da:d8:a1:7b:e9:81:34:2d:51:83:4b:56:17:c6:
ad:cb:f6:07:fd:8b:19:7e:dc:dc:5c:4c:09:95:d8:
3b:bc:16:c6:f6:cc:a3:dc:ea:3c:e1:40:f2:58:ab:
c2:15:29:3f:44:60:f4:bf:98:e2:17:67:62:3e:a5:
58:11:18:86:31:4f:54:17:ba:34:a8:6d:58:ca:ea:
b4:12:67:e0:90:c3:1d:5a:d0:83:91:2f:72:d6:c6:
2e:ca:cd:29:94:10:11:53:5d:08:09:04:10:84:77:
c5:50:01:28:5e:f1:fb:9d:b4:ce:04:6e:4f:b7:3e:
5f:8c:1a:84:0c:2e:e7:61:ce:36:77:3e:cc:60:b5:
a3:81:21:97:74:4e:36:3d:99:60:27:68:e2:9f:3f:
90:3d:c4:4d:b5:29:f4:e9:a3:29:9a:51:a5:07:56:
a9:54:11:3b:e5:1f:b7:ae:95:2a:18:7b:47:58:be:
22:d7:c7:be:d2:96:cd:2a:c3:96:8f:96:38:e5:f9:
a5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:56:7B:1E:6A:CE:C6:2A:1B:76:CF:13:C5:50:A0:C3:BE:A3:5F:64
X509v3 Authority Key Identifier:
keyid:59:8F:A4:20:13:44:D4:10:7F:79:2E:EE:25:66:C6:2D:65:71:4E:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WY-kIBNE1BB_eS7uJWbGLWVxTi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/21Z7HmrOxiobds8TxVCgw76jX2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/838ef1-7393-4fbd-b67b-664b8f03d180/1/WY-kIBNE1BB_eS7uJWbGLWVxTi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.61.137.0-217.61.138.255
Signature Algorithm: sha256WithRSAEncryption
2d:44:38:65:1e:b6:23:f5:23:17:cd:37:73:16:d0:a8:6f:2d:
db:33:11:05:e5:d9:ce:62:e0:ee:03:94:7b:f3:63:da:76:32:
86:76:74:c8:bc:05:d8:8d:87:75:ef:a8:66:a1:ed:19:c2:74:
1c:0c:52:80:f6:c3:a5:61:e5:2d:59:c7:de:a5:31:8d:ac:ee:
1d:9f:fd:a7:eb:02:3b:81:18:8d:65:c2:65:6b:09:65:b6:ae:
f8:47:07:26:97:64:ff:11:71:d1:b2:65:2f:0a:bd:de:bc:6f:
e3:b1:11:33:ec:96:6c:85:7b:99:cc:c3:2a:26:66:69:64:6d:
33:c1:30:ff:a1:ad:91:bc:75:75:56:b0:9c:a2:63:0e:7b:98:
b9:c3:c2:f0:a6:9b:c1:38:d7:b1:52:a8:2b:bf:50:c1:f8:16:
dd:ba:4e:b1:0a:eb:14:b5:73:77:3f:1d:3f:8a:65:a8:c6:97:
61:6b:1b:a5:55:0a:97:f2:77:af:da:58:3e:95:3e:05:5e:78:
26:a3:00:5d:f1:6e:ad:2a:74:8b:3e:2b:9a:70:e4:fc:cc:3e:
ec:fb:f4:ab:c0:7a:79:32:75:86:d2:82:6a:69:6b:1e:6c:27:
75:7c:f1:d3:9d:23:38:be:42:88:6f:30:82:73:7b:dc:90:13:
64:9e:77:41
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQlID4x9RUsbskaZFSwD+tlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OGZhNDIwMTM0NGQ0MTA3Zjc5MmVlZTI1NjZjNjJkNjU3
MTRlMmQwHhcNMjUwMTAyMDM0NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjU2N2IxZTZhY2VjNjJhMWI3NmNmMTNjNTUwYTBjM2JlYTM1ZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iF8bxQGZJwLWP9kKGfl6+vvpjno
qB0g+pcQCfNp/MMAtr7Mux9EkguTkIfCfM6iEWa8GGrS27D3iW1j2tihe+mBNC1R
g0tWF8aty/YH/YsZftzcXEwJldg7vBbG9syj3Oo84UDyWKvCFSk/RGD0v5jiF2di
PqVYERiGMU9UF7o0qG1Yyuq0EmfgkMMdWtCDkS9y1sYuys0plBARU10ICQQQhHfF
UAEoXvH7nbTOBG5Ptz5fjBqEDC7nYc42dz7MYLWjgSGXdE42PZlgJ2jinz+QPcRN
tSn06aMpmlGlB1apVBE75R+3rpUqGHtHWL4i18e+0pbNKsOWj5Y45fml9wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNtWex5qzsYqG3bPE8VQoMO+o19kMB8GA1UdIwQY
MBaAFFmPpCATRNQQf3ku7iVmxi1lcU4tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2It
NjY0YjhmMDNkMTgwLzEvMjFaN0htck94aW9iZHM4VHhWQ2d3NzZqWDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84MzhlZjEtNzM5My00ZmJkLWI2N2ItNjY0YjhmMDNkMTgw
LzEvV1kta0lCTkUxQkJfZVM3dUpXYkdMV1Z4VGkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADZPYkD
BADZPYowDQYJKoZIhvcNAQELBQADggEBAC1EOGUetiP1IxfNN3MW0KhvLdszEQXl
2c5i4O4DlHvzY9p2MoZ2dMi8BdiNh3XvqGah7RnCdBwMUoD2w6Vh5S1Zx96lMY2s
7h2f/afrAjuBGI1lwmVrCWW2rvhHByaXZP8RcdGyZS8Kvd68b+OxETPslmyFe5nM
wyomZmlkbTPBMP+hrZG8dXVWsJyiYw57mLnDwvCmm8E417FSqCu/UMH4Ft26TrEK
6xS1c3c/HT+KZajGl2FrG6VVCpfyd6/aWD6VPgVeeCajAF3xbq0qdIs+K5pw5PzM
Puz79KvAenkydYbSgmppax5sJ3V88dOdIzi+QohvMIJze9yQE2Sed0E=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:05:22 2025 by rpki-client