Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/rfouL44lCXKFlJx3f-T9zbjuGS4.roa
File: rfouL44lCXKFlJx3f-T9zbjuGS4.roa (raw, json)
Hash identifier: tCYRZzQeGaABrV6yDW5xOTTpQ0NtqSv/VFgzFAs4QHg=
Subject key identifier: AD:FA:2E:2F:8E:25:09:72:85:94:9C:77:7F:E4:FD:CD:B8:EE:19:2E
Certificate issuer: /CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Certificate serial: 019427B61C558D15A4C61141E1234B5F21F2
Authority key identifier: 9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/rfouL44lCXKFlJx3f-T9zbjuGS4.roa
Signing time: Thu 02 Jan 2025 15:50:33 +0000
ROA not before: Thu 02 Jan 2025 15:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212830
IP address blocks: 217.67.164.0/24 maxlen: 24
217.67.172.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:1c:55:8d:15:a4:c6:11:41:e1:23:4b:5f:21:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Validity
Not Before: Jan 2 15:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adfa2e2f8e25097285949c777fe4fdcdb8ee192e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f5:ce:3c:87:79:94:c2:ef:f3:78:bc:08:e7:
9a:01:c5:91:d2:d3:ff:31:44:37:72:a3:ad:32:8d:
7b:34:eb:8c:9f:6f:fa:8d:53:0b:6e:b5:6a:1e:e8:
de:85:85:66:fd:7f:9c:68:39:4c:c7:8e:8a:1d:c6:
26:4f:09:19:50:72:7a:8d:66:28:7b:dc:f4:7f:46:
39:cc:0a:df:db:fc:80:11:b8:2c:95:82:fd:47:59:
62:d7:1a:b7:4a:a5:1a:51:7e:57:f6:26:8f:21:e3:
ba:3c:7d:d4:03:f2:75:76:2c:f2:b6:ae:50:32:24:
4e:3c:f5:22:dd:05:2d:cd:a2:1e:b8:9d:55:83:69:
25:68:82:a8:5e:fc:8f:1b:df:f2:15:13:87:62:b1:
d6:00:96:c6:f9:85:9f:35:d1:72:eb:df:fe:f5:41:
c6:4d:9d:6d:2c:95:7f:2d:c7:78:1a:36:28:be:5e:
d7:66:62:a9:e0:30:e6:cf:6f:06:33:68:39:49:a5:
a8:d6:64:e6:a9:3c:6c:67:ba:6b:c9:32:4f:8f:48:
3a:8a:1a:51:f0:4f:8d:8e:79:79:d0:6a:43:c2:59:
b0:77:40:58:18:73:ad:d7:3f:60:1b:41:5e:1e:98:
01:7b:d9:d5:97:20:c2:fb:35:8a:7c:e3:ab:8e:b1:
74:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:FA:2E:2F:8E:25:09:72:85:94:9C:77:7F:E4:FD:CD:B8:EE:19:2E
X509v3 Authority Key Identifier:
keyid:9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/rfouL44lCXKFlJx3f-T9zbjuGS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/nM47EZfQz5URVAVypY_TctzAdIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.67.164.0/24
217.67.172.0/22
Signature Algorithm: sha256WithRSAEncryption
87:44:41:9e:20:51:c9:ca:f1:93:82:24:04:6b:20:81:be:98:
b9:e5:ac:92:57:1a:63:5e:c4:a6:dc:9f:c5:5c:f5:20:f2:db:
ff:da:d3:05:3f:a8:d5:db:bd:18:02:36:67:49:e5:8e:a5:82:
8b:f8:7d:5c:3b:74:c2:ff:41:d6:a5:26:74:33:e6:86:f0:e5:
47:f4:5d:47:61:7f:c2:13:22:bf:c8:32:d1:64:de:2e:70:5b:
ed:20:38:19:eb:6b:01:71:ca:ad:98:4c:bb:c5:93:6f:2a:4b:
0e:75:3f:07:5a:8d:da:ff:2f:00:31:cc:93:0b:fc:58:ab:23:
9f:8a:2b:39:65:56:b8:f8:93:20:23:14:bd:ea:ba:d7:b8:cd:
3a:60:79:82:b1:69:38:d5:27:7a:48:cd:c5:9e:fd:22:18:5f:
1b:30:54:a2:7c:11:fe:0d:64:de:d9:d0:12:ba:f4:61:19:f9:
be:4e:5f:6f:02:2a:73:e9:2c:d3:8c:e5:be:5f:ff:cd:a6:f2:
b0:48:4c:13:03:fe:3d:95:a9:e2:e4:d8:29:85:c1:f0:fd:af:
66:1e:69:2e:cc:18:0a:11:1d:db:e5:b2:e8:82:d5:c6:ba:72:
e5:37:2d:ef:3e:c5:0c:d5:a0:3b:d4:d7:95:b0:05:43:56:21:
68:4f:17:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnthxVjRWkxhFB4SNLXyHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljY2UzYjExOTdkMGNmOTUxMTU0MDU3MmE1OGZkMzcyZGNj
MDc0ODkwHhcNMjUwMTAyMTU1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGZhMmUyZjhlMjUwOTcyODU5NDljNzc3ZmU0ZmRjZGI4ZWUxOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/XOPId5lMLv83i8COeaAcWR0tP/
MUQ3cqOtMo17NOuMn2/6jVMLbrVqHujehYVm/X+caDlMx46KHcYmTwkZUHJ6jWYo
e9z0f0Y5zArf2/yAEbgslYL9R1li1xq3SqUaUX5X9iaPIeO6PH3UA/J1dizytq5Q
MiROPPUi3QUtzaIeuJ1Vg2klaIKoXvyPG9/yFROHYrHWAJbG+YWfNdFy69/+9UHG
TZ1tLJV/Lcd4GjYovl7XZmKp4DDmz28GM2g5SaWo1mTmqTxsZ7pryTJPj0g6ihpR
8E+Njnl50GpDwlmwd0BYGHOt1z9gG0FeHpgBe9nVlyDC+zWKfOOrjrF08wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK36Li+OJQlyhZScd3/k/c247hkuMB8GA1UdIwQY
MBaAFJzOOxGX0M+VEVQFcqWP03LcwHSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgt
YTA0NWZmOGUyYWMwLzEvcmZvdUw0NGxDWEtGbEp4M2YtVDl6Ymp1R1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgtYTA0NWZmOGUyYWMw
LzEvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2UOkAwQC
2UOsMA0GCSqGSIb3DQEBCwUAA4IBAQCHREGeIFHJyvGTgiQEayCBvpi55aySVxpj
XsSm3J/FXPUg8tv/2tMFP6jV270YAjZnSeWOpYKL+H1cO3TC/0HWpSZ0M+aG8OVH
9F1HYX/CEyK/yDLRZN4ucFvtIDgZ62sBccqtmEy7xZNvKksOdT8HWo3a/y8AMcyT
C/xYqyOfiis5ZVa4+JMgIxS96rrXuM06YHmCsWk41Sd6SM3Fnv0iGF8bMFSifBH+
DWTe2dASuvRhGfm+Tl9vAipz6SzTjOW+X//NpvKwSEwTA/49lani5NgphcHw/a9m
HmkuzBgKER3b5bLogtXGunLlNy3vPsUM1aA71NeVsAVDViFoTxdr
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:24 2025 by rpki-client