Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/c6efdb-3165-4535-8ab4-fd3cfe601245/1/dufDt0AmSEl5MX84gmoizwQiTsk.roa
File: dufDt0AmSEl5MX84gmoizwQiTsk.roa (raw, json)
Hash identifier: aXEbp58hPoSuyC6IS1AxqUQLOo+BHH3jFCGl+xNSnf8=
Subject key identifier: 76:E7:C3:B7:40:26:48:49:79:31:7F:38:82:6A:22:CF:04:22:4E:C9
Certificate issuer: /CN=285feec87d1959340872f8f79831202f24c80c9e
Certificate serial: 019424B3A7B19E391EF37BAE22A60BF4FB84
Authority key identifier: 28:5F:EE:C8:7D:19:59:34:08:72:F8:F7:98:31:20:2F:24:C8:0C:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KF_uyH0ZWTQIcvj3mDEgLyTIDJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/c6efdb-3165-4535-8ab4-fd3cfe601245/1/dufDt0AmSEl5MX84gmoizwQiTsk.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208910
IP address blocks: 83.171.220.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:a7:b1:9e:39:1e:f3:7b:ae:22:a6:0b:f4:fb:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=285feec87d1959340872f8f79831202f24c80c9e
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76e7c3b74026484979317f38826a22cf04224ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b4:03:36:e7:06:8c:81:4f:55:fa:0f:9e:f6:
b0:38:ff:eb:71:a1:fb:ac:fd:af:9f:65:a5:66:79:
56:fe:9f:58:2d:72:66:ed:ac:ad:3c:ab:9b:c9:24:
d4:98:18:7f:1c:1a:43:44:ac:37:bf:e3:c9:1c:57:
1e:f1:bb:58:5a:69:47:3a:8a:40:a2:8a:14:24:b7:
f9:97:88:96:54:8b:e3:95:e1:18:c5:7a:6b:36:e1:
3a:f2:e9:da:80:31:f6:e9:08:d6:25:29:38:76:f4:
a8:65:85:aa:b8:66:d1:84:0d:23:27:34:35:17:70:
45:26:7b:93:2d:aa:b1:b3:4a:7a:ee:a3:4e:3b:bf:
78:9d:63:1d:aa:16:87:1f:29:93:88:84:93:c6:ca:
43:48:22:f5:97:1e:89:23:2c:2a:46:af:df:69:96:
2a:5f:18:68:d8:52:9a:21:df:2f:46:53:fa:21:18:
0c:a7:db:3b:60:31:08:89:23:53:bc:83:ff:d3:90:
53:4a:65:3e:db:45:6c:4d:42:92:69:34:61:ac:45:
9d:13:30:6c:d5:4b:cb:c5:3b:78:7f:fc:75:6b:c1:
35:d6:51:de:ed:26:c4:ae:3d:ac:66:2c:c0:c6:f8:
20:12:a8:0c:81:f5:8b:1c:0c:35:44:74:5b:38:92:
8e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E7:C3:B7:40:26:48:49:79:31:7F:38:82:6A:22:CF:04:22:4E:C9
X509v3 Authority Key Identifier:
keyid:28:5F:EE:C8:7D:19:59:34:08:72:F8:F7:98:31:20:2F:24:C8:0C:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KF_uyH0ZWTQIcvj3mDEgLyTIDJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c6efdb-3165-4535-8ab4-fd3cfe601245/1/dufDt0AmSEl5MX84gmoizwQiTsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/c6efdb-3165-4535-8ab4-fd3cfe601245/1/KF_uyH0ZWTQIcvj3mDEgLyTIDJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.220.0/22
Signature Algorithm: sha256WithRSAEncryption
97:2f:89:83:9f:3c:2a:f8:1a:0d:9a:7e:35:ff:89:9f:dd:37:
77:a3:f8:37:bc:f7:a6:aa:67:37:df:0c:62:f0:f0:db:84:a5:
d7:52:94:06:ce:7a:8a:93:6e:98:b0:77:ff:4a:98:aa:bb:98:
0d:b9:9a:6a:0e:c8:f0:03:55:92:a0:ea:fb:e9:82:e2:9f:25:
24:0b:06:1e:cb:55:6c:ad:ec:08:02:50:51:2d:4a:2c:c3:26:
87:dc:d0:9d:96:24:5f:78:25:2c:1a:05:ab:a6:5b:ba:72:c2:
f3:c6:ee:fb:52:00:05:ea:f6:59:5d:b2:b0:65:5c:5d:d5:35:
e8:04:a1:21:d8:69:29:a1:54:96:be:06:09:15:67:75:6a:2b:
26:ad:08:62:ff:c2:2a:89:87:5f:a5:80:cf:24:4a:ba:c3:2e:
7b:22:2a:ab:49:80:5c:e9:11:8a:16:dc:7b:7d:c7:df:55:eb:
09:84:1d:d7:ae:e6:07:47:65:db:6e:cd:f7:21:37:fb:d7:ed:
e6:d0:f2:79:3f:8b:87:38:e5:7f:dd:e7:50:e2:93:3a:bb:92:
0a:1e:19:ab:3d:28:d7:5a:75:69:1a:53:b4:d7:17:a4:7c:a0:
d8:09:44:88:d2:f5:f6:ea:df:b6:16:b6:d0:f9:e7:b1:55:75:
b7:0c:8c:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks6exnjke83uuIqYL9PuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NWZlZWM4N2QxOTU5MzQwODcyZjhmNzk4MzEyMDJmMjRj
ODBjOWUwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmU3YzNiNzQwMjY0ODQ5NzkzMTdmMzg4MjZhMjJjZjA0MjI0ZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7QDNucGjIFPVfoPnvawOP/rcaH7
rP2vn2WlZnlW/p9YLXJm7aytPKubySTUmBh/HBpDRKw3v+PJHFce8btYWmlHOopA
oooUJLf5l4iWVIvjleEYxXprNuE68unagDH26QjWJSk4dvSoZYWquGbRhA0jJzQ1
F3BFJnuTLaqxs0p67qNOO794nWMdqhaHHymTiISTxspDSCL1lx6JIywqRq/faZYq
Xxho2FKaId8vRlP6IRgMp9s7YDEIiSNTvIP/05BTSmU+20VsTUKSaTRhrEWdEzBs
1UvLxTt4f/x1a8E11lHe7SbErj2sZizAxvggEqgMgfWLHAw1RHRbOJKObQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbnw7dAJkhJeTF/OIJqIs8EIk7JMB8GA1UdIwQY
MBaAFChf7sh9GVk0CHL495gxIC8kyAyeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0ZfdXlIMFpXVFFJY3ZqM21ERWdMeVRJREo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jNmVmZGItMzE2NS00NTM1LThhYjQt
ZmQzY2ZlNjAxMjQ1LzEvZHVmRHQwQW1TRWw1TVg4NGdtb2l6d1FpVHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jNmVmZGItMzE2NS00NTM1LThhYjQtZmQzY2ZlNjAxMjQ1
LzEvS0ZfdXlIMFpXVFFJY3ZqM21ERWdMeVRJREo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU6vcMA0G
CSqGSIb3DQEBCwUAA4IBAQCXL4mDnzwq+BoNmn41/4mf3Td3o/g3vPemqmc33wxi
8PDbhKXXUpQGznqKk26YsHf/Spiqu5gNuZpqDsjwA1WSoOr76YLinyUkCwYey1Vs
rewIAlBRLUoswyaH3NCdliRfeCUsGgWrplu6csLzxu77UgAF6vZZXbKwZVxd1TXo
BKEh2GkpoVSWvgYJFWd1aismrQhi/8IqiYdfpYDPJEq6wy57IiqrSYBc6RGKFtx7
fcffVesJhB3XruYHR2Xbbs33ITf71+3m0PJ5P4uHOOV/3edQ4pM6u5IKHhmrPSjX
WnVpGlO01xekfKDYCUSI0vX26t+2FrbQ+eexVXW3DIwO
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:40:59 2025 by rpki-client