Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/uySRNRflomYFyU90NHK5PN09gJc.roa
File: uySRNRflomYFyU90NHK5PN09gJc.roa (raw, json)
Hash identifier: RMn+ac6IluyH0hNW0Nl5ZfPZ6PAsAPdPufZtdctzeoI=
Subject key identifier: BB:24:91:35:17:E5:A2:66:05:C9:4F:74:34:72:B9:3C:DD:3D:80:97
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0194221FBFB11BF77E7B2B106794A33EF9DA
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/uySRNRflomYFyU90NHK5PN09gJc.roa
Signing time: Wed 01 Jan 2025 13:48:13 +0000
ROA not before: Wed 01 Jan 2025 13:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34254
IP address blocks: 217.8.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:bf:b1:1b:f7:7e:7b:2b:10:67:94:a3:3e:f9:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 13:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb24913517e5a26605c94f743472b93cdd3d8097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:55:45:f6:8d:e6:f4:cf:a9:d7:17:43:0e:62:
70:fd:3a:8e:05:d3:90:e0:08:bc:83:66:c4:33:2c:
c4:42:65:88:c3:e6:62:98:57:90:9e:e3:95:cf:2d:
13:79:2a:0d:4b:37:bd:2e:c8:f8:86:34:50:a2:ab:
5a:9f:3c:31:49:b3:58:98:c4:6f:56:d7:d2:bb:89:
6c:f8:a7:bc:cb:1b:81:ce:2d:70:e0:a7:d5:62:d3:
d5:3b:1c:45:55:09:a2:5b:9b:c2:b1:07:46:c8:d9:
cf:f0:02:ca:c0:54:bc:ce:9e:1c:a4:30:c4:ce:b8:
e4:cf:e9:fb:ea:20:60:f8:c2:76:5b:f5:2c:5e:f7:
1b:77:21:98:bc:65:46:1d:e4:5f:8f:26:8d:23:e5:
2e:60:27:c6:00:19:c4:ce:b4:64:f3:21:09:4a:27:
ac:13:6a:85:7d:9b:2a:af:1e:51:52:6b:61:f6:3a:
13:af:dc:59:03:9b:24:34:f0:04:d6:60:c3:96:30:
a2:9d:af:86:3e:69:c2:ad:ef:1c:4e:b1:c1:05:21:
e3:ee:d0:37:96:65:4e:34:f2:ff:ad:ae:59:f0:5b:
6b:f8:d2:79:07:64:40:5b:9a:66:39:65:d9:26:05:
1b:c1:e5:22:8f:3b:4f:18:f4:f7:f0:e8:bd:fa:37:
6b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:24:91:35:17:E5:A2:66:05:C9:4F:74:34:72:B9:3C:DD:3D:80:97
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/uySRNRflomYFyU90NHK5PN09gJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.8.175.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:27:dc:c2:7e:89:13:35:ff:c8:9a:88:19:2c:83:1d:f7:87:
96:7c:d9:56:8d:92:90:fc:cd:0f:78:7f:f8:98:94:cd:c4:0b:
ca:d7:ac:df:dd:df:4f:16:93:e5:28:cd:f3:05:8d:10:c1:20:
2c:9a:cd:a3:d4:70:17:dc:3a:bc:cf:ab:45:a2:ab:75:da:bd:
bc:e5:f2:c9:0e:78:c1:58:d9:b5:ce:fb:18:c5:61:4b:63:76:
56:ac:2c:28:52:96:ab:ec:26:01:45:20:50:0d:f4:60:5a:33:
a6:df:db:37:e3:06:05:88:39:ad:a1:9c:cf:ac:8f:c9:e6:c1:
31:96:44:0d:62:cf:74:bd:28:63:dd:0b:68:1d:bc:89:26:7d:
f3:c1:02:3d:db:4e:7a:21:21:bb:77:42:14:97:8b:26:b5:3e:
8e:0e:5e:fa:1c:05:04:d0:1f:5e:dd:83:2c:98:4c:0d:fe:84:
19:00:13:7b:a7:27:ea:c2:95:ab:ef:7b:d4:36:9f:76:b1:70:
de:8c:09:5f:4a:af:81:dc:ea:f2:ec:3c:b4:de:40:0f:8e:1e:
3a:86:4f:6c:65:b3:b7:ba:7e:e0:8f:5f:21:bc:f8:fb:9d:ee:
ed:c7:98:ce:86:45:5b:b7:4b:71:25:c6:4c:6c:92:14:3d:df:
64:ae:68:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH7+xG/d+eysQZ5SjPvnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjUwMTAxMTM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjI0OTEzNTE3ZTVhMjY2MDVjOTRmNzQzNDcyYjkzY2RkM2Q4MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlVF9o3m9M+p1xdDDmJw/TqOBdOQ
4Ai8g2bEMyzEQmWIw+ZimFeQnuOVzy0TeSoNSze9Lsj4hjRQoqtanzwxSbNYmMRv
VtfSu4ls+Ke8yxuBzi1w4KfVYtPVOxxFVQmiW5vCsQdGyNnP8ALKwFS8zp4cpDDE
zrjkz+n76iBg+MJ2W/UsXvcbdyGYvGVGHeRfjyaNI+UuYCfGABnEzrRk8yEJSies
E2qFfZsqrx5RUmth9joTr9xZA5skNPAE1mDDljCina+GPmnCre8cTrHBBSHj7tA3
lmVONPL/ra5Z8Ftr+NJ5B2RAW5pmOWXZJgUbweUijztPGPT38Oi9+jdrGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLskkTUX5aJmBclPdDRyuTzdPYCXMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvdXlTUk5SZmxvbVlGeVU5ME5ISzVQTjA5Z0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2QivMA0G
CSqGSIb3DQEBCwUAA4IBAQBOJ9zCfokTNf/ImogZLIMd94eWfNlWjZKQ/M0PeH/4
mJTNxAvK16zf3d9PFpPlKM3zBY0QwSAsms2j1HAX3Dq8z6tFoqt12r285fLJDnjB
WNm1zvsYxWFLY3ZWrCwoUpar7CYBRSBQDfRgWjOm39s34wYFiDmtoZzPrI/J5sEx
lkQNYs90vShj3QtoHbyJJn3zwQI92056ISG7d0IUl4smtT6ODl76HAUE0B9e3YMs
mEwN/oQZABN7pyfqwpWr73vUNp92sXDejAlfSq+B3Ory7Dy03kAPjh46hk9sZbO3
un7gj18hvPj7ne7tx5jOhkVbt0txJcZMbJIUPd9krmiS
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:09:12 2025 by rpki-client