Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/h8tPDjA1OFAFTFOZDX2QcoPajT8.roa
File: h8tPDjA1OFAFTFOZDX2QcoPajT8.roa (raw, json)
Hash identifier: D2D71dyeEW0POzOSRVEi2ki37gqunzi/KvsZFZxTyj0=
Subject key identifier: 87:CB:4F:0E:30:35:38:50:05:4C:53:99:0D:7D:90:72:83:DA:8D:3F
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0194282792D7864DC46F02C8C1795D56F557
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/h8tPDjA1OFAFTFOZDX2QcoPajT8.roa
Signing time: Thu 02 Jan 2025 17:54:29 +0000
ROA not before: Thu 02 Jan 2025 17:54:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208305
IP address blocks: 217.111.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:92:d7:86:4d:c4:6f:02:c8:c1:79:5d:56:f5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 2 17:54:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87cb4f0e30353850054c53990d7d907283da8d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cf:ea:0a:69:3d:a3:1c:6e:98:c8:9e:79:47:
8a:81:21:fb:c6:6a:9f:c9:e2:8c:15:0b:bb:d0:29:
a5:94:e2:79:86:13:8f:fe:ba:a5:d4:95:f5:31:00:
64:45:c0:62:b3:d0:13:1a:07:2b:cb:55:00:87:d2:
c1:47:90:69:3d:dd:99:23:0b:34:d1:9a:61:78:bf:
70:8c:04:68:15:85:4a:4a:da:e3:61:72:e8:d8:9f:
1e:d7:f9:ac:43:ae:69:91:1b:fc:09:22:5d:fe:ac:
6b:29:a1:bd:02:ec:32:d5:f9:cd:9a:ab:74:76:79:
a9:71:e9:c3:03:ad:b0:f5:02:65:4f:5f:c1:e6:49:
90:aa:37:1e:03:5b:ea:11:06:56:84:7d:6e:ff:fa:
e4:8a:6d:fc:8a:4d:35:bf:a1:0b:70:3c:d5:7d:7a:
79:8e:9f:5c:fa:31:8e:ee:b8:d9:bc:3e:cd:23:69:
68:23:fc:69:88:f2:0f:c9:6f:d2:94:44:bd:27:3b:
3f:89:0b:d2:5a:4b:ff:fa:b0:42:6b:6a:04:4e:52:
18:02:ff:30:1b:36:dd:04:a5:8d:e5:7f:2f:f1:52:
30:96:f8:0a:b8:11:0d:ce:b2:68:d1:b4:8a:46:5c:
42:71:79:fa:bb:fd:01:37:2d:dd:db:3c:65:97:57:
f2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:CB:4F:0E:30:35:38:50:05:4C:53:99:0D:7D:90:72:83:DA:8D:3F
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/h8tPDjA1OFAFTFOZDX2QcoPajT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.111.139.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:8c:03:14:a7:6e:0d:78:aa:90:38:61:e5:b0:8b:42:dd:a2:
2a:8e:e1:0f:b0:9f:ea:6c:04:64:1b:47:53:ce:84:26:5b:98:
65:3e:ac:30:f7:e7:9e:fe:5f:8e:b0:b0:1f:ca:51:d4:d5:c4:
e9:dc:58:72:4f:9d:c5:50:48:d6:dd:1e:26:54:d4:37:c3:25:
29:62:59:4e:d9:14:66:5b:7e:83:c2:0d:77:ae:d5:12:7c:4d:
81:be:d4:17:a0:2d:65:27:fb:84:99:55:d6:8b:38:1c:76:1e:
95:68:fc:00:69:30:f8:e5:d5:51:c0:59:12:f6:44:c4:c8:7b:
5d:5d:60:13:86:48:db:77:a2:97:57:e9:5c:44:61:e1:3f:4d:
db:ea:60:0e:7a:21:b9:87:ef:4b:e1:4b:63:b8:26:42:ac:d0:
3a:df:92:a5:4a:02:da:12:b5:0c:a4:f2:d7:d8:8c:7a:b2:2d:
ac:00:28:d4:f0:16:cc:05:d4:ca:02:4c:5c:96:01:f6:ff:85:
4f:d5:97:af:38:4e:97:91:07:79:99:1a:6e:f9:42:13:74:50:
2c:4a:fe:e6:42:42:6d:41:5a:a3:ea:a1:5f:b7:d1:b8:68:0a:
ee:65:98:b4:5f:c2:23:f3:e1:87:9e:00:5e:05:4c:d2:41:2b:
2c:1e:bc:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ5LXhk3EbwLIwXldVvVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjUwMTAyMTc1NDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2NiNGYwZTMwMzUzODUwMDU0YzUzOTkwZDdkOTA3MjgzZGE4ZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8/qCmk9oxxumMieeUeKgSH7xmqf
yeKMFQu70CmllOJ5hhOP/rql1JX1MQBkRcBis9ATGgcry1UAh9LBR5BpPd2ZIws0
0ZpheL9wjARoFYVKStrjYXLo2J8e1/msQ65pkRv8CSJd/qxrKaG9Auwy1fnNmqt0
dnmpcenDA62w9QJlT1/B5kmQqjceA1vqEQZWhH1u//rkim38ik01v6ELcDzVfXp5
jp9c+jGO7rjZvD7NI2loI/xpiPIPyW/SlES9Jzs/iQvSWkv/+rBCa2oETlIYAv8w
GzbdBKWN5X8v8VIwlvgKuBENzrJo0bSKRlxCcXn6u/0BNy3d2zxll1fywwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfLTw4wNThQBUxTmQ19kHKD2o0/MB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvaDh0UERqQTFPRkFGVEZPWkRYMlFjb1BhalQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2W+LMA0G
CSqGSIb3DQEBCwUAA4IBAQCxjAMUp24NeKqQOGHlsItC3aIqjuEPsJ/qbARkG0dT
zoQmW5hlPqww9+ee/l+OsLAfylHU1cTp3FhyT53FUEjW3R4mVNQ3wyUpYllO2RRm
W36Dwg13rtUSfE2BvtQXoC1lJ/uEmVXWizgcdh6VaPwAaTD45dVRwFkS9kTEyHtd
XWAThkjbd6KXV+lcRGHhP03b6mAOeiG5h+9L4UtjuCZCrNA635KlSgLaErUMpPLX
2Ix6si2sACjU8BbMBdTKAkxclgH2/4VP1ZevOE6XkQd5mRpu+UITdFAsSv7mQkJt
QVqj6qFft9G4aAruZZi0X8Ij8+GHngBeBUzSQSssHrxz
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:11:42 2025 by rpki-client