Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/hBKyVacGlogiVNjX3PpqQxD-QRI.roa
File: hBKyVacGlogiVNjX3PpqQxD-QRI.roa (raw, json)
Hash identifier: ArfX6YOpKoaazVWvHAd1Yvq+E0/nDyo4ADeLcx3Vcig=
Subject key identifier: 84:12:B2:55:A7:06:96:88:22:54:D8:D7:DC:FA:6A:43:10:FE:41:12
Certificate issuer: /CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
Certificate serial: 018CC493450CF3900FBBC9335FC4325A39CF
Authority key identifier: EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/hBKyVacGlogiVNjX3PpqQxD-QRI.roa
Signing time: Mon 01 Jan 2024 10:30:34 +0000
ROA not before: Mon 01 Jan 2024 10:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3292
IP address blocks: 217.28.162.0/24 maxlen: 24
217.28.160.0/23 maxlen: 23
217.28.164.0/22 maxlen: 22
217.28.168.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:45:0c:f3:90:0f:bb:c9:33:5f:c4:32:5a:39:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
Validity
Not Before: Jan 1 10:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8412b255a70696882254d8d7dcfa6a4310fe4112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d1:1f:33:1e:12:53:a4:8f:22:d0:b1:66:07:
a1:8f:b9:86:5e:23:d6:b3:6e:63:10:ea:fc:e0:f3:
8c:4d:c5:e5:76:d8:ef:b2:83:c2:93:a4:53:71:03:
22:f5:76:91:75:f9:43:01:76:6b:c1:22:4b:dc:66:
69:d4:67:5d:ae:34:56:2b:78:02:57:5d:54:1c:e8:
c8:99:89:3a:b1:ca:68:3d:72:49:6e:a4:9a:3b:99:
eb:f0:09:0e:51:e6:56:09:7a:72:87:6b:70:86:a4:
c6:8e:5a:e6:f8:8f:c6:1b:f9:8e:29:d4:8b:30:be:
06:b2:d9:f3:a7:57:c6:2a:f4:8f:da:73:91:36:78:
ed:db:61:b9:44:3b:17:eb:5c:7d:e1:b9:89:b7:49:
0d:2c:c0:81:3f:ce:1a:69:52:09:20:c3:91:6c:1e:
56:98:c4:0d:79:26:74:b8:17:18:8f:6c:81:d6:7e:
33:f3:f4:03:67:dc:44:e1:6d:af:b8:f1:97:93:2a:
72:64:9c:22:22:a6:0d:12:6a:b6:ee:86:9f:16:ef:
e0:81:47:cb:2d:f8:e2:9e:f0:06:11:bc:7a:53:04:
0b:7c:b7:6f:47:7d:95:73:db:92:a7:8a:44:ad:f4:
c4:c0:c5:41:d7:bb:51:f1:60:34:90:f5:11:5d:9d:
d4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:12:B2:55:A7:06:96:88:22:54:D8:D7:DC:FA:6A:43:10:FE:41:12
X509v3 Authority Key Identifier:
keyid:EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/hBKyVacGlogiVNjX3PpqQxD-QRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/73_V0zBhqd6SCvHCoTUT1G3SRhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.160.0-217.28.162.255
217.28.164.0-217.28.175.255
Signature Algorithm: sha256WithRSAEncryption
3e:a4:3a:de:8d:76:d0:8d:d9:9e:f1:f5:16:a1:fa:27:c2:5e:
60:4b:01:37:03:79:52:11:30:bb:48:f5:b3:04:d6:e2:cf:4e:
20:36:06:33:da:2a:eb:cb:13:2f:dd:13:6e:0e:0e:1b:7f:61:
02:24:ea:6d:fd:24:36:6b:58:d5:71:86:92:b8:3a:a1:63:af:
58:45:fc:5c:f0:30:4d:e7:67:3d:10:2f:5f:92:dd:1e:5c:bd:
00:70:68:cf:9a:5d:f8:3f:80:f0:0d:d9:01:1d:2e:a0:36:6e:
8d:f5:68:8d:d2:8a:a5:af:d9:85:da:40:61:50:9a:96:36:07:
08:f8:40:3f:78:0b:ca:58:9c:8d:f6:50:2a:80:17:b7:af:a7:
9e:e3:7f:60:bf:f0:cf:00:9e:84:b7:1b:13:57:0e:cc:c6:fc:
bb:30:cc:42:ba:c4:0e:4e:8a:8c:4d:cd:2e:12:19:58:bf:ad:
e3:84:97:ee:3f:fd:75:a7:c5:84:1c:1b:c8:c6:a3:23:00:49:
5b:79:4e:7b:1e:99:a2:f3:7b:3b:61:f9:d3:4d:67:64:40:90:
99:f8:7c:8f:79:ce:bd:d5:d5:dd:44:a4:07:97:7a:5e:c3:43:
70:4e:65:0d:13:54:e2:b2:2e:92:40:e0:2e:ef:78:1c:75:33:
22:89:a6:0a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzEk0UM85APu8kzX8QyWjnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2ZkNWQzMzA2MWE5ZGU5MjBhZjFjMmExMzUxM2Q0NmRk
MjQ2MTIwHhcNMjQwMTAxMTAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDEyYjI1NWE3MDY5Njg4MjI1NGQ4ZDdkY2ZhNmE0MzEwZmU0MTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9EfMx4SU6SPItCxZgehj7mGXiPW
s25jEOr84POMTcXldtjvsoPCk6RTcQMi9XaRdflDAXZrwSJL3GZp1GddrjRWK3gC
V11UHOjImYk6scpoPXJJbqSaO5nr8AkOUeZWCXpyh2twhqTGjlrm+I/GG/mOKdSL
ML4Gstnzp1fGKvSP2nORNnjt22G5RDsX61x94bmJt0kNLMCBP84aaVIJIMORbB5W
mMQNeSZ0uBcYj2yB1n4z8/QDZ9xE4W2vuPGXkypyZJwiIqYNEmq27oafFu/ggUfL
LfjinvAGEbx6UwQLfLdvR32Vc9uSp4pErfTEwMVB17tR8WA0kPURXZ3UgwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIQSslWnBpaIIlTY19z6akMQ/kESMB8GA1UdIwQY
MBaAFO9/1dMwYanekgrxwqE1E9Rt0kYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzNfVjB6QmhxZDZTQ3ZIQ29UVVQxRzNTUmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yMzE5MGMtZTFhMC00YmE0LWIxZDgt
YTEwMmJlMzgyZTUxLzEvaEJLeVZhY0dsb2dpVk5qWDNQcHFReEQtUVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yMzE5MGMtZTFhMC00YmE0LWIxZDgtYTEwMmJlMzgyZTUx
LzEvNzNfVjB6QmhxZDZTQ3ZIQ29UVVQxRzNTUmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAXZHKAD
BADZHKIwDAMEAtkcpAMEBNkcoDANBgkqhkiG9w0BAQsFAAOCAQEAPqQ63o120I3Z
nvH1FqH6J8JeYEsBNwN5UhEwu0j1swTW4s9OIDYGM9oq68sTL90Tbg4OG39hAiTq
bf0kNmtY1XGGkrg6oWOvWEX8XPAwTednPRAvX5LdHly9AHBoz5pd+D+A8A3ZAR0u
oDZujfVojdKKpa/ZhdpAYVCaljYHCPhAP3gLylicjfZQKoAXt6+nnuN/YL/wzwCe
hLcbE1cOzMb8uzDMQrrEDk6KjE3NLhIZWL+t44SX7j/9dafFhBwbyMajIwBJW3lO
ex6ZovN7O2H5001nZECQmfh8j3nOvdXV3USkB5d6XsNDcE5lDRNU4rIukkDgLu94
HHUzIommCg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:29:50 2025 by rpki-client