Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Mr8lTv9s2ct83iFwG6O7kzVlPUU.roa
File: Mr8lTv9s2ct83iFwG6O7kzVlPUU.roa (raw, json)
Hash identifier: jZNtkQ3oj4uhzih/pzsajL+HJy7Cy8jaB0/btWz9AK0=
Subject key identifier: 32:BF:25:4E:FF:6C:D9:CB:7C:DE:21:70:1B:A3:BB:93:35:65:3D:45
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0194221F86D1A08949A854BF6291405432C7
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Mr8lTv9s2ct83iFwG6O7kzVlPUU.roa
Signing time: Wed 01 Jan 2025 13:47:58 +0000
ROA not before: Wed 01 Jan 2025 13:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 217.67.76.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:86:d1:a0:89:49:a8:54:bf:62:91:40:54:32:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 1 13:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32bf254eff6cd9cb7cde21701ba3bb9335653d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:47:e1:d1:aa:c1:1a:1c:84:36:7f:ec:67:9e:
bd:bd:0c:df:2e:5a:3c:f9:dc:d3:5d:55:48:5a:02:
24:8f:70:7e:ad:f0:ee:91:c1:d2:58:56:45:f8:de:
aa:6a:f4:42:10:b6:7c:dd:72:ee:12:2a:66:b2:c6:
9f:fd:1c:83:99:e0:f0:25:04:61:63:32:b8:a2:f1:
2b:c4:14:26:86:3d:d1:6c:e0:46:93:83:7e:0e:f5:
41:67:f4:79:80:f2:29:29:fe:be:31:66:47:74:8f:
66:1d:01:51:d1:f1:b5:09:b3:58:c9:01:db:ce:6b:
17:ef:6a:d8:0b:cb:5e:bd:c2:78:36:c2:40:de:18:
82:b7:2c:eb:35:08:7d:98:f5:9a:f6:7e:fc:b0:73:
e6:12:28:9d:ec:c5:05:f6:25:70:18:c0:d6:ba:dd:
59:50:f6:32:f7:7c:7f:86:2a:14:07:a6:4a:ed:de:
14:da:ec:91:eb:17:8c:11:e4:a3:2e:71:28:3a:bf:
b9:a5:0a:ae:4a:bb:c3:d7:fd:3a:eb:75:c6:34:35:
b2:20:1e:9a:6f:91:fd:5d:52:dd:32:45:ac:7d:90:
71:75:ae:07:10:c6:a9:e8:cf:9f:97:aa:82:b2:e1:
bf:66:96:a0:7a:99:6e:bf:61:c3:09:b5:63:c6:3d:
c2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:BF:25:4E:FF:6C:D9:CB:7C:DE:21:70:1B:A3:BB:93:35:65:3D:45
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/Mr8lTv9s2ct83iFwG6O7kzVlPUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.67.76.0/23
Signature Algorithm: sha256WithRSAEncryption
23:cc:96:4a:98:ef:74:09:38:40:c6:8e:ef:6c:23:8c:ef:2b:
d7:0f:5a:f8:4b:75:c4:6c:23:35:95:d5:86:cb:15:ca:13:ef:
9f:de:38:a7:ea:6d:41:4c:d7:0d:c3:ff:5a:22:c2:51:c3:8b:
b5:ff:b8:c5:03:40:69:7d:89:1e:8e:22:4d:c8:4e:a7:ee:3b:
99:2d:0c:af:2b:54:45:f8:29:17:f7:56:2c:a9:c8:db:47:05:
d0:c1:4d:4a:8a:67:0c:5d:56:98:b4:46:de:fb:23:b6:4b:2c:
41:f5:0e:8a:76:08:a7:2a:0c:eb:e0:05:d5:bc:c1:58:a3:95:
97:b1:13:ab:0d:b3:97:7c:19:83:bd:27:61:f0:4d:12:73:6e:
da:48:d6:95:a4:9c:16:27:eb:47:4e:df:0a:ca:c0:8b:92:14:
d7:52:05:74:d2:f5:b7:36:f3:83:ae:ed:af:7e:7e:37:92:a8:
46:98:31:1b:3a:43:51:6d:65:07:33:ac:e1:8d:15:b0:f8:71:
f3:f2:a6:05:fc:0d:0a:2e:14:dc:63:6a:6f:34:7a:fe:8f:7c:
93:cf:d7:91:63:4f:f2:85:d9:56:0d:62:d6:00:8a:5b:19:47:
48:30:8f:41:9c:d4:20:52:72:20:d1:3f:89:6d:3a:3c:82:1e:
02:a1:20:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4bRoIlJqFS/YpFAVDLHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjUwMTAxMTM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmJmMjU0ZWZmNmNkOWNiN2NkZTIxNzAxYmEzYmI5MzM1NjUzZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0fh0arBGhyENn/sZ569vQzfLlo8
+dzTXVVIWgIkj3B+rfDukcHSWFZF+N6qavRCELZ83XLuEipmssaf/RyDmeDwJQRh
YzK4ovErxBQmhj3RbOBGk4N+DvVBZ/R5gPIpKf6+MWZHdI9mHQFR0fG1CbNYyQHb
zmsX72rYC8tevcJ4NsJA3hiCtyzrNQh9mPWa9n78sHPmEiid7MUF9iVwGMDWut1Z
UPYy93x/hioUB6ZK7d4U2uyR6xeMEeSjLnEoOr+5pQquSrvD1/0663XGNDWyIB6a
b5H9XVLdMkWsfZBxda4HEMap6M+fl6qCsuG/Zpagepluv2HDCbVjxj3CEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDK/JU7/bNnLfN4hcBuju5M1ZT1FMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvTXI4bFR2OXMyY3Q4M2lGd0c2TzdrelZsUFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2UNMMA0G
CSqGSIb3DQEBCwUAA4IBAQAjzJZKmO90CThAxo7vbCOM7yvXD1r4S3XEbCM1ldWG
yxXKE++f3jin6m1BTNcNw/9aIsJRw4u1/7jFA0BpfYkejiJNyE6n7juZLQyvK1RF
+CkX91YsqcjbRwXQwU1KimcMXVaYtEbe+yO2SyxB9Q6KdginKgzr4AXVvMFYo5WX
sROrDbOXfBmDvSdh8E0Sc27aSNaVpJwWJ+tHTt8KysCLkhTXUgV00vW3NvODru2v
fn43kqhGmDEbOkNRbWUHM6zhjRWw+HHz8qYF/A0KLhTcY2pvNHr+j3yTz9eRY0/y
hdlWDWLWAIpbGUdIMI9BnNQgUnIg0T+JbTo8gh4CoSCX
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:26:10 2025 by rpki-client