Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/v9-5z5YpI-v4-8G9E800WCaoj2E.roa
File: v9-5z5YpI-v4-8G9E800WCaoj2E.roa (raw, json)
Hash identifier: g0Wb037SZahs3CM0km/0DRjxcAfVhOxL5a1u4O7CbRM=
Subject key identifier: BF:DF:B9:CF:96:29:23:EB:F8:FB:C1:BD:13:CD:34:58:26:A8:8F:61
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0194221F86742EFAA26682B63040B9568F3B
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/v9-5z5YpI-v4-8G9E800WCaoj2E.roa
Signing time: Wed 01 Jan 2025 13:47:58 +0000
ROA not before: Wed 01 Jan 2025 13:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 217.67.72.0/23 maxlen: 23
217.67.74.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:86:74:2e:fa:a2:66:82:b6:30:40:b9:56:8f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jan 1 13:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfdfb9cf962923ebf8fbc1bd13cd345826a88f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ba:73:0f:ff:46:b8:7f:7a:36:dc:fe:1d:d1:
ee:7a:db:90:2c:2e:ac:0f:e4:3d:52:36:f9:60:c8:
82:cf:00:22:15:6c:bc:0c:e2:25:92:79:80:e0:7e:
a3:94:96:5d:38:ae:18:06:c7:ce:40:3e:38:ba:95:
e8:e4:e0:a9:b4:3b:12:95:dc:98:b9:b8:3f:6c:26:
c1:22:2c:be:38:df:24:d2:b1:3a:b2:41:11:1b:bb:
2c:f5:92:1f:da:9c:5d:0d:ce:d8:70:4d:e9:0c:11:
f2:10:78:23:df:76:de:d6:ae:e5:e5:db:8a:7e:b7:
00:7f:38:dc:6c:d3:9c:74:2a:54:2d:ed:24:8c:94:
3b:4d:72:cf:51:fe:14:2b:a2:4e:25:e6:f3:61:ea:
ed:83:06:77:34:a6:79:bc:bc:fa:85:65:a8:3c:9a:
96:65:e5:6a:d5:33:eb:22:be:1e:d1:3a:e3:72:83:
5a:b6:f7:63:f7:64:89:b6:70:85:37:9c:ae:a4:95:
65:20:27:bf:4c:0a:6a:eb:cc:eb:bb:66:7f:0c:f5:
1b:02:73:9e:b8:e6:36:05:11:b9:b9:c6:ba:3f:e7:
49:b3:4c:28:a8:a9:8f:92:15:67:9c:07:24:29:bd:
2a:60:c0:fb:b7:be:3a:4f:c2:e6:35:6c:ad:cd:87:
2a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:DF:B9:CF:96:29:23:EB:F8:FB:C1:BD:13:CD:34:58:26:A8:8F:61
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/v9-5z5YpI-v4-8G9E800WCaoj2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.67.72.0/22
Signature Algorithm: sha256WithRSAEncryption
37:f9:88:84:5c:f4:37:9f:30:dd:1c:d4:5f:7e:e5:f4:d9:1d:
cc:e1:bd:36:89:8b:77:4b:21:d2:a3:af:33:83:df:3f:79:ec:
0f:4d:48:20:82:51:6d:19:d4:4c:1e:47:3f:d1:ab:76:a1:74:
6a:b9:0c:11:b5:31:48:ab:4f:2d:b7:97:aa:f6:89:f6:b0:ed:
74:26:d1:29:b0:70:97:c8:5f:2a:2c:11:1c:4b:c7:2a:dc:a2:
5f:a0:69:e9:4d:e4:34:b3:38:c5:b8:e3:14:b4:21:e2:ae:8a:
6e:3b:3e:14:ff:19:e8:50:b6:bc:4d:03:83:c3:b3:dc:03:11:
b4:d8:0d:c4:8f:00:51:f6:50:4e:fd:65:c8:7f:0a:ad:e0:00:
e6:99:c1:5f:16:c8:dc:ae:69:6b:47:73:b5:9a:d8:11:14:35:
0c:70:5d:b9:ec:e7:22:e8:20:e7:f8:63:7c:96:7b:9b:94:b2:
0f:f9:5c:99:d3:23:fc:12:ac:c3:c8:af:7b:e4:77:6c:53:49:
23:45:29:7a:20:eb:29:09:18:48:a5:b3:54:fa:b8:b9:e7:f5:
5b:74:9c:88:c3:1c:55:4b:d1:4b:53:35:b1:86:c3:10:1b:03:
8d:75:64:fc:6a:27:a1:a2:21:93:ea:e7:2a:1b:58:7c:0c:1d:
ea:c6:75:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4Z0LvqiZoK2MEC5Vo87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjUwMTAxMTM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmRmYjljZjk2MjkyM2ViZjhmYmMxYmQxM2NkMzQ1ODI2YTg4ZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLpzD/9GuH96Ntz+HdHuetuQLC6s
D+Q9Ujb5YMiCzwAiFWy8DOIlknmA4H6jlJZdOK4YBsfOQD44upXo5OCptDsSldyY
ubg/bCbBIiy+ON8k0rE6skERG7ss9ZIf2pxdDc7YcE3pDBHyEHgj33be1q7l5duK
frcAfzjcbNOcdCpULe0kjJQ7TXLPUf4UK6JOJebzYertgwZ3NKZ5vLz6hWWoPJqW
ZeVq1TPrIr4e0TrjcoNatvdj92SJtnCFN5yupJVlICe/TApq68zru2Z/DPUbAnOe
uOY2BRG5uca6P+dJs0woqKmPkhVnnAckKb0qYMD7t746T8LmNWytzYcqCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/fuc+WKSPr+PvBvRPNNFgmqI9hMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvdjktNXo1WXBJLXY0LThHOUU4MDBXQ2FvajJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UNIMA0G
CSqGSIb3DQEBCwUAA4IBAQA3+YiEXPQ3nzDdHNRffuX02R3M4b02iYt3SyHSo68z
g98/eewPTUggglFtGdRMHkc/0at2oXRquQwRtTFIq08tt5eq9on2sO10JtEpsHCX
yF8qLBEcS8cq3KJfoGnpTeQ0szjFuOMUtCHiropuOz4U/xnoULa8TQODw7PcAxG0
2A3EjwBR9lBO/WXIfwqt4ADmmcFfFsjcrmlrR3O1mtgRFDUMcF257Oci6CDn+GN8
lnublLIP+VyZ0yP8EqzDyK975HdsU0kjRSl6IOspCRhIpbNU+ri55/VbdJyIwxxV
S9FLUzWxhsMQGwONdWT8aiehoiGT6ucqG1h8DB3qxnV9
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:01:09 2025 by rpki-client