Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/gbjyDe1jMzAx-GtGqvOl5rcNw2Y.roa
File: gbjyDe1jMzAx-GtGqvOl5rcNw2Y.roa (raw, json)
Hash identifier: bZY4frDqpa0VtHIgDLvz2UTVVluMMplhW24wn9Ofe38=
Subject key identifier: 81:B8:F2:0D:ED:63:33:30:31:F8:6B:46:AA:F3:A5:E6:B7:0D:C3:66
Certificate issuer: /CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Certificate serial: 019427B53B65A4F6BE6898391D8D3FF9B03A
Authority key identifier: 02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/gbjyDe1jMzAx-GtGqvOl5rcNw2Y.roa
Signing time: Thu 02 Jan 2025 15:49:36 +0000
ROA not before: Thu 02 Jan 2025 15:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 217.163.11.0/24 maxlen: 24
217.163.23.0/24 maxlen: 24
217.163.28.0/23 maxlen: 24
217.163.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:3b:65:a4:f6:be:68:98:39:1d:8d:3f:f9:b0:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0232a4bfb7796405a556b759f1d193e4c4d37129
Validity
Not Before: Jan 2 15:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81b8f20ded63333031f86b46aaf3a5e6b70dc366
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:11:1a:ac:80:a7:4e:19:93:b7:61:1f:f7:7a:
4b:11:1b:fd:70:a1:3c:3f:4b:dd:a6:37:50:55:97:
53:cb:bc:51:88:b9:cb:f5:af:dd:de:bf:d5:a7:07:
d8:52:d7:78:90:a7:61:f2:33:b1:be:b0:39:d4:8a:
51:ae:e5:06:ab:92:36:a7:a0:8e:55:f6:88:3b:48:
15:e8:68:e2:aa:91:f7:cc:3a:80:54:dc:62:b2:eb:
bb:b7:78:02:83:34:c7:7a:21:b2:85:45:8b:b5:07:
8f:5a:c7:7a:53:36:ca:d9:71:86:9c:e1:f7:a9:1e:
03:df:ad:47:38:dc:9e:ef:b9:54:f3:44:d6:a1:d2:
d9:84:5c:f7:08:81:b6:3c:b5:bc:69:c6:df:89:2a:
80:7a:c6:bd:f1:18:c7:d4:71:03:44:8e:72:37:63:
70:bf:9a:7d:d7:d4:98:ff:ea:f9:a2:46:92:86:f8:
ad:a2:96:8a:7c:f3:8e:cd:88:85:59:da:05:3e:f0:
9f:73:02:8e:4c:36:2a:b1:14:5d:3b:3c:cd:74:3c:
44:c2:b2:9c:7f:c8:37:ca:63:6e:5b:75:63:b8:e2:
cd:8b:ea:6b:21:97:dd:6d:ab:9d:56:b7:f9:bb:93:
c6:86:13:40:f9:1c:74:bb:b9:1d:da:b4:eb:8c:1a:
f5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B8:F2:0D:ED:63:33:30:31:F8:6B:46:AA:F3:A5:E6:B7:0D:C3:66
X509v3 Authority Key Identifier:
keyid:02:32:A4:BF:B7:79:64:05:A5:56:B7:59:F1:D1:93:E4:C4:D3:71:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/gbjyDe1jMzAx-GtGqvOl5rcNw2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/a7ce7a-8443-46eb-8cba-3bb4d6200518/1/AjKkv7d5ZAWlVrdZ8dGT5MTTcSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.163.11.0/24
217.163.23.0/24
217.163.28.0-217.163.30.255
Signature Algorithm: sha256WithRSAEncryption
b5:0b:79:c6:1a:02:5a:c0:97:8c:cf:ad:62:f3:6e:d3:f1:76:
69:3d:6d:42:ee:04:39:2c:4f:f0:fb:56:60:77:ba:af:13:d0:
05:73:97:7c:da:39:8b:3f:16:44:ae:0f:89:11:0f:c4:2d:d0:
0d:e2:5e:69:e5:99:6a:ad:16:b7:ad:17:e3:df:de:c7:a8:e3:
5a:c5:f4:45:8f:8b:b9:67:5f:9d:67:de:3e:39:73:67:ff:79:
6a:96:83:bf:20:3b:22:e8:f7:9e:99:f7:ae:67:9e:fe:50:a4:
56:69:4c:92:0c:e4:08:81:b0:de:d9:d6:f5:b2:30:38:17:0c:
bd:be:39:68:26:e7:ea:c9:36:3c:91:c0:31:86:24:c6:a5:34:
e9:d0:1a:ef:86:46:aa:3a:f7:1a:d1:1f:cf:cd:f9:80:98:c4:
2e:ed:8c:bd:53:77:3f:8f:ba:86:ca:94:a6:17:f1:f9:16:9e:
60:7e:09:b6:b9:01:49:e2:e7:10:55:09:92:7f:86:a8:50:a0:
ee:18:36:6f:e4:0c:45:ec:ae:14:a4:af:6b:c0:3b:6d:c1:fc:
4c:c4:43:1c:81:25:19:4b:b9:4d:fc:35:9c:0a:67:73:92:4a:
56:a9:c8:37:b2:eb:56:93:39:ea:a7:a1:54:8d:b9:e8:60:bf:
55:43:e7:ff
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQntTtlpPa+aJg5HY0/+bA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMzJhNGJmYjc3OTY0MDVhNTU2Yjc1OWYxZDE5M2U0YzRk
MzcxMjkwHhcNMjUwMTAyMTU0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWI4ZjIwZGVkNjMzMzMwMzFmODZiNDZhYWYzYTVlNmI3MGRjMzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwREarICnThmTt2Ef93pLERv9cKE8
P0vdpjdQVZdTy7xRiLnL9a/d3r/VpwfYUtd4kKdh8jOxvrA51IpRruUGq5I2p6CO
VfaIO0gV6GjiqpH3zDqAVNxisuu7t3gCgzTHeiGyhUWLtQePWsd6UzbK2XGGnOH3
qR4D361HONye77lU80TWodLZhFz3CIG2PLW8acbfiSqAesa98RjH1HEDRI5yN2Nw
v5p919SY/+r5okaShvitopaKfPOOzYiFWdoFPvCfcwKOTDYqsRRdOzzNdDxEwrKc
f8g3ymNuW3VjuOLNi+prIZfdbaudVrf5u5PGhhNA+Rx0u7kd2rTrjBr15QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIG48g3tYzMwMfhrRqrzpea3DcNmMB8GA1UdIwQY
MBaAFAIypL+3eWQFpVa3WfHRk+TE03EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEt
M2JiNGQ2MjAwNTE4LzEvZ2JqeURlMWpNekF4LUd0R3F2T2w1cmNOdzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9hN2NlN2EtODQ0My00NmViLThjYmEtM2JiNGQ2MjAwNTE4
LzEvQWpLa3Y3ZDVaQVdsVnJkWjhkR1Q1TVRUY1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQA2aMLAwQA
2aMXMAwDBALZoxwDBADZox4wDQYJKoZIhvcNAQELBQADggEBALULecYaAlrAl4zP
rWLzbtPxdmk9bULuBDksT/D7VmB3uq8T0AVzl3zaOYs/FkSuD4kRD8Qt0A3iXmnl
mWqtFretF+Pf3seo41rF9EWPi7lnX51n3j45c2f/eWqWg78gOyLo956Z965nnv5Q
pFZpTJIM5AiBsN7Z1vWyMDgXDL2+OWgm5+rJNjyRwDGGJMalNOnQGu+GRqo69xrR
H8/N+YCYxC7tjL1Tdz+PuobKlKYX8fkWnmB+Cba5AUni5xBVCZJ/hqhQoO4YNm/k
DEXsrhSkr2vAO23B/EzEQxyBJRlLuU38NZwKZ3OSSlapyDey61aTOeqnoVSNuehg
v1VD5/8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:48 2025 by rpki-client