Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/u5VeGDFI9q5fHKrjLmTIi0uDU7A.roa
File: u5VeGDFI9q5fHKrjLmTIi0uDU7A.roa (raw, json)
Hash identifier: FcBZj7sMLbgtdYa/NEIruIpIpyUSch9ZZH/wqb/Kc08=
Subject key identifier: BB:95:5E:18:31:48:F6:AE:5F:1C:AA:E3:2E:64:C8:8B:4B:83:53:B0
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0194221FCDDC638EA9BA5A5B64D8D522C685
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/u5VeGDFI9q5fHKrjLmTIi0uDU7A.roa
Signing time: Wed 01 Jan 2025 13:48:17 +0000
ROA not before: Wed 01 Jan 2025 13:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201581
IP address blocks: 217.153.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:cd:dc:63:8e:a9:ba:5a:5b:64:d8:d5:22:c6:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 13:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb955e183148f6ae5f1caae32e64c88b4b8353b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:93:13:ca:3a:a2:1f:07:e7:d1:2c:fd:a0:5a:
fa:1a:f0:12:5a:1f:41:e5:50:bb:4e:b1:c4:ea:0e:
56:65:5a:87:d4:c4:f6:3b:da:2d:10:ea:77:83:09:
2a:a5:19:5e:e0:0c:84:d6:30:1c:ae:6e:00:d8:49:
14:cd:24:3c:1d:2f:fc:e9:f4:15:fe:e4:b1:e1:c2:
13:bc:ed:c1:a2:90:22:0a:81:19:42:c8:f4:3c:87:
da:ba:dc:ac:bc:ee:27:50:67:29:c0:e0:ff:16:40:
aa:41:50:30:d3:79:93:29:77:ee:dc:f3:b2:bd:9f:
57:15:93:7e:24:56:2f:2e:14:29:34:37:3b:85:f7:
44:3d:1e:05:5a:3f:6b:cb:fb:7d:37:30:df:29:f4:
42:ce:19:23:03:dc:99:2b:a0:d3:28:46:85:a0:57:
c5:34:8f:b3:72:c1:86:56:6d:56:0e:a0:f3:b9:27:
20:b8:8c:96:1d:28:35:56:7c:bf:22:56:cc:22:71:
81:01:45:d6:99:97:66:10:b1:42:9b:32:d8:32:b6:
19:ec:c5:62:4b:27:3e:68:99:03:40:83:af:0b:71:
e5:f8:c1:75:c3:bf:3f:d5:90:dc:87:90:92:0a:24:
cf:33:6a:5e:0c:60:39:f7:22:4c:a4:a1:49:15:4f:
25:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:95:5E:18:31:48:F6:AE:5F:1C:AA:E3:2E:64:C8:8B:4B:83:53:B0
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/u5VeGDFI9q5fHKrjLmTIi0uDU7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.153.116.0/24
Signature Algorithm: sha256WithRSAEncryption
19:a8:23:05:ca:62:e2:9b:85:22:b5:0b:6e:11:8f:5c:8f:87:
89:9e:2a:be:ed:84:14:4a:7a:d5:50:54:20:2b:c6:21:7e:b2:
e5:33:08:2b:de:32:f4:04:64:41:1b:1e:74:3e:1f:4e:87:76:
fa:87:50:c5:a8:32:a5:6d:2c:39:02:01:37:6f:19:30:86:60:
22:31:b4:28:f8:ce:f3:6d:f8:85:c9:cc:4c:ed:df:84:51:53:
72:de:6b:d0:0c:5b:f9:2e:f4:d3:ad:22:28:41:94:e3:d7:ad:
94:f3:10:58:91:f6:85:ae:2c:02:80:69:57:f7:cf:fd:82:2c:
73:0f:a0:e2:15:aa:d7:0e:75:fb:c4:fd:ce:5f:1d:5d:7a:28:
a4:3d:47:83:66:d4:cb:f3:55:34:42:f5:27:b8:75:03:85:62:
af:b6:f8:c7:2f:bb:e2:23:50:19:37:47:a1:4c:36:d1:01:7d:
08:0c:c0:55:aa:10:83:30:b4:36:b8:2b:f7:c0:dc:df:25:19:
f1:12:39:b6:97:c7:5b:ca:a2:fc:05:7d:04:2b:08:73:17:e5:
0f:72:f4:42:f4:64:fe:f8:9d:55:0a:16:35:cd:8c:56:1b:91:
ee:85:af:05:3c:fe:3e:c3:4a:66:f6:cc:1d:f8:0b:8a:02:db:
2f:2f:81:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH83cY46pulpbZNjVIsaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjUwMTAxMTM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjk1NWUxODMxNDhmNmFlNWYxY2FhZTMyZTY0Yzg4YjRiODM1M2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45MTyjqiHwfn0Sz9oFr6GvASWh9B
5VC7TrHE6g5WZVqH1MT2O9otEOp3gwkqpRle4AyE1jAcrm4A2EkUzSQ8HS/86fQV
/uSx4cITvO3BopAiCoEZQsj0PIfautysvO4nUGcpwOD/FkCqQVAw03mTKXfu3POy
vZ9XFZN+JFYvLhQpNDc7hfdEPR4FWj9ry/t9NzDfKfRCzhkjA9yZK6DTKEaFoFfF
NI+zcsGGVm1WDqDzuScguIyWHSg1Vny/IlbMInGBAUXWmZdmELFCmzLYMrYZ7MVi
Syc+aJkDQIOvC3Hl+MF1w78/1ZDch5CSCiTPM2peDGA59yJMpKFJFU8lNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuVXhgxSPauXxyq4y5kyItLg1OwMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvdTVWZUdERkk5cTVmSEtyakxtVElpMHVEVTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Zl0MA0G
CSqGSIb3DQEBCwUAA4IBAQAZqCMFymLim4UitQtuEY9cj4eJniq+7YQUSnrVUFQg
K8YhfrLlMwgr3jL0BGRBGx50Ph9Oh3b6h1DFqDKlbSw5AgE3bxkwhmAiMbQo+M7z
bfiFycxM7d+EUVNy3mvQDFv5LvTTrSIoQZTj162U8xBYkfaFriwCgGlX98/9gixz
D6DiFarXDnX7xP3OXx1deiikPUeDZtTL81U0QvUnuHUDhWKvtvjHL7viI1AZN0eh
TDbRAX0IDMBVqhCDMLQ2uCv3wNzfJRnxEjm2l8dbyqL8BX0EKwhzF+UPcvRC9GT+
+J1VChY1zYxWG5Huha8FPP4+w0pm9swd+AuKAtsvL4Ge
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:06:30 2025 by rpki-client