Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/8fe82f-e6cf-4a62-87dd-ea13eb797e8c/1/yPRaM8Xt_LjcnEp6FMoPxSjubrg.roa
File: yPRaM8Xt_LjcnEp6FMoPxSjubrg.roa (raw, json)
Hash identifier: 5MRfMsBo6t3UJiAKxq7MCbDbIZDyOCcBOja7hPHJABg=
Subject key identifier: C8:F4:5A:33:C5:ED:FC:B8:DC:9C:4A:7A:14:CA:0F:C5:28:EE:6E:B8
Certificate issuer: /CN=bc75052b50256ba562904e6f134350d3e75ded58
Certificate serial: 0194266B63EB39082E710942C94E4AD78402
Authority key identifier: BC:75:05:2B:50:25:6B:A5:62:90:4E:6F:13:43:50:D3:E7:5D:ED:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vHUFK1Ala6VikE5vE0NQ0-dd7Vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/8fe82f-e6cf-4a62-87dd-ea13eb797e8c/1/yPRaM8Xt_LjcnEp6FMoPxSjubrg.roa
Signing time: Thu 02 Jan 2025 09:49:19 +0000
ROA not before: Thu 02 Jan 2025 09:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16356
IP address blocks: 217.144.32.0/20 maxlen: 20
217.144.32.0/21 maxlen: 21
217.144.33.0/24 maxlen: 24
217.144.34.0/24 maxlen: 24
217.144.40.0/22 maxlen: 22
217.144.44.0/24 maxlen: 24
217.144.45.0/24 maxlen: 24
217.144.46.0/24 maxlen: 24
217.144.47.0/24 maxlen: 24
2a02:2a10::/32 maxlen: 32
2a02:2a10::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:63:eb:39:08:2e:71:09:42:c9:4e:4a:d7:84:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc75052b50256ba562904e6f134350d3e75ded58
Validity
Not Before: Jan 2 09:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8f45a33c5edfcb8dc9c4a7a14ca0fc528ee6eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d7:a1:93:43:08:81:5c:e8:5d:ba:cd:bc:98:
fb:64:66:ad:b0:d1:82:89:53:ad:c6:01:96:7a:68:
79:1a:e2:93:ec:74:12:07:b5:c8:e7:05:7d:b2:07:
79:06:5e:88:b0:b9:d6:c3:2e:b5:93:e3:1e:85:0e:
78:27:fe:27:0b:cc:f8:ce:87:e9:2c:7c:0f:27:4a:
25:49:e6:34:81:08:00:f0:e6:9d:be:98:d5:44:5e:
f6:c9:a1:f7:d3:b1:16:80:51:05:e8:b7:95:bc:db:
62:6f:fc:08:13:45:f3:31:19:7c:91:22:65:fb:65:
64:56:12:86:de:23:1b:88:db:42:8b:c3:73:04:d0:
d3:8b:cc:84:c8:4a:d5:44:c3:5e:c5:99:65:8b:30:
5a:bc:9b:f1:9a:63:43:dc:a8:2b:cd:2a:11:19:5d:
11:72:99:75:0e:9f:32:3f:35:8d:56:58:36:64:94:
ec:07:20:8f:7b:9c:8b:ca:eb:dd:8f:18:c8:45:f2:
43:52:b9:c2:cd:ec:e4:27:f1:7d:26:1c:7e:d4:00:
01:32:1f:d2:4e:89:e5:5f:b7:1c:d8:76:88:03:91:
46:9a:a3:dc:4a:e7:c5:c9:d9:21:aa:dc:fb:42:f0:
5d:ff:b8:89:45:88:c5:e9:db:45:b8:5b:ec:ab:c5:
be:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F4:5A:33:C5:ED:FC:B8:DC:9C:4A:7A:14:CA:0F:C5:28:EE:6E:B8
X509v3 Authority Key Identifier:
keyid:BC:75:05:2B:50:25:6B:A5:62:90:4E:6F:13:43:50:D3:E7:5D:ED:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vHUFK1Ala6VikE5vE0NQ0-dd7Vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8fe82f-e6cf-4a62-87dd-ea13eb797e8c/1/yPRaM8Xt_LjcnEp6FMoPxSjubrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/8fe82f-e6cf-4a62-87dd-ea13eb797e8c/1/vHUFK1Ala6VikE5vE0NQ0-dd7Vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.144.32.0/20
IPv6:
2a02:2a10::/32
Signature Algorithm: sha256WithRSAEncryption
a6:91:ed:db:89:06:58:9e:cd:0c:fa:e9:40:33:4a:7f:68:cd:
5e:65:34:b3:db:cf:b3:89:6b:d3:f1:07:6d:f4:e0:d5:c9:34:
74:7c:c2:f1:8b:2a:0f:10:34:5a:25:cd:19:48:75:94:ea:d6:
fc:fd:ad:e4:37:5b:f9:e9:9c:c1:74:9a:88:99:32:a6:17:6a:
f0:d7:30:09:57:67:5d:af:ec:0f:1d:40:2b:60:04:18:35:cf:
2e:e3:1d:76:c3:7a:f0:f2:3f:f6:c9:df:fe:a4:4c:9a:c5:87:
df:5f:62:ea:93:4f:1d:51:34:78:17:d3:96:47:ea:87:b3:79:
96:a4:2a:c4:cb:5b:e3:fb:b9:3d:3f:0d:cb:cf:bb:16:95:25:
67:11:7e:cc:29:97:4d:c3:f3:03:c4:b3:ef:62:81:eb:e9:6a:
0b:aa:bb:0b:5d:d7:62:6f:c4:57:c7:dd:ee:f0:a0:af:13:0e:
f8:d4:c4:c5:f1:3c:0f:b8:bf:d0:00:2d:dd:30:e2:05:42:a8:
9f:94:e5:36:21:7d:89:6e:2a:95:3b:94:34:b3:69:a3:cd:db:
c5:8b:18:78:f8:ea:42:de:50:f8:0b:fa:d3:e6:03:9a:71:da:
a4:9a:f7:be:76:d2:a5:f4:f0:a2:a9:a4:d5:29:3c:21:fe:ca:
11:74:47:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQma2PrOQgucQlCyU5K14QCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNzUwNTJiNTAyNTZiYTU2MjkwNGU2ZjEzNDM1MGQzZTc1
ZGVkNTgwHhcNMjUwMTAyMDk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGY0NWEzM2M1ZWRmY2I4ZGM5YzRhN2ExNGNhMGZjNTI4ZWU2ZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49ehk0MIgVzoXbrNvJj7ZGatsNGC
iVOtxgGWemh5GuKT7HQSB7XI5wV9sgd5Bl6IsLnWwy61k+MehQ54J/4nC8z4zofp
LHwPJ0olSeY0gQgA8OadvpjVRF72yaH307EWgFEF6LeVvNtib/wIE0XzMRl8kSJl
+2VkVhKG3iMbiNtCi8NzBNDTi8yEyErVRMNexZllizBavJvxmmND3KgrzSoRGV0R
cpl1Dp8yPzWNVlg2ZJTsByCPe5yLyuvdjxjIRfJDUrnCzezkJ/F9Jhx+1AABMh/S
TonlX7cc2HaIA5FGmqPcSufFydkhqtz7QvBd/7iJRYjF6dtFuFvsq8W+MQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMj0WjPF7fy43JxKehTKD8Uo7m64MB8GA1UdIwQY
MBaAFLx1BStQJWulYpBObxNDUNPnXe1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkhVRksxQWxhNlZpa0U1dkUwTlEwLWRkN1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS84ZmU4MmYtZTZjZi00YTYyLTg3ZGQt
ZWExM2ViNzk3ZThjLzEveVBSYU04WHRfTGpjbkVwNkZNb1B4U2p1YnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS84ZmU4MmYtZTZjZi00YTYyLTg3ZGQtZWExM2ViNzk3ZThj
LzEvdkhVRksxQWxhNlZpa0U1dkUwTlEwLWRkN1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2ZAgMA0E
AgACMAcDBQAqAioQMA0GCSqGSIb3DQEBCwUAA4IBAQCmke3biQZYns0M+ulAM0p/
aM1eZTSz28+ziWvT8Qdt9ODVyTR0fMLxiyoPEDRaJc0ZSHWU6tb8/a3kN1v56ZzB
dJqImTKmF2rw1zAJV2ddr+wPHUArYAQYNc8u4x12w3rw8j/2yd/+pEyaxYffX2Lq
k08dUTR4F9OWR+qHs3mWpCrEy1vj+7k9Pw3Lz7sWlSVnEX7MKZdNw/MDxLPvYoHr
6WoLqrsLXddib8RXx93u8KCvEw741MTF8TwPuL/QAC3dMOIFQqiflOU2IX2JbiqV
O5Q0s2mjzdvFixh4+OpC3lD4C/rT5gOacdqkmve+dtKl9PCiqaTVKTwh/soRdEe5
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:33:51 2025 by rpki-client