Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/VzRjdkwBu8Fkl5vweVi2jqYCzo4.roa
File: VzRjdkwBu8Fkl5vweVi2jqYCzo4.roa (raw, json)
Hash identifier: U717je7LwsUkBe72HBiejR0u+SJl0Gu+L3oNfTm5P7k=
Subject key identifier: 57:34:63:76:4C:01:BB:C1:64:97:9B:F0:79:58:B6:8E:A6:02:CE:8E
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01942746C0A6B509ED2AB3773CFE0169EA22
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/VzRjdkwBu8Fkl5vweVi2jqYCzo4.roa
Signing time: Thu 02 Jan 2025 13:48:55 +0000
ROA not before: Thu 02 Jan 2025 13:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216356
IP address blocks: 185.17.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:c0:a6:b5:09:ed:2a:b3:77:3c:fe:01:69:ea:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 13:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=573463764c01bbc164979bf07958b68ea602ce8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ce:ce:b8:9c:d8:41:b8:79:de:2a:a3:88:07:
23:93:70:6d:a8:74:80:9e:50:b9:56:4b:41:45:4c:
d3:f7:f8:00:a1:d6:a5:79:18:b0:87:1e:c0:76:43:
52:33:44:16:f4:cb:64:3d:44:97:74:fb:30:a5:b9:
2a:1a:3e:5f:9e:b0:9f:e5:c4:19:88:86:74:91:ac:
44:23:13:1e:7c:ca:05:b5:88:45:29:51:27:0d:ce:
c7:f4:57:bd:c5:82:74:ed:98:da:cb:cb:23:5c:95:
7e:38:06:0e:42:99:40:64:7d:36:64:18:e3:de:ff:
35:bb:88:24:32:8c:be:b6:e3:05:31:7e:d2:37:b8:
6e:38:11:aa:33:62:f1:d1:36:1e:e7:f0:d8:f2:84:
69:83:96:bc:3f:d3:16:6f:8b:c4:38:61:fb:29:5f:
b4:b0:88:1c:0f:cc:87:10:57:94:fb:04:de:c2:21:
60:a8:a4:ca:89:54:49:b2:da:26:c0:f7:49:17:ee:
fb:78:c0:cb:e1:0a:ee:48:c8:17:e9:77:1d:b7:be:
51:8d:c0:cb:af:b0:40:65:c7:de:3f:ce:3e:da:b6:
fc:45:3f:ac:24:b8:24:2e:41:fb:bf:53:7c:51:0b:
45:f0:df:bc:5b:cd:22:89:1a:2e:92:22:99:64:12:
1e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:34:63:76:4C:01:BB:C1:64:97:9B:F0:79:58:B6:8E:A6:02:CE:8E
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/VzRjdkwBu8Fkl5vweVi2jqYCzo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.137.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:09:a9:e5:b6:35:bf:a7:09:d1:93:77:0c:fb:a2:1b:5d:f1:
0a:c5:fe:17:6e:30:47:94:fd:8b:1d:96:de:ba:f0:10:6e:9a:
60:cc:d8:8c:79:2a:39:69:19:1d:95:30:49:da:81:3d:81:19:
48:9c:35:12:bc:16:4b:4f:70:60:95:15:78:7a:24:1a:50:73:
4d:d3:d4:71:76:a7:18:92:82:4a:3a:2e:fe:c5:5e:ef:6f:c0:
3a:8e:cb:cb:3f:54:da:11:63:8a:21:06:70:05:ea:74:65:b8:
e3:eb:4e:83:ca:4d:17:4f:69:dd:c6:c2:7a:8b:66:82:eb:82:
c5:01:f9:fa:27:e5:90:e7:43:ab:27:c9:6d:86:c3:71:60:79:
e8:03:3a:fb:2c:35:cd:c3:0b:88:8b:c3:ef:9a:da:cb:15:1a:
38:59:b3:ec:98:4d:76:f5:cf:b8:55:9c:97:a8:cb:f7:98:b2:
bd:46:5f:03:76:d5:5a:0b:2b:b3:a9:b8:ce:53:3d:08:dc:83:
10:d7:e6:c3:e4:04:b6:15:d5:6a:28:2c:23:a7:f2:bb:14:86:
b1:74:eb:9a:ff:16:7c:94:8a:f0:45:10:8c:e5:1f:30:37:47:
3b:ac:fc:f3:3f:b3:a4:30:27:cd:33:e7:d6:c1:63:b5:49:49:
fa:20:ee:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRsCmtQntKrN3PP4BaeoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTAyMTM0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM0NjM3NjRjMDFiYmMxNjQ5NzliZjA3OTU4YjY4ZWE2MDJjZThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc7OuJzYQbh53iqjiAcjk3BtqHSA
nlC5VktBRUzT9/gAodaleRiwhx7AdkNSM0QW9MtkPUSXdPswpbkqGj5fnrCf5cQZ
iIZ0kaxEIxMefMoFtYhFKVEnDc7H9Fe9xYJ07Zjay8sjXJV+OAYOQplAZH02ZBjj
3v81u4gkMoy+tuMFMX7SN7huOBGqM2Lx0TYe5/DY8oRpg5a8P9MWb4vEOGH7KV+0
sIgcD8yHEFeU+wTewiFgqKTKiVRJstomwPdJF+77eMDL4QruSMgX6Xcdt75RjcDL
r7BAZcfeP84+2rb8RT+sJLgkLkH7v1N8UQtF8N+8W80iiRoukiKZZBIegQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFc0Y3ZMAbvBZJeb8HlYto6mAs6OMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvVnpSamRrd0J1OEZrbDV2d2VWaTJqcVlDem80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRGJMA0G
CSqGSIb3DQEBCwUAA4IBAQBNCanltjW/pwnRk3cM+6IbXfEKxf4XbjBHlP2LHZbe
uvAQbppgzNiMeSo5aRkdlTBJ2oE9gRlInDUSvBZLT3BglRV4eiQaUHNN09RxdqcY
koJKOi7+xV7vb8A6jsvLP1TaEWOKIQZwBep0Zbjj606Dyk0XT2ndxsJ6i2aC64LF
Afn6J+WQ50OrJ8lthsNxYHnoAzr7LDXNwwuIi8PvmtrLFRo4WbPsmE129c+4VZyX
qMv3mLK9Rl8DdtVaCyuzqbjOUz0I3IMQ1+bD5AS2FdVqKCwjp/K7FIaxdOua/xZ8
lIrwRRCM5R8wN0c7rPzzP7OkMCfNM+fWwWO1SUn6IO7y
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:09:12 2025 by rpki-client