Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/b9Hu80_829heeLvFjfJdJz5nCTc.roa
File: b9Hu80_829heeLvFjfJdJz5nCTc.roa (raw, json)
Hash identifier: j+SJeADqUhFu2qLu6938DWITw4JSWTcM1pVfvfeWeP8=
Subject key identifier: 6F:D1:EE:F3:4F:FC:DB:D8:5E:78:BB:C5:8D:F2:5D:27:3E:67:09:37
Certificate issuer: /CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b
Certificate serial: 0194228D698B9647CC01D2B2D527F0837867
Authority key identifier: 5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/b9Hu80_829heeLvFjfJdJz5nCTc.roa
Signing time: Wed 01 Jan 2025 15:48:00 +0000
ROA not before: Wed 01 Jan 2025 15:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5398
IP address blocks: 217.18.0.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:69:8b:96:47:cc:01:d2:b2:d5:27:f0:83:78:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ca9f75dca2cd3b39353e0300b30ba5b62976a2b
Validity
Not Before: Jan 1 15:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fd1eef34ffcdbd85e78bbc58df25d273e670937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a1:54:24:d8:83:15:28:17:7e:f8:4a:58:b8:
65:4e:16:04:24:08:ad:5b:f1:e1:46:39:0b:a6:c2:
14:8d:3d:a3:94:12:69:b9:ac:2c:26:d3:39:da:44:
5c:44:39:87:76:86:4c:ed:35:34:c6:e6:1c:75:76:
21:1c:d0:9f:0a:4d:79:36:fd:dc:03:8f:b8:0a:56:
18:b4:69:1d:5d:7a:17:1f:a5:de:4d:d9:3e:12:b8:
06:6d:15:92:1f:5b:4c:9e:54:9a:0f:55:59:42:39:
96:7e:39:d4:80:e8:6d:1f:d8:d9:6c:23:62:c9:e7:
d4:7d:1d:c8:6f:ed:09:01:75:06:41:54:72:9b:65:
a3:a5:26:a3:5c:08:5f:0c:88:b5:a9:ae:6b:0b:7f:
8e:cd:0a:9b:fa:cb:1c:96:80:6f:5c:bf:bc:60:d5:
c7:c4:2a:70:8f:f4:75:35:04:a9:e3:6c:96:eb:9b:
bd:86:5e:e6:95:d9:45:3b:e9:37:eb:5f:64:24:e0:
f5:8b:4f:9c:e1:eb:28:24:67:fe:65:ba:2e:79:29:
1a:b5:cc:92:f2:47:2d:7b:82:6f:4f:fa:e5:c9:be:
be:83:de:e1:a5:bd:b2:d8:33:87:52:e9:20:12:aa:
54:9c:34:13:58:23:97:ad:30:5b:15:1d:73:46:d4:
94:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D1:EE:F3:4F:FC:DB:D8:5E:78:BB:C5:8D:F2:5D:27:3E:67:09:37
X509v3 Authority Key Identifier:
keyid:5C:A9:F7:5D:CA:2C:D3:B3:93:53:E0:30:0B:30:BA:5B:62:97:6A:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKn3Xcos07OTU-AwCzC6W2KXais.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/b9Hu80_829heeLvFjfJdJz5nCTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/105433-83d9-412c-9fc4-1d51c468d556/1/XKn3Xcos07OTU-AwCzC6W2KXais.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.18.0.0/20
Signature Algorithm: sha256WithRSAEncryption
2f:b9:53:3b:45:77:3c:55:b1:33:99:40:33:0e:2b:b4:56:04:
4a:fa:77:37:e3:46:58:57:67:11:1d:56:e1:31:4a:0a:43:35:
2a:e5:cc:a2:32:d2:2c:d2:31:2e:74:af:1d:93:12:5b:6b:2d:
61:e0:02:ca:61:f1:d0:be:46:41:f6:94:6b:97:84:a0:b1:0b:
ae:a1:01:3b:e3:31:35:10:a2:36:a5:46:11:b7:70:cf:b8:27:
6a:64:95:08:f4:a7:d7:eb:8f:8b:76:6c:1c:a0:e3:c7:f7:5e:
16:5b:1e:f3:0d:c3:84:1a:15:76:0e:0b:e8:f4:ad:37:53:bf:
83:cb:d0:68:e1:56:cc:fd:eb:0d:86:7f:36:08:34:ca:01:07:
9d:07:ec:36:7c:df:c0:79:dc:7c:78:52:d0:b7:eb:a2:d1:4c:
78:11:f8:b9:94:ad:ef:7c:8a:c3:82:00:d9:79:e1:27:90:72:
3e:46:eb:21:fa:c4:a3:b8:e5:84:1a:43:c0:b8:2c:fc:16:79:
b7:b2:22:4a:55:d9:ad:18:67:25:10:97:9a:74:55:cc:67:d5:
c3:4f:5e:29:10:7b:e1:cb:cf:1f:57:25:5c:d4:28:b9:84:00:
6d:03:36:3c:b2:30:47:be:fc:e2:1f:76:16:79:ae:23:5c:38:
19:a0:64:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijWmLlkfMAdKy1Sfwg3hnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTlmNzVkY2EyY2QzYjM5MzUzZTAzMDBiMzBiYTViNjI5
NzZhMmIwHhcNMjUwMTAxMTU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQxZWVmMzRmZmNkYmQ4NWU3OGJiYzU4ZGYyNWQyNzNlNjcwOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6FUJNiDFSgXfvhKWLhlThYEJAit
W/HhRjkLpsIUjT2jlBJpuawsJtM52kRcRDmHdoZM7TU0xuYcdXYhHNCfCk15Nv3c
A4+4ClYYtGkdXXoXH6XeTdk+ErgGbRWSH1tMnlSaD1VZQjmWfjnUgOhtH9jZbCNi
yefUfR3Ib+0JAXUGQVRym2WjpSajXAhfDIi1qa5rC3+OzQqb+sscloBvXL+8YNXH
xCpwj/R1NQSp42yW65u9hl7mldlFO+k3619kJOD1i0+c4esoJGf+ZboueSkatcyS
8kcte4JvT/rlyb6+g97hpb2y2DOHUukgEqpUnDQTWCOXrTBbFR1zRtSURwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/R7vNP/NvYXni7xY3yXSc+Zwk3MB8GA1UdIwQY
MBaAFFyp913KLNOzk1PgMAswultil2orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQt
MWQ1MWM0NjhkNTU2LzEvYjlIdTgwXzgyOWhlZUx2RmpmSmRKejVuQ1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMDU0MzMtODNkOS00MTJjLTlmYzQtMWQ1MWM0NjhkNTU2
LzEvWEtuM1hjb3MwN09UVS1Bd0N6QzZXMktYYWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2RIAMA0G
CSqGSIb3DQEBCwUAA4IBAQAvuVM7RXc8VbEzmUAzDiu0VgRK+nc340ZYV2cRHVbh
MUoKQzUq5cyiMtIs0jEudK8dkxJbay1h4ALKYfHQvkZB9pRrl4SgsQuuoQE74zE1
EKI2pUYRt3DPuCdqZJUI9KfX64+LdmwcoOPH914WWx7zDcOEGhV2Dgvo9K03U7+D
y9Bo4VbM/esNhn82CDTKAQedB+w2fN/Aedx8eFLQt+ui0Ux4Efi5lK3vfIrDggDZ
eeEnkHI+Rush+sSjuOWEGkPAuCz8Fnm3siJKVdmtGGclEJeadFXMZ9XDT14pEHvh
y88fVyVc1Ci5hABtAzY8sjBHvvziH3YWea4jXDgZoGT8
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:40:20 2025 by rpki-client