Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/iG7TgefFuCXVo2FdrDG8Tihh1gs.roa
File: iG7TgefFuCXVo2FdrDG8Tihh1gs.roa (raw, json)
Hash identifier: pKQL0uQ0amA1gxfNT8F8lf3bzht9tf5R0lpdHT/LPFA=
Subject key identifier: 88:6E:D3:81:E7:C5:B8:25:D5:A3:61:5D:AC:31:BC:4E:28:61:D6:0B
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0195436D2CEE90CC8E1B73A48EBF895EA890
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/iG7TgefFuCXVo2FdrDG8Tihh1gs.roa
Signing time: Wed 26 Feb 2025 18:03:03 +0000
ROA not before: Wed 26 Feb 2025 18:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23383
IP address blocks: 217.76.246.0/24 maxlen: 24
2a05:a780::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:43:6d:2c:ee:90:cc:8e:1b:73:a4:8e:bf:89:5e:a8:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Feb 26 18:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=886ed381e7c5b825d5a3615dac31bc4e2861d60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b6:8a:33:08:d0:e2:4d:62:f3:68:5c:11:47:
f4:24:ef:46:ee:07:37:ef:c5:9f:75:9d:b4:bf:85:
d2:64:2b:e8:5e:2a:39:8e:f9:8c:b0:71:34:ad:65:
4b:1a:c3:76:b7:12:90:82:9b:33:c6:36:0f:fd:4e:
10:52:04:ff:94:8a:74:55:7d:76:80:ae:f2:98:42:
c9:f9:42:f9:67:02:dd:77:6b:aa:57:d9:31:26:1d:
c8:ce:4c:75:4f:24:ca:3f:b7:86:c4:77:bc:64:cf:
24:c9:a8:a4:f3:e2:08:c6:9c:29:72:76:b6:81:64:
b1:77:3c:bc:d6:94:17:0a:92:7d:19:f3:cb:f1:c0:
03:82:ab:38:5f:c9:36:e8:de:64:fc:13:d1:40:8e:
4f:1d:6c:cd:ef:1d:57:0d:93:04:26:76:f4:81:f2:
07:70:3a:ee:ac:ec:7c:6d:e7:1d:89:d0:28:3f:fb:
79:30:93:2d:aa:09:e4:60:84:02:60:4d:53:01:a8:
37:85:59:ec:4b:ff:70:c8:35:7c:b0:2d:b5:fb:63:
0a:e9:2f:fd:7f:2d:54:1c:23:b2:f8:bc:25:bf:42:
ee:6f:65:b8:42:f1:31:1a:c3:88:f0:c7:77:38:91:
b2:a0:4a:25:90:45:de:d6:18:54:db:5d:33:2c:20:
df:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6E:D3:81:E7:C5:B8:25:D5:A3:61:5D:AC:31:BC:4E:28:61:D6:0B
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/iG7TgefFuCXVo2FdrDG8Tihh1gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.76.246.0/24
IPv6:
2a05:a780::/48
Signature Algorithm: sha256WithRSAEncryption
5d:2f:83:b9:24:e4:eb:65:e2:96:df:3c:2b:7e:7f:e4:e5:a0:
53:3b:ce:3e:d7:f1:cc:47:76:1f:5a:d3:d3:82:ac:aa:e8:b7:
90:16:bc:39:6f:e9:6e:a6:8b:17:20:b6:bc:f2:26:40:9c:6c:
1a:61:ab:4b:c3:c2:6f:9e:64:d6:08:5b:ae:49:6d:19:bc:48:
f9:c3:ac:32:62:f2:87:85:1e:75:39:bd:de:6f:56:90:41:5e:
13:af:fa:06:be:68:a4:24:f0:fe:ee:5d:a0:5c:34:11:2d:8c:
71:b0:c9:53:db:bc:17:81:8b:c0:2f:1b:71:3b:7a:15:de:44:
6f:14:02:a0:31:7f:4c:9e:88:79:3d:54:e1:c4:18:68:e2:91:
35:2a:fa:9f:03:e8:55:fa:23:88:5c:5e:f5:bb:a7:28:9d:e9:
71:b7:30:00:1a:3b:4b:88:a9:8a:18:ba:03:a1:77:ba:e4:ea:
90:84:0e:68:54:7d:8a:58:68:11:dc:43:3c:44:ab:5a:7c:02:
27:dc:e6:37:d3:be:a1:44:17:21:95:0d:a0:57:dd:96:36:15:
cd:9c:a3:3d:13:8d:83:7e:7f:5e:64:63:8c:7d:f1:7e:a9:41:
b3:83:df:44:d9:63:a7:9f:92:72:9f:33:a9:dc:41:f3:a9:54:
05:df:df:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZVDbSzukMyOG3Okjr+JXqiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMjI2MTgwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODZlZDM4MWU3YzViODI1ZDVhMzYxNWRhYzMxYmM0ZTI4NjFkNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbaKMwjQ4k1i82hcEUf0JO9G7gc3
78WfdZ20v4XSZCvoXio5jvmMsHE0rWVLGsN2txKQgpszxjYP/U4QUgT/lIp0VX12
gK7ymELJ+UL5ZwLdd2uqV9kxJh3Izkx1TyTKP7eGxHe8ZM8kyaik8+IIxpwpcna2
gWSxdzy81pQXCpJ9GfPL8cADgqs4X8k26N5k/BPRQI5PHWzN7x1XDZMEJnb0gfIH
cDrurOx8becdidAoP/t5MJMtqgnkYIQCYE1TAag3hVnsS/9wyDV8sC21+2MK6S/9
fy1UHCOy+Lwlv0Lub2W4QvExGsOI8Md3OJGyoEolkEXe1hhU210zLCDfVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIhu04Hnxbgl1aNhXawxvE4oYdYLMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvaUc3VGdlZkZ1Q1hWbzJGZHJERzhUaWhoMWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA2Uz2MA8E
AgACMAkDBwAqBaeAAAAwDQYJKoZIhvcNAQELBQADggEBAF0vg7kk5Otl4pbfPCt+
f+TloFM7zj7X8cxHdh9a09OCrKrot5AWvDlv6W6mixcgtrzyJkCcbBphq0vDwm+e
ZNYIW65JbRm8SPnDrDJi8oeFHnU5vd5vVpBBXhOv+ga+aKQk8P7uXaBcNBEtjHGw
yVPbvBeBi8AvG3E7ehXeRG8UAqAxf0yeiHk9VOHEGGjikTUq+p8D6FX6I4hcXvW7
pyid6XG3MAAaO0uIqYoYugOhd7rk6pCEDmhUfYpYaBHcQzxEq1p8Aifc5jfTvqFE
FyGVDaBX3ZY2Fc2coz0TjYN+f15kY4x98X6pQbOD30TZY6efknKfM6ncQfOpVAXf
3+Q=
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:55:49 2025 by rpki-client