Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/0by_DrAK9DHAFo0OY_lfVQzG-QU.roa
File: 0by_DrAK9DHAFo0OY_lfVQzG-QU.roa (raw, json)
Hash identifier: tCoR6RqnZ8XJHaLK/dmdNr+Cl2kW+3DxkYwOyDTknvQ=
Subject key identifier: D1:BC:BF:0E:B0:0A:F4:31:C0:16:8D:0E:63:F9:5F:55:0C:C6:F9:05
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0194C3FD5317CA68A837A9B2CBB4FC66E933
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/0by_DrAK9DHAFo0OY_lfVQzG-QU.roa
Signing time: Sun 02 Feb 2025 00:09:06 +0000
ROA not before: Sun 02 Feb 2025 00:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 217.177.0.0/21 maxlen: 24
217.177.32.0/24 maxlen: 24
217.177.35.0/24 maxlen: 24
217.180.12.0/24 maxlen: 24
217.180.22.0/23 maxlen: 24
217.180.61.0/24 maxlen: 24
217.181.64.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c3:fd:53:17:ca:68:a8:37:a9:b2:cb:b4:fc:66:e9:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Feb 2 00:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1bcbf0eb00af431c0168d0e63f95f550cc6f905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:62:ab:9e:71:67:cb:41:83:bc:93:54:6d:c0:
04:dc:4a:b5:a9:fa:e3:ee:d7:42:08:c4:12:4c:32:
72:5b:07:cc:91:19:4b:6a:7b:db:ea:ea:41:4b:67:
be:85:0a:6a:6a:2b:cb:87:df:e8:84:c3:23:9f:03:
b4:0e:62:23:ac:58:e4:89:35:b5:fe:53:47:31:00:
6d:b9:54:b7:23:94:ed:d9:45:09:00:c3:09:64:ed:
d4:47:14:93:b4:55:3d:bf:47:c0:6e:fa:9d:64:4d:
79:bc:76:a6:6c:8a:75:c8:85:dd:c9:e8:f0:d1:98:
f8:75:28:7d:09:ef:d6:6c:18:41:cb:a7:ab:41:dc:
41:09:7c:33:25:db:33:93:9e:cd:fb:fa:42:4b:e6:
40:29:c5:7c:7e:54:ec:0b:ad:39:96:28:6d:cb:82:
48:48:38:d6:f2:d9:f1:4e:02:d6:da:60:9f:33:bd:
90:b0:e1:3f:80:99:2c:4b:99:9a:86:66:c0:ba:cd:
ab:4d:65:0a:4f:a4:85:6b:f1:67:78:9f:25:11:47:
8d:df:c7:d1:0f:77:0a:08:e9:6d:71:c1:b6:6f:43:
d8:96:b9:3f:8d:10:9b:1b:2c:d5:11:a0:71:f9:da:
e4:5e:7e:1d:30:21:c7:b1:86:99:cf:5c:cf:c0:be:
34:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:BC:BF:0E:B0:0A:F4:31:C0:16:8D:0E:63:F9:5F:55:0C:C6:F9:05
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/0by_DrAK9DHAFo0OY_lfVQzG-QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.0.0/21
217.177.32.0/24
217.177.35.0/24
217.180.12.0/24
217.180.22.0/23
217.180.61.0/24
217.181.64.0/22
Signature Algorithm: sha256WithRSAEncryption
81:9f:29:c9:2e:12:59:45:6a:06:a9:be:f3:d8:b0:57:28:b1:
47:8c:38:1f:bd:94:67:c8:83:46:28:d5:13:f2:7f:ab:0a:7d:
11:5b:f1:8e:47:8a:b0:c8:90:7d:1d:3d:ff:e7:a6:fb:bb:8a:
60:f4:5d:fe:f4:86:42:0a:74:e0:13:e0:18:43:ea:8f:e0:2d:
1f:6e:f7:aa:17:5b:27:3d:99:8e:41:77:e0:cc:2d:8c:ea:f6:
3e:21:1e:ea:69:aa:18:e2:ff:1d:93:29:68:b9:4e:84:78:3b:
2f:0e:16:77:b0:25:64:3e:67:0d:53:89:91:20:39:2a:52:a0:
da:e2:f7:4c:71:7c:73:ad:eb:1b:9b:f6:a7:4b:c1:27:74:10:
24:83:96:57:fb:dc:af:d2:b8:de:06:69:d8:4a:93:c2:5c:a1:
55:07:c9:5e:30:15:e0:4e:74:c3:7e:e2:ea:1b:a3:ac:18:00:
7d:16:06:55:15:0c:5c:e3:fc:7b:24:da:bf:f8:0e:8d:37:10:
2b:ba:db:91:88:93:0a:8f:60:be:e0:37:04:78:30:06:a4:4f:
a5:b3:1e:bd:d4:08:2a:16:5d:8d:04:1e:18:9e:95:d5:d0:bd:
78:2f:99:08:cb:6d:c1:a6:db:73:ee:a0:9b:d5:63:2f:19:1d:
a6:3d:f3:ce
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZTD/VMXymioN6myy7T8ZukzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMjAyMDAwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWJjYmYwZWIwMGFmNDMxYzAxNjhkMGU2M2Y5NWY1NTBjYzZmOTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWKrnnFny0GDvJNUbcAE3Eq1qfrj
7tdCCMQSTDJyWwfMkRlLanvb6upBS2e+hQpqaivLh9/ohMMjnwO0DmIjrFjkiTW1
/lNHMQBtuVS3I5Tt2UUJAMMJZO3URxSTtFU9v0fAbvqdZE15vHambIp1yIXdyejw
0Zj4dSh9Ce/WbBhBy6erQdxBCXwzJdszk57N+/pCS+ZAKcV8flTsC605lihty4JI
SDjW8tnxTgLW2mCfM72QsOE/gJksS5mahmbAus2rTWUKT6SFa/FneJ8lEUeN38fR
D3cKCOltccG2b0PYlrk/jRCbGyzVEaBx+drkXn4dMCHHsYaZz1zPwL40yQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNG8vw6wCvQxwBaNDmP5X1UMxvkFMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvMGJ5X0RyQUs5REhBRm8wT1lfbGZWUXpHLVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQD2bEAAwQA
2bEgAwQA2bEjAwQA2bQMAwQB2bQWAwQA2bQ9AwQC2bVAMA0GCSqGSIb3DQEBCwUA
A4IBAQCBnynJLhJZRWoGqb7z2LBXKLFHjDgfvZRnyINGKNUT8n+rCn0RW/GOR4qw
yJB9HT3/56b7u4pg9F3+9IZCCnTgE+AYQ+qP4C0fbveqF1snPZmOQXfgzC2M6vY+
IR7qaaoY4v8dkylouU6EeDsvDhZ3sCVkPmcNU4mRIDkqUqDa4vdMcXxzresbm/an
S8EndBAkg5ZX+9yv0rjeBmnYSpPCXKFVB8leMBXgTnTDfuLqG6OsGAB9FgZVFQxc
4/x7JNq/+A6NNxArutuRiJMKj2C+4DcEeDAGpE+lsx691AgqFl2NBB4YnpXV0L14
L5kIy23Bpttz7qCb1WMvGR2mPfPO
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:23:00 2025 by rpki-client