Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/545b06-8572-412f-a80f-3979ef0d32db/1/7QVUBJnH8byE-Jg05fyEzfqRiCA.roa
File: 7QVUBJnH8byE-Jg05fyEzfqRiCA.roa (raw, json)
Hash identifier: aQaoN+Lrx+ZD/V+55LTcCmW9vizCL4wQOGOO6cgtzbA=
Subject key identifier: ED:05:54:04:99:C7:F1:BC:84:F8:98:34:E5:FC:84:CD:FA:91:88:20
Certificate issuer: /CN=498fd453f5e35f9c77d1d706e565138adf82256a
Certificate serial: 019428274B4631A798738A95422D80479497
Authority key identifier: 49:8F:D4:53:F5:E3:5F:9C:77:D1:D7:06:E5:65:13:8A:DF:82:25:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SY_UU_XjX5x30dcG5WUTit-CJWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/545b06-8572-412f-a80f-3979ef0d32db/1/7QVUBJnH8byE-Jg05fyEzfqRiCA.roa
Signing time: Thu 02 Jan 2025 17:54:11 +0000
ROA not before: Thu 02 Jan 2025 17:54:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8376
IP address blocks: 217.29.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:4b:46:31:a7:98:73:8a:95:42:2d:80:47:94:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=498fd453f5e35f9c77d1d706e565138adf82256a
Validity
Not Before: Jan 2 17:54:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed05540499c7f1bc84f89834e5fc84cdfa918820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3b:8e:fa:4d:c0:30:ec:cf:09:d7:54:c5:8a:
09:cd:46:b7:a9:c4:34:cf:02:77:d9:2a:6f:e1:65:
63:90:ce:33:55:a7:7d:67:66:71:a2:e7:13:c0:60:
79:75:46:85:3e:b3:59:f7:bf:06:68:46:14:c2:85:
ce:b8:15:0e:e3:38:6d:f3:aa:14:78:79:af:9a:39:
0c:c6:0b:83:a5:cc:b8:02:41:ff:b4:45:28:42:55:
66:21:81:63:13:52:55:bd:61:af:af:29:4f:b1:26:
ba:7e:5f:6e:b7:36:72:e8:12:e3:db:63:a6:e1:e0:
41:00:42:92:ba:32:13:f3:6f:a8:94:0d:d1:d3:c4:
b8:12:93:4f:c6:e9:f5:aa:d6:a5:86:c3:7b:12:ab:
7c:7f:9a:9e:f7:b9:87:57:04:49:b9:fd:70:c0:93:
b4:b7:c0:9b:cd:d1:75:f5:65:af:ca:1c:c0:5f:24:
bf:20:04:ce:ce:de:98:6c:06:6b:47:22:bc:c9:3d:
30:5c:8f:61:be:0c:f3:97:85:81:4c:62:29:05:67:
6c:21:8d:b3:08:68:eb:6e:c4:87:74:98:c9:0b:5a:
96:45:d5:a1:b8:0d:3c:a9:c0:46:22:bb:c8:3f:5a:
27:d5:70:e0:cf:6b:18:1f:30:d4:34:14:87:f6:61:
3a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:05:54:04:99:C7:F1:BC:84:F8:98:34:E5:FC:84:CD:FA:91:88:20
X509v3 Authority Key Identifier:
keyid:49:8F:D4:53:F5:E3:5F:9C:77:D1:D7:06:E5:65:13:8A:DF:82:25:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SY_UU_XjX5x30dcG5WUTit-CJWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/545b06-8572-412f-a80f-3979ef0d32db/1/7QVUBJnH8byE-Jg05fyEzfqRiCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/545b06-8572-412f-a80f-3979ef0d32db/1/SY_UU_XjX5x30dcG5WUTit-CJWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.29.242.0/24
Signature Algorithm: sha256WithRSAEncryption
07:a4:34:fb:e2:08:d6:ea:16:b5:9d:be:7d:9e:3f:6a:a8:9b:
f2:0c:a2:d1:7a:e2:a3:45:29:6f:c6:89:a7:27:89:d9:86:95:
dc:d3:cd:68:31:bf:cc:ec:f9:ff:28:e0:80:18:c8:cc:d2:72:
bf:0d:63:e8:51:25:d8:f9:ed:be:6c:e2:59:da:6f:0a:9a:0b:
07:71:29:28:d2:85:bd:da:17:58:4d:69:4a:8c:ea:a2:fa:21:
ab:d9:ce:e7:91:4c:6c:11:fc:cf:66:f8:2a:84:48:77:66:d7:
bd:ed:be:27:19:87:0b:bd:f4:1d:b4:36:ee:f4:84:ec:28:7a:
6f:a9:a8:83:17:6e:09:da:2d:81:74:96:15:6f:3c:58:16:6b:
ff:84:26:28:49:71:77:d3:51:06:5d:17:0b:97:79:32:e8:0e:
0f:c1:36:8f:be:f7:b6:2c:96:f9:63:36:55:94:89:8c:6c:2a:
aa:86:88:bb:b8:d9:96:b4:94:06:52:54:ac:4a:36:27:6e:d7:
49:de:7f:3b:a0:c2:c4:df:68:84:38:8d:3c:d7:c4:e6:26:86:
7b:56:d9:c9:79:af:90:92:f1:da:5e:8d:2b:b0:69:43:24:98:
58:ed:4f:da:28:00:26:9a:2b:8f:84:80:7c:b0:a6:49:23:69:
af:04:42:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ0tGMaeYc4qVQi2AR5SXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5OGZkNDUzZjVlMzVmOWM3N2QxZDcwNmU1NjUxMzhhZGY4
MjI1NmEwHhcNMjUwMTAyMTc1NDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDA1NTQwNDk5YzdmMWJjODRmODk4MzRlNWZjODRjZGZhOTE4ODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDuO+k3AMOzPCddUxYoJzUa3qcQ0
zwJ32Spv4WVjkM4zVad9Z2ZxoucTwGB5dUaFPrNZ978GaEYUwoXOuBUO4zht86oU
eHmvmjkMxguDpcy4AkH/tEUoQlVmIYFjE1JVvWGvrylPsSa6fl9utzZy6BLj22Om
4eBBAEKSujIT82+olA3R08S4EpNPxun1qtalhsN7Eqt8f5qe97mHVwRJuf1wwJO0
t8CbzdF19WWvyhzAXyS/IATOzt6YbAZrRyK8yT0wXI9hvgzzl4WBTGIpBWdsIY2z
CGjrbsSHdJjJC1qWRdWhuA08qcBGIrvIP1on1XDgz2sYHzDUNBSH9mE6ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO0FVASZx/G8hPiYNOX8hM36kYggMB8GA1UdIwQY
MBaAFEmP1FP141+cd9HXBuVlE4rfgiVqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1lfVVVfWGpYNXgzMGRjRzVXVVRpdC1DSldvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi81NDViMDYtODU3Mi00MTJmLWE4MGYt
Mzk3OWVmMGQzMmRiLzEvN1FWVUJKbkg4YnlFLUpnMDVmeUV6ZnFSaUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi81NDViMDYtODU3Mi00MTJmLWE4MGYtMzk3OWVmMGQzMmRi
LzEvU1lfVVVfWGpYNXgzMGRjRzVXVVRpdC1DSldvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2R3yMA0G
CSqGSIb3DQEBCwUAA4IBAQAHpDT74gjW6ha1nb59nj9qqJvyDKLReuKjRSlvxomn
J4nZhpXc081oMb/M7Pn/KOCAGMjM0nK/DWPoUSXY+e2+bOJZ2m8KmgsHcSko0oW9
2hdYTWlKjOqi+iGr2c7nkUxsEfzPZvgqhEh3Zte97b4nGYcLvfQdtDbu9ITsKHpv
qaiDF24J2i2BdJYVbzxYFmv/hCYoSXF301EGXRcLl3ky6A4PwTaPvve2LJb5YzZV
lImMbCqqhoi7uNmWtJQGUlSsSjYnbtdJ3n87oMLE32iEOI0818TmJoZ7VtnJea+Q
kvHaXo0rsGlDJJhY7U/aKAAmmiuPhIB8sKZJI2mvBEKj
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:31:30 2025 by rpki-client