Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/dVPbIRfsnF_eS0blJ9Y7zNoUs7k.roa
File: dVPbIRfsnF_eS0blJ9Y7zNoUs7k.roa (raw, json)
Hash identifier: ShygWBXCmOMXv5YpTJlMJ5UYglgVh9DDoGkuss6YEGo=
Subject key identifier: 75:53:DB:21:17:EC:9C:5F:DE:4B:46:E5:27:D6:3B:CC:DA:14:B3:B9
Certificate issuer: /CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Certificate serial: 0194CD2B7B6FDC8035F29ECD9D690B000661
Authority key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/dVPbIRfsnF_eS0blJ9Y7zNoUs7k.roa
Signing time: Mon 03 Feb 2025 18:56:06 +0000
ROA not before: Mon 03 Feb 2025 18:56:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 217.9.12.0/24 maxlen: 24
217.9.14.0/24 maxlen: 24
217.9.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cd:2b:7b:6f:dc:80:35:f2:9e:cd:9d:69:0b:00:06:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Validity
Not Before: Feb 3 18:56:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7553db2117ec9c5fde4b46e527d63bccda14b3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c8:a9:fd:2d:21:3c:5e:22:20:45:25:b6:35:
f3:c9:90:96:2f:ec:93:a0:c2:3b:4b:22:95:08:3c:
81:7c:96:08:49:7e:9b:ed:e1:56:65:b6:79:69:4a:
3a:39:33:4c:3e:28:ff:c6:aa:4d:16:75:e0:10:55:
49:7c:07:b4:5e:19:e0:8e:61:85:b1:d1:15:dd:af:
1e:c3:6c:0d:93:d6:8c:7f:94:95:a7:95:d0:8f:44:
00:10:c6:fd:7c:29:fb:cf:57:09:b1:e6:50:fa:28:
5c:95:10:7e:97:f7:b6:13:24:41:ce:99:b2:dc:dd:
2f:f9:e3:9a:56:b8:2e:9b:d5:f0:6b:04:a7:f0:9f:
bd:97:1b:82:ee:9a:0d:bb:60:37:24:d8:ae:9b:ac:
25:04:f8:3b:4f:9a:aa:ca:9e:fe:13:bf:6e:46:9f:
56:73:2a:e4:ce:f4:86:f3:3d:9d:05:d6:3b:3d:8e:
80:56:45:e4:4b:d7:cc:bc:e1:66:0f:e3:1f:3c:b3:
72:9e:21:e9:ae:4e:2d:ef:df:ab:67:3d:e1:76:07:
25:a0:00:a0:42:0f:ac:5d:fb:28:7a:a5:82:14:a2:
55:9e:b2:1b:cb:c7:a5:ba:b7:3b:d8:af:bd:1b:c0:
cc:09:3c:c1:2d:30:7b:f2:75:ad:0c:41:90:90:23:
36:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:53:DB:21:17:EC:9C:5F:DE:4B:46:E5:27:D6:3B:CC:DA:14:B3:B9
X509v3 Authority Key Identifier:
keyid:A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/dVPbIRfsnF_eS0blJ9Y7zNoUs7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.12.0/24
217.9.14.0/23
Signature Algorithm: sha256WithRSAEncryption
df:fb:13:93:5a:da:42:a7:2a:92:81:99:e2:36:b0:83:44:d1:
bc:75:63:f0:c4:c3:29:eb:26:c1:a3:c5:14:75:17:57:c2:73:
29:12:60:ff:ac:37:c7:ff:ea:4d:be:0f:fb:8c:b2:ad:71:f3:
3a:21:e4:38:e5:d6:18:e0:8b:e0:13:9f:8a:ce:1e:cd:f6:79:
e1:a4:73:ad:07:19:91:28:dc:c7:bd:38:40:2c:51:3e:4e:15:
e1:81:39:07:74:66:e2:8a:28:ff:dd:8a:b8:27:58:f7:2e:ee:
ec:4c:81:49:ea:a2:46:47:b9:e4:7c:a9:8d:37:e2:00:16:54:
87:9a:23:14:47:ab:c0:36:3c:8c:6e:a0:1f:47:69:e6:ca:26:
f8:81:70:73:9e:39:95:e2:80:7a:3c:c5:ab:8f:db:b0:4b:1e:
5e:a9:1b:e1:a3:3e:d7:58:43:73:e5:91:fc:31:aa:34:68:cb:
74:68:30:20:f6:ae:29:98:09:78:bd:ce:0b:49:11:07:7d:73:
d3:2e:33:09:2c:88:91:07:fe:57:32:36:04:dd:f0:70:5a:aa:
41:42:a6:eb:0c:b5:f9:be:72:dd:69:31:16:5c:94:40:ab:ca:
86:b2:99:22:93:7d:79:25:e0:f6:09:1e:da:92:8a:08:ef:e6:
e0:e8:7a:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTNK3tv3IA18p7NnWkLAAZhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZWUxODJkOWM0M2E1Y2U3MDY4ZGZkOWJhN2FhOGVkOTBl
NWUwYmEwHhcNMjUwMjAzMTg1NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTUzZGIyMTE3ZWM5YzVmZGU0YjQ2ZTUyN2Q2M2JjY2RhMTRiM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8ip/S0hPF4iIEUltjXzyZCWL+yT
oMI7SyKVCDyBfJYISX6b7eFWZbZ5aUo6OTNMPij/xqpNFnXgEFVJfAe0XhngjmGF
sdEV3a8ew2wNk9aMf5SVp5XQj0QAEMb9fCn7z1cJseZQ+ihclRB+l/e2EyRBzpmy
3N0v+eOaVrgum9XwawSn8J+9lxuC7poNu2A3JNium6wlBPg7T5qqyp7+E79uRp9W
cyrkzvSG8z2dBdY7PY6AVkXkS9fMvOFmD+MfPLNyniHprk4t79+rZz3hdgcloACg
Qg+sXfsoeqWCFKJVnrIby8elurc72K+9G8DMCTzBLTB78nWtDEGQkCM22QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHVT2yEX7Jxf3ktG5SfWO8zaFLO5MB8GA1UdIwQY
MBaAFKfuGC2cQ6XOcGjf2bp6qO2Q5eC6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDkt
NmI1ZjY4NTIyYTdkLzEvZFZQYklSZnNuRl9lUzBibEo5WTd6Tm9VczdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kYWI0MjAtMGRlMy00MzIxLTljMDktNmI1ZjY4NTIyYTdk
LzEvcC00WUxaeERwYzV3YU5fWnVucW83WkRsNExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2QkMAwQB
2QkOMA0GCSqGSIb3DQEBCwUAA4IBAQDf+xOTWtpCpyqSgZniNrCDRNG8dWPwxMMp
6ybBo8UUdRdXwnMpEmD/rDfH/+pNvg/7jLKtcfM6IeQ45dYY4IvgE5+Kzh7N9nnh
pHOtBxmRKNzHvThALFE+ThXhgTkHdGbiiij/3Yq4J1j3Lu7sTIFJ6qJGR7nkfKmN
N+IAFlSHmiMUR6vANjyMbqAfR2nmyib4gXBznjmV4oB6PMWrj9uwSx5eqRvhoz7X
WENz5ZH8Mao0aMt0aDAg9q4pmAl4vc4LSREHfXPTLjMJLIiRB/5XMjYE3fBwWqpB
QqbrDLX5vnLdaTEWXJRAq8qGspkik315JeD2CR7akooI7+bg6Hoh
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:36:53 2025 by rpki-client