Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/XT5hbM3hN0uWeQo78-4wXcwwUT0.roa
File: XT5hbM3hN0uWeQo78-4wXcwwUT0.roa (raw, json)
Hash identifier: SvbDE43Viqioo219I0DAuxFJK4VGXf3/3TDJAtfLyTs=
Subject key identifier: 5D:3E:61:6C:CD:E1:37:4B:96:79:0A:3B:F3:EE:30:5D:CC:30:51:3D
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 0194258F7BA3657F9F733CB6BF00DE67C46D
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/XT5hbM3hN0uWeQo78-4wXcwwUT0.roa
Signing time: Thu 02 Jan 2025 05:49:07 +0000
ROA not before: Thu 02 Jan 2025 05:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5418
IP address blocks: 217.170.15.0/24 maxlen: 24
2a02:10:100::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:7b:a3:65:7f:9f:73:3c:b6:bf:00:de:67:c4:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 2 05:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d3e616ccde1374b96790a3bf3ee305dcc30513d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b6:db:96:8c:5d:ef:69:de:54:b2:3a:84:5a:
7c:39:87:6e:dd:15:aa:00:66:6d:44:d5:05:7d:d4:
8a:9f:9c:39:13:52:80:95:a1:25:0f:bf:1f:89:f4:
29:a9:a8:22:98:50:c7:ec:78:8b:4e:1a:1c:f4:da:
9a:be:5a:bd:e7:a5:63:ca:fe:4f:ba:8b:27:b5:94:
97:11:eb:31:34:fb:e9:9c:e7:ad:61:d3:13:d3:ae:
21:7d:4f:23:a8:93:bc:a8:ec:b3:ca:ba:e4:d5:a6:
a8:7e:57:b4:f3:71:24:f4:17:40:cc:37:92:01:3f:
7d:19:36:d3:a8:2d:53:a3:af:f3:18:8a:82:d1:ae:
f7:e4:b9:9b:f8:7a:cf:40:78:8c:a5:dc:ce:5a:7c:
d0:26:fc:a9:f7:95:14:05:80:d1:0f:44:d8:42:46:
97:42:47:2a:30:37:36:6c:7b:81:0c:78:32:9b:6a:
5d:fb:9e:1a:e7:f2:f7:13:4b:db:76:e5:83:f2:6c:
fc:17:f6:7d:af:58:ad:4d:2c:fb:68:65:d9:45:3e:
d3:3c:b3:23:ba:98:54:71:42:8c:72:b7:cc:bd:d7:
7b:cd:34:d2:d4:51:1b:b2:ea:f6:72:fa:1a:ee:25:
14:ce:c8:dd:be:04:b9:e2:c9:16:8f:0d:83:e8:b4:
9e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3E:61:6C:CD:E1:37:4B:96:79:0A:3B:F3:EE:30:5D:CC:30:51:3D
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/XT5hbM3hN0uWeQo78-4wXcwwUT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.15.0/24
IPv6:
2a02:10:100::/48
Signature Algorithm: sha256WithRSAEncryption
37:28:b7:eb:8a:2a:c4:7f:da:93:68:e9:80:ae:5d:f6:85:f0:
aa:70:8b:76:2a:93:50:7b:f9:38:dd:79:7f:fb:29:c5:cb:42:
a6:a9:d9:47:7b:e7:48:a5:ce:34:38:d5:59:79:9a:ca:1c:c2:
eb:ef:a6:a5:a7:12:84:ba:26:d5:df:65:e9:3b:7c:23:7f:d2:
cb:bb:6a:98:35:17:23:2f:2e:30:4d:f8:b6:75:57:7f:49:7b:
b2:f0:5d:fa:82:4f:6b:19:d9:0c:98:d7:95:cb:ed:3b:81:50:
90:8f:ee:27:dc:29:46:33:42:18:79:7d:b6:f6:e3:7c:78:82:
78:69:fd:dc:e6:2d:66:31:c9:f4:f2:e2:4a:6b:a4:34:92:06:
58:86:29:f6:5f:de:79:a1:1a:49:9c:7a:9e:7c:71:b4:43:fb:
35:a9:8e:a4:7f:56:77:62:f4:ea:69:23:1f:fb:1f:c2:91:89:
9c:b6:aa:07:1c:b9:82:29:8a:28:f7:03:df:04:f7:da:4d:35:
1f:2f:37:ff:53:15:aa:d0:99:a6:97:37:38:01:57:91:39:d0:
ba:58:be:89:b6:ea:43:cf:0a:23:1b:f9:fc:7a:df:68:98:48:
e2:40:29:b6:94:9b:ef:bd:23:96:1e:b1:fc:f9:f5:99:f0:d6:
2d:0d:6f:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQlj3ujZX+fczy2vwDeZ8RtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjUwMTAyMDU0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDNlNjE2Y2NkZTEzNzRiOTY3OTBhM2JmM2VlMzA1ZGNjMzA1MTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrbbloxd72neVLI6hFp8OYdu3RWq
AGZtRNUFfdSKn5w5E1KAlaElD78fifQpqagimFDH7HiLThoc9Nqavlq956Vjyv5P
uosntZSXEesxNPvpnOetYdMT064hfU8jqJO8qOyzyrrk1aaofle083Ek9BdAzDeS
AT99GTbTqC1To6/zGIqC0a735Lmb+HrPQHiMpdzOWnzQJvyp95UUBYDRD0TYQkaX
QkcqMDc2bHuBDHgym2pd+54a5/L3E0vbduWD8mz8F/Z9r1itTSz7aGXZRT7TPLMj
uphUcUKMcrfMvdd7zTTS1FEbsur2cvoa7iUUzsjdvgS54skWjw2D6LSeuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF0+YWzN4TdLlnkKO/PuMF3MMFE9MB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvWFQ1aGJNM2hOMHVXZVFvNzgtNHdYY3d3VVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA2aoPMA8E
AgACMAkDBwAqAgAQAQAwDQYJKoZIhvcNAQELBQADggEBADcot+uKKsR/2pNo6YCu
XfaF8Kpwi3Yqk1B7+TjdeX/7KcXLQqap2Ud750ilzjQ41Vl5msocwuvvpqWnEoS6
JtXfZek7fCN/0su7apg1FyMvLjBN+LZ1V39Je7LwXfqCT2sZ2QyY15XL7TuBUJCP
7ifcKUYzQhh5fbb243x4gnhp/dzmLWYxyfTy4kprpDSSBliGKfZf3nmhGkmcep58
cbRD+zWpjqR/Vndi9OppIx/7H8KRiZy2qgccuYIpiij3A98E99pNNR8vN/9TFarQ
maaXNzgBV5E50LpYvom26kPPCiMb+fx632iYSOJAKbaUm++9I5Yesfz59Znw1i0N
bxo=
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:51:20 2025 by rpki-client