Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/du6DBdKlb1Cr5Z5mqlctF2rW68k.roa
File: du6DBdKlb1Cr5Z5mqlctF2rW68k.roa (raw, json)
Hash identifier: XaoP28uRsMgk856VCX7c/74Lo2ezwg/z+6hQ43OafIc=
Subject key identifier: 76:EE:83:05:D2:A5:6F:50:AB:E5:9E:66:AA:57:2D:17:6A:D6:EB:C9
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 01942444A6083FCE4426A52558344F835127
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/du6DBdKlb1Cr5Z5mqlctF2rW68k.roa
Signing time: Wed 01 Jan 2025 23:47:46 +0000
ROA not before: Wed 01 Jan 2025 23:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211471
IP address blocks: 217.150.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a6:08:3f:ce:44:26:a5:25:58:34:4f:83:51:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jan 1 23:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76ee8305d2a56f50abe59e66aa572d176ad6ebc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c9:80:19:d2:7a:dc:c7:e1:de:6b:d0:bb:a9:
45:ef:f8:bd:35:23:7d:c7:71:10:9d:31:92:c5:81:
ab:e7:64:17:87:7f:80:88:f3:59:d8:65:16:e7:2e:
dd:84:ab:ec:15:a2:30:f4:c7:15:a6:6b:88:96:ab:
53:79:6c:96:f4:83:5a:fc:c5:ea:47:2f:c9:13:f9:
b3:89:27:4e:d7:2b:6c:f0:24:e4:85:5d:96:c9:b9:
78:6e:7e:5a:ea:c9:fb:0d:91:47:f5:6a:f9:a1:d2:
08:93:40:dd:34:d8:d9:7b:9b:a5:61:79:ba:4a:68:
47:23:4e:f9:96:42:3a:c8:2b:44:58:d8:a0:1c:39:
e6:0e:a3:f1:42:e7:b1:1d:98:7d:cb:2b:fb:5c:2d:
f3:aa:31:c0:8f:fd:b7:02:01:3f:aa:60:ae:44:12:
2f:d8:6a:9f:da:c7:3c:6f:8f:a7:1b:d3:0c:34:32:
ba:3b:50:7b:18:ca:2f:44:8d:a7:fa:b5:db:a8:0f:
fc:9a:34:a0:5f:6f:01:7c:02:3a:13:83:6b:8f:07:
71:5b:3c:d7:4b:2b:1b:8a:30:ab:78:b3:c5:77:c4:
f9:0f:1a:c0:83:13:e9:ac:f4:a2:24:e7:4c:4f:da:
8a:af:25:51:41:e1:11:fb:20:b0:4d:24:d0:fd:83:
3e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EE:83:05:D2:A5:6F:50:AB:E5:9E:66:AA:57:2D:17:6A:D6:EB:C9
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/du6DBdKlb1Cr5Z5mqlctF2rW68k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.221.0/24
Signature Algorithm: sha256WithRSAEncryption
40:48:39:c1:cf:d6:33:7e:4c:89:b2:7f:ae:5f:61:0a:60:e1:
1e:24:60:16:9e:53:5f:1c:ee:51:4d:5f:db:aa:c6:81:1a:72:
af:b2:2b:88:f6:ab:e5:3b:41:84:ea:ef:d6:dd:28:2d:29:88:
95:ef:a3:d8:ac:d9:00:9f:b8:66:d3:a4:06:e3:fe:59:3a:c3:
4e:77:d8:c2:52:a4:fe:7d:0a:e6:17:b8:27:28:58:d9:7d:de:
aa:75:2f:51:18:75:34:70:8e:0c:56:17:f6:a6:c4:4b:94:08:
0b:c2:4e:7b:bd:22:bf:56:b2:72:3b:6a:70:c7:de:3c:18:d6:
df:5c:4c:ef:60:8a:05:7f:f3:1c:28:eb:e0:a8:3f:6c:a5:d0:
59:72:82:ed:ba:9a:fd:b3:e5:da:93:bf:fb:54:1c:38:7d:18:
34:88:52:69:bf:81:37:7e:ce:1e:9e:19:39:02:7f:64:5d:cd:
14:3f:d6:a5:24:bf:ff:15:12:ea:ec:0d:9a:a4:23:04:ba:5d:
f0:77:81:4d:c7:a7:5d:c0:0c:71:11:e1:12:bf:63:67:1e:39:
e2:4d:30:78:1b:ea:7a:9c:b3:6f:e0:b9:a6:1b:b6:52:2c:70:
63:86:fc:e0:e7:87:0c:68:6f:00:92:4e:da:b4:75:cc:e1:6c:
a4:99:98:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRKYIP85EJqUlWDRPg1EnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjUwMTAxMjM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmVlODMwNWQyYTU2ZjUwYWJlNTllNjZhYTU3MmQxNzZhZDZlYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcmAGdJ63Mfh3mvQu6lF7/i9NSN9
x3EQnTGSxYGr52QXh3+AiPNZ2GUW5y7dhKvsFaIw9McVpmuIlqtTeWyW9INa/MXq
Ry/JE/mziSdO1yts8CTkhV2Wybl4bn5a6sn7DZFH9Wr5odIIk0DdNNjZe5ulYXm6
SmhHI075lkI6yCtEWNigHDnmDqPxQuexHZh9yyv7XC3zqjHAj/23AgE/qmCuRBIv
2Gqf2sc8b4+nG9MMNDK6O1B7GMovRI2n+rXbqA/8mjSgX28BfAI6E4NrjwdxWzzX
SysbijCreLPFd8T5DxrAgxPprPSiJOdMT9qKryVRQeER+yCwTSTQ/YM+vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbugwXSpW9Qq+WeZqpXLRdq1uvJMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvZHU2REJkS2xiMUNyNVo1bXFsY3RGMnJXNjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZbdMA0G
CSqGSIb3DQEBCwUAA4IBAQBASDnBz9YzfkyJsn+uX2EKYOEeJGAWnlNfHO5RTV/b
qsaBGnKvsiuI9qvlO0GE6u/W3SgtKYiV76PYrNkAn7hm06QG4/5ZOsNOd9jCUqT+
fQrmF7gnKFjZfd6qdS9RGHU0cI4MVhf2psRLlAgLwk57vSK/VrJyO2pwx948GNbf
XEzvYIoFf/McKOvgqD9spdBZcoLtupr9s+Xak7/7VBw4fRg0iFJpv4E3fs4enhk5
An9kXc0UP9alJL//FRLq7A2apCMEul3wd4FNx6ddwAxxEeESv2NnHjniTTB4G+p6
nLNv4LmmG7ZSLHBjhvzg54cMaG8Akk7atHXM4WykmZit
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:09:48 2025 by rpki-client