Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/eNexU45z9hsg8uDVbcM1xgFPzmA.roa
File: eNexU45z9hsg8uDVbcM1xgFPzmA.roa (raw, json)
Hash identifier: lxTKbrWjdwK3UVl5lIUje+cFbf9AlxZL9yRVio/psAM=
Subject key identifier: 78:D7:B1:53:8E:73:F6:1B:20:F2:E0:D5:6D:C3:35:C6:01:4F:CE:60
Certificate issuer: /CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Certificate serial: 019427B5161FACFDFE12F620D883A44A6B26
Authority key identifier: 49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/eNexU45z9hsg8uDVbcM1xgFPzmA.roa
Signing time: Thu 02 Jan 2025 15:49:26 +0000
ROA not before: Thu 02 Jan 2025 15:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21465
IP address blocks: 217.23.96.0/20 maxlen: 20
217.23.96.0/21 maxlen: 21
217.23.104.0/21 maxlen: 21
217.23.109.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:16:1f:ac:fd:fe:12:f6:20:d8:83:a4:4a:6b:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4984d0cc6703bf942c6dac89dff1a7bf6632ea8b
Validity
Not Before: Jan 2 15:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78d7b1538e73f61b20f2e0d56dc335c6014fce60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:49:66:1b:ed:71:ea:35:7e:01:f6:4f:10:f0:
75:aa:73:20:3b:e4:aa:c3:d0:63:f9:a5:d6:9e:8e:
3f:f6:4f:93:2a:a5:c3:9b:fc:af:a4:2f:ae:7c:25:
60:96:00:7f:8b:51:e5:0a:f7:de:c4:57:e2:38:fb:
a2:a0:1d:a8:4b:d7:f5:f0:d9:8e:61:0a:61:10:a7:
0d:35:33:c9:16:c4:51:f6:91:7c:12:ac:de:2f:2c:
b8:7d:c4:99:62:8f:cf:96:14:cc:33:7d:a4:cb:d8:
21:74:5c:ba:6d:81:53:f5:d7:ff:26:f4:6c:01:54:
6a:e1:a4:f1:0a:64:a8:a0:70:15:6c:00:a0:87:a0:
17:fd:f0:de:a6:fa:88:01:b7:21:06:bb:98:bb:e7:
dd:7f:b9:ef:28:42:83:b0:2e:0e:0d:01:80:17:40:
b6:89:79:7a:ff:7b:07:18:1e:60:73:0c:b6:f8:74:
0e:7c:0e:cb:0b:66:bc:20:ab:df:92:4b:94:42:76:
1f:df:61:1f:0e:1f:55:eb:55:49:6b:4d:3e:f4:a1:
e3:d9:aa:e7:04:80:a0:50:0b:f1:0a:42:5b:66:c0:
2f:99:e1:cd:0a:49:d7:ab:5a:28:a0:33:fd:22:53:
94:eb:97:b5:2e:24:cb:d2:38:17:44:07:b2:47:3b:
30:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:D7:B1:53:8E:73:F6:1B:20:F2:E0:D5:6D:C3:35:C6:01:4F:CE:60
X509v3 Authority Key Identifier:
keyid:49:84:D0:CC:67:03:BF:94:2C:6D:AC:89:DF:F1:A7:BF:66:32:EA:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/eNexU45z9hsg8uDVbcM1xgFPzmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a58311-e674-405c-98f2-1470bcceeb1b/1/SYTQzGcDv5QsbayJ3_Gnv2Yy6os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.23.96.0/20
Signature Algorithm: sha256WithRSAEncryption
48:9c:64:c4:4a:fb:18:01:b5:27:23:80:c6:e1:64:1c:c1:96:
78:77:2d:d0:c0:46:f5:4f:ad:e9:fa:e8:77:6f:37:5c:80:a0:
f8:63:fc:39:f6:9a:f6:ee:c8:db:d8:9b:d6:32:34:fe:41:6d:
6d:38:08:01:e4:90:76:cf:49:00:79:ab:04:16:d8:e3:b8:48:
da:ca:a4:a5:79:e3:ef:6e:5b:73:c0:6f:b7:b2:6b:f4:dd:e3:
69:f2:56:06:5c:3e:c2:79:a6:6b:b5:0d:e9:53:79:95:46:5c:
88:7f:9e:54:0c:74:f1:8a:db:c6:0e:ed:a1:de:23:67:6d:0e:
f4:d0:bb:87:7d:d9:29:cd:14:4f:e0:fa:96:5b:6e:52:2e:de:
da:fe:c5:8b:d6:72:82:7d:b8:e9:09:47:33:aa:f0:ef:36:c5:
b4:16:d1:df:79:9d:2f:66:73:ef:5e:48:42:94:c5:6c:49:94:
a9:a8:4b:f9:10:f1:92:bc:cc:d7:7f:b9:47:08:3a:95:76:70:
ca:b9:99:c1:17:67:96:a1:07:c1:fb:1d:1d:f0:02:58:85:42:
9e:ea:97:ed:52:ab:2f:ad:ad:5d:52:d1:80:89:78:9d:8b:cf:
fc:df:e7:a9:ed:2b:91:51:da:bf:1f:8f:d0:ad:19:98:32:57:
e2:c9:67:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntRYfrP3+EvYg2IOkSmsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODRkMGNjNjcwM2JmOTQyYzZkYWM4OWRmZjFhN2JmNjYz
MmVhOGIwHhcNMjUwMTAyMTU0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGQ3YjE1MzhlNzNmNjFiMjBmMmUwZDU2ZGMzMzVjNjAxNGZjZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlElmG+1x6jV+AfZPEPB1qnMgO+Sq
w9Bj+aXWno4/9k+TKqXDm/yvpC+ufCVglgB/i1HlCvfexFfiOPuioB2oS9f18NmO
YQphEKcNNTPJFsRR9pF8EqzeLyy4fcSZYo/PlhTMM32ky9ghdFy6bYFT9df/JvRs
AVRq4aTxCmSooHAVbACgh6AX/fDepvqIAbchBruYu+fdf7nvKEKDsC4ODQGAF0C2
iXl6/3sHGB5gcwy2+HQOfA7LC2a8IKvfkkuUQnYf32EfDh9V61VJa00+9KHj2arn
BICgUAvxCkJbZsAvmeHNCknXq1oooDP9IlOU65e1LiTL0jgXRAeyRzswTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHjXsVOOc/YbIPLg1W3DNcYBT85gMB8GA1UdIwQY
MBaAFEmE0MxnA7+ULG2sid/xp79mMuqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lUUXpHY0R2NVFzYmF5SjNfR252Mll5Nm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNTgzMTEtZTY3NC00MDVjLTk4ZjIt
MTQ3MGJjY2VlYjFiLzEvZU5leFU0NXo5aHNnOHVEVmJjTTF4Z0ZQem1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNTgzMTEtZTY3NC00MDVjLTk4ZjItMTQ3MGJjY2VlYjFi
LzEvU1lUUXpHY0R2NVFzYmF5SjNfR252Mll5Nm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RdgMA0G
CSqGSIb3DQEBCwUAA4IBAQBInGTESvsYAbUnI4DG4WQcwZZ4dy3QwEb1T63p+uh3
bzdcgKD4Y/w59pr27sjb2JvWMjT+QW1tOAgB5JB2z0kAeasEFtjjuEjayqSleePv
bltzwG+3smv03eNp8lYGXD7CeaZrtQ3pU3mVRlyIf55UDHTxitvGDu2h3iNnbQ70
0LuHfdkpzRRP4PqWW25SLt7a/sWL1nKCfbjpCUczqvDvNsW0FtHfeZ0vZnPvXkhC
lMVsSZSpqEv5EPGSvMzXf7lHCDqVdnDKuZnBF2eWoQfB+x0d8AJYhUKe6pftUqsv
ra1dUtGAiXidi8/83+ep7SuRUdq/H4/QrRmYMlfiyWfN
-----END CERTIFICATE-----
Generated at Fri Apr 25 20:20:43 2025 by rpki-client