Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/3d05e9-309d-4afe-811c-49ad9684b217/1/hBoScTy_R6C4FFLywFrPnD1jiew.roa
File: hBoScTy_R6C4FFLywFrPnD1jiew.roa (raw, json)
Hash identifier: WCOs1P/NqciJzYty2KMERa2qn2v6xHWa62Th2aUgdxo=
Subject key identifier: 84:1A:12:71:3C:BF:47:A0:B8:14:52:F2:C0:5A:CF:9C:3D:63:89:EC
Certificate issuer: /CN=87dc1a9bffa2cf15a7d8099c8a3c317ce07db5ea
Certificate serial: 01941FF9FE4C44704CF1F8B5E1C94EBB9A92
Authority key identifier: 87:DC:1A:9B:FF:A2:CF:15:A7:D8:09:9C:8A:3C:31:7C:E0:7D:B5:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9wam_-izxWn2AmcijwxfOB9teo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/3d05e9-309d-4afe-811c-49ad9684b217/1/hBoScTy_R6C4FFLywFrPnD1jiew.roa
Signing time: Wed 01 Jan 2025 03:47:44 +0000
ROA not before: Wed 01 Jan 2025 03:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211611
IP address blocks: 217.197.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:f9:fe:4c:44:70:4c:f1:f8:b5:e1:c9:4e:bb:9a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87dc1a9bffa2cf15a7d8099c8a3c317ce07db5ea
Validity
Not Before: Jan 1 03:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=841a12713cbf47a0b81452f2c05acf9c3d6389ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:80:84:08:e9:01:cc:30:31:8d:ae:d8:5b:69:
78:28:fb:0c:a0:f1:f5:45:ff:9b:8d:8a:49:85:53:
a9:82:eb:98:ee:a3:01:31:31:47:be:3a:fc:e6:96:
71:1a:7e:8b:d1:8b:c6:84:7c:18:b6:89:c2:fa:aa:
66:bf:0e:1e:7e:1f:b0:6b:98:5f:fc:87:bb:5a:16:
e7:ad:49:c7:5f:a6:5e:56:98:e5:9c:89:3c:99:54:
76:bb:1e:79:c4:f3:09:f3:4f:cd:36:05:c7:b9:20:
24:d0:79:fd:d7:b2:6b:39:1e:f4:2b:16:5a:db:5f:
0b:26:09:8f:c4:d7:4d:bc:90:35:92:15:05:4a:c0:
a1:0b:48:02:c0:0c:16:39:c8:34:de:47:3b:c1:ba:
72:3c:44:ac:2f:6f:0a:cf:b8:9d:fa:f8:19:85:13:
72:f9:c9:ab:95:c8:7b:a7:0a:f5:31:22:03:9e:fc:
13:d8:1b:e6:7b:30:ed:6e:83:6c:96:97:48:6e:c0:
5c:c4:48:e0:5d:8a:be:30:15:89:bf:cd:bb:6d:48:
e7:65:50:20:77:77:0d:90:61:d4:b0:22:78:be:c4:
67:a0:bd:4f:99:02:f5:f7:27:fe:7a:7e:b7:b6:ae:
16:67:b5:05:f6:cb:99:10:34:bd:c5:bf:fa:d1:8f:
84:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1A:12:71:3C:BF:47:A0:B8:14:52:F2:C0:5A:CF:9C:3D:63:89:EC
X509v3 Authority Key Identifier:
keyid:87:DC:1A:9B:FF:A2:CF:15:A7:D8:09:9C:8A:3C:31:7C:E0:7D:B5:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9wam_-izxWn2AmcijwxfOB9teo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3d05e9-309d-4afe-811c-49ad9684b217/1/hBoScTy_R6C4FFLywFrPnD1jiew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/3d05e9-309d-4afe-811c-49ad9684b217/1/h9wam_-izxWn2AmcijwxfOB9teo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.98.0/24
Signature Algorithm: sha256WithRSAEncryption
37:a5:bc:1a:6b:fd:f3:b4:28:ea:9e:44:40:01:40:05:0c:df:
49:25:54:95:5f:16:3c:98:80:8c:ac:c1:fa:cb:6a:ac:5c:6b:
0d:0f:64:79:31:e3:8c:c1:e4:69:20:95:f8:f1:1f:18:11:11:
b6:e2:64:ab:fa:bc:f3:41:f2:9e:3a:b7:0e:60:01:2c:d6:c0:
74:3f:ad:28:48:30:86:cb:37:29:c8:c5:c2:1e:f1:81:52:38:
2c:78:e9:df:99:fd:e8:4b:9b:4b:be:47:bf:ce:9d:b7:1e:b2:
79:d4:e2:d9:38:24:44:39:fa:0d:30:88:8c:99:0c:3d:67:9f:
94:38:38:a2:c7:2b:a0:5f:5e:61:dd:ac:57:7d:7c:8e:72:5a:
c5:28:fe:6f:57:25:38:cb:77:f4:7a:52:11:c0:77:42:39:7c:
ab:28:8e:15:db:dd:34:0c:1b:f5:ef:63:e4:d9:35:33:09:41:
8a:0e:e6:7b:95:da:64:a8:1e:3b:5b:51:19:66:44:06:55:22:
36:38:cd:a6:2d:51:50:4d:ba:e4:c1:f7:48:0d:98:00:fb:c9:
0d:a6:f6:08:df:54:68:fb:ea:76:eb:a5:27:c7:6c:2a:dc:d6:
c3:a3:06:55:e2:39:46:f3:bc:58:54:c3:36:66:f5:cc:66:83:
ab:e6:46:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+f5MRHBM8fi14clOu5qSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZGMxYTliZmZhMmNmMTVhN2Q4MDk5YzhhM2MzMTdjZTA3
ZGI1ZWEwHhcNMjUwMTAxMDM0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDFhMTI3MTNjYmY0N2EwYjgxNDUyZjJjMDVhY2Y5YzNkNjM4OWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4CECOkBzDAxja7YW2l4KPsMoPH1
Rf+bjYpJhVOpguuY7qMBMTFHvjr85pZxGn6L0YvGhHwYtonC+qpmvw4efh+wa5hf
/Ie7WhbnrUnHX6ZeVpjlnIk8mVR2ux55xPMJ80/NNgXHuSAk0Hn917JrOR70KxZa
218LJgmPxNdNvJA1khUFSsChC0gCwAwWOcg03kc7wbpyPESsL28Kz7id+vgZhRNy
+cmrlch7pwr1MSIDnvwT2BvmezDtboNslpdIbsBcxEjgXYq+MBWJv827bUjnZVAg
d3cNkGHUsCJ4vsRnoL1PmQL19yf+en63tq4WZ7UF9suZEDS9xb/60Y+E2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQaEnE8v0eguBRS8sBaz5w9Y4nsMB8GA1UdIwQY
MBaAFIfcGpv/os8Vp9gJnIo8MXzgfbXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDl3YW1fLWl6eFduMkFtY2lqd3hmT0I5dGVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zZDA1ZTktMzA5ZC00YWZlLTgxMWMt
NDlhZDk2ODRiMjE3LzEvaEJvU2NUeV9SNkM0RkZMeXdGclBuRDFqaWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zZDA1ZTktMzA5ZC00YWZlLTgxMWMtNDlhZDk2ODRiMjE3
LzEvaDl3YW1fLWl6eFduMkFtY2lqd3hmT0I5dGVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cViMA0G
CSqGSIb3DQEBCwUAA4IBAQA3pbwaa/3ztCjqnkRAAUAFDN9JJVSVXxY8mICMrMH6
y2qsXGsND2R5MeOMweRpIJX48R8YERG24mSr+rzzQfKeOrcOYAEs1sB0P60oSDCG
yzcpyMXCHvGBUjgseOnfmf3oS5tLvke/zp23HrJ51OLZOCREOfoNMIiMmQw9Z5+U
ODiixyugX15h3axXfXyOclrFKP5vVyU4y3f0elIRwHdCOXyrKI4V2900DBv172Pk
2TUzCUGKDuZ7ldpkqB47W1EZZkQGVSI2OM2mLVFQTbrkwfdIDZgA+8kNpvYI31Ro
++p266Unx2wq3NbDowZV4jlG87xYVMM2ZvXMZoOr5kZF
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:35:48 2025 by rpki-client