Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/617778-9f31-475b-84fa-74c979a6536e/1/8SXa1LGEgRchazaJtCn45wimFzI.roa
File: 8SXa1LGEgRchazaJtCn45wimFzI.roa (raw, json)
Hash identifier: aarcdMLMUD+vhP2Nt/G/Xfb4TI1KlOo20WqPIWfHmGk=
Subject key identifier: F1:25:DA:D4:B1:84:81:17:21:6B:36:89:B4:29:F8:E7:08:A6:17:32
Certificate issuer: /CN=68cc325c8ad9769a1b54da296305fe0c36573775
Certificate serial: 01941F8C9FAA9968E55C74966D573755BBA1
Authority key identifier: 68:CC:32:5C:8A:D9:76:9A:1B:54:DA:29:63:05:FE:0C:36:57:37:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMwyXIrZdpobVNopYwX-DDZXN3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/617778-9f31-475b-84fa-74c979a6536e/1/8SXa1LGEgRchazaJtCn45wimFzI.roa
Signing time: Wed 01 Jan 2025 01:48:17 +0000
ROA not before: Wed 01 Jan 2025 01:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200185
IP address blocks: 217.61.104.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9f:aa:99:68:e5:5c:74:96:6d:57:37:55:bb:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68cc325c8ad9769a1b54da296305fe0c36573775
Validity
Not Before: Jan 1 01:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f125dad4b1848117216b3689b429f8e708a61732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4e:88:68:45:06:51:2e:7b:75:46:4a:6e:5a:
81:e0:2f:13:ff:2e:2a:14:a4:5c:33:f1:5c:d3:fc:
7a:46:bb:03:96:42:d8:f6:30:f2:51:52:3b:a5:8b:
fa:e4:0d:fb:20:c0:68:e5:ca:51:0e:e0:79:5c:a7:
52:3c:1b:61:ee:2d:1f:99:52:05:77:e8:71:26:44:
1c:b3:29:07:1f:64:af:da:18:b9:01:8d:69:82:dd:
a4:71:1f:41:4f:35:57:b0:9d:ae:82:ed:97:29:e2:
90:49:ba:2b:6c:53:b2:de:37:d7:a0:3f:d9:d9:31:
3a:dc:fd:23:44:14:29:e4:00:d4:18:ab:e4:91:57:
6f:79:7e:f4:3b:96:11:29:05:00:5e:3b:b9:62:74:
db:69:11:e3:36:94:0c:6d:01:04:b0:93:af:a9:3a:
30:55:5f:17:0f:df:04:63:22:42:68:14:74:16:87:
e4:e3:fa:fe:a6:79:55:23:b0:08:b7:ad:00:3d:bf:
69:3d:ce:87:15:b1:ac:11:7e:c8:d3:f5:eb:db:45:
f4:0b:c1:37:f7:38:5a:29:f2:dc:c8:cd:49:25:98:
c6:5d:db:95:b0:73:00:81:ca:8d:fa:72:9b:73:63:
ef:ac:41:f8:50:5f:00:35:37:30:64:ad:e0:ae:4a:
ee:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:25:DA:D4:B1:84:81:17:21:6B:36:89:B4:29:F8:E7:08:A6:17:32
X509v3 Authority Key Identifier:
keyid:68:CC:32:5C:8A:D9:76:9A:1B:54:DA:29:63:05:FE:0C:36:57:37:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMwyXIrZdpobVNopYwX-DDZXN3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/617778-9f31-475b-84fa-74c979a6536e/1/8SXa1LGEgRchazaJtCn45wimFzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/617778-9f31-475b-84fa-74c979a6536e/1/aMwyXIrZdpobVNopYwX-DDZXN3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.61.104.0/21
Signature Algorithm: sha256WithRSAEncryption
31:26:bc:f7:04:4b:35:5f:56:bb:c8:5e:3e:bc:85:2e:92:b5:
7d:b0:b8:22:c1:51:b9:70:b4:30:bb:77:5c:56:ca:5b:1f:06:
05:61:fe:ef:a7:d6:cc:b3:e4:21:f9:14:c3:36:06:70:56:7a:
da:65:e4:7f:f5:69:b9:79:7c:2a:e7:bf:15:ac:07:66:3a:fb:
f2:fb:47:5a:37:1f:11:07:fa:fe:08:39:86:5a:66:39:a0:8a:
ba:4b:aa:72:2d:0d:10:78:85:02:4b:0c:fd:1b:49:1e:ed:93:
2d:3d:d3:79:c1:60:5d:ad:84:54:04:36:ca:16:51:e1:81:0b:
fd:7a:d2:01:66:a0:19:77:6f:3e:a4:cd:02:ea:75:11:78:36:
a6:ab:eb:fc:57:8c:2a:0d:e5:cd:da:2a:ab:fd:37:e0:f5:8e:
91:aa:f7:3a:54:c9:5f:08:4b:1e:46:98:38:2f:c7:26:80:40:
41:fb:03:72:f5:f3:08:2d:5e:37:f1:d0:cf:20:87:f4:4b:31:
b1:21:9f:e4:27:03:4f:8f:5e:01:ea:61:71:41:8a:07:c3:48:
00:58:6d:0f:80:b5:c1:f1:83:89:95:c2:39:5f:7f:e5:70:c3:
18:57:57:3b:fb:1d:c3:55:ce:fb:9c:3f:25:44:11:5d:0e:21:
e2:a5:3d:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJ+qmWjlXHSWbVc3VbuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Y2MzMjVjOGFkOTc2OWExYjU0ZGEyOTYzMDVmZTBjMzY1
NzM3NzUwHhcNMjUwMTAxMDE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTI1ZGFkNGIxODQ4MTE3MjE2YjM2ODliNDI5ZjhlNzA4YTYxNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAik6IaEUGUS57dUZKblqB4C8T/y4q
FKRcM/Fc0/x6RrsDlkLY9jDyUVI7pYv65A37IMBo5cpRDuB5XKdSPBth7i0fmVIF
d+hxJkQcsykHH2Sv2hi5AY1pgt2kcR9BTzVXsJ2ugu2XKeKQSborbFOy3jfXoD/Z
2TE63P0jRBQp5ADUGKvkkVdveX70O5YRKQUAXju5YnTbaRHjNpQMbQEEsJOvqTow
VV8XD98EYyJCaBR0Fofk4/r+pnlVI7AIt60APb9pPc6HFbGsEX7I0/Xr20X0C8E3
9zhaKfLcyM1JJZjGXduVsHMAgcqN+nKbc2PvrEH4UF8ANTcwZK3grkruAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPEl2tSxhIEXIWs2ibQp+OcIphcyMB8GA1UdIwQY
MBaAFGjMMlyK2XaaG1TaKWMF/gw2Vzd1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU13eVhJclpkcG9iVk5vcFl3WC1ERFpYTjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi82MTc3NzgtOWYzMS00NzViLTg0ZmEt
NzRjOTc5YTY1MzZlLzEvOFNYYTFMR0VnUmNoYXphSnRDbjQ1d2ltRnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi82MTc3NzgtOWYzMS00NzViLTg0ZmEtNzRjOTc5YTY1MzZl
LzEvYU13eVhJclpkcG9iVk5vcFl3WC1ERFpYTjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2T1oMA0G
CSqGSIb3DQEBCwUAA4IBAQAxJrz3BEs1X1a7yF4+vIUukrV9sLgiwVG5cLQwu3dc
VspbHwYFYf7vp9bMs+Qh+RTDNgZwVnraZeR/9Wm5eXwq578VrAdmOvvy+0daNx8R
B/r+CDmGWmY5oIq6S6pyLQ0QeIUCSwz9G0ke7ZMtPdN5wWBdrYRUBDbKFlHhgQv9
etIBZqAZd28+pM0C6nUReDamq+v8V4wqDeXN2iqr/Tfg9Y6Rqvc6VMlfCEseRpg4
L8cmgEBB+wNy9fMILV438dDPIIf0SzGxIZ/kJwNPj14B6mFxQYoHw0gAWG0PgLXB
8YOJlcI5X3/lcMMYV1c7+x3DVc77nD8lRBFdDiHipT01
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:07 2025 by rpki-client