Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hdy8kTx31m64vuhE7BBid5RZMAE.roa
File: hdy8kTx31m64vuhE7BBid5RZMAE.roa (raw, json)
Hash identifier: PIj+0YFMWc9zu05+GIAXm5YTEepkhJjva5VfK8fRW0Y=
Subject key identifier: 85:DC:BC:91:3C:77:D6:6E:B8:BE:E8:44:EC:10:62:77:94:59:30:01
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195B4EFD01A5A0C94A9B27D937B7EFFB380
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hdy8kTx31m64vuhE7BBid5RZMAE.roa
Signing time: Thu 20 Mar 2025 19:02:50 +0000
ROA not before: Thu 20 Mar 2025 19:02:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215211
IP address blocks: 217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
217.60.255.0/24 maxlen: 24
2a14:6e40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b4:ef:d0:1a:5a:0c:94:a9:b2:7d:93:7b:7e:ff:b3:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 20 19:02:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85dcbc913c77d66eb8bee844ec10627794593001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bf:c4:3b:0a:eb:e8:97:2c:87:cc:c3:36:c9:
b9:9d:d6:8d:97:87:2f:0c:65:73:b8:95:a7:7f:97:
d4:45:3d:5b:9d:69:e7:c4:0e:02:39:68:f3:04:89:
cd:04:70:92:1c:32:c3:08:d1:be:9f:d9:95:90:e8:
c0:ac:ad:c2:80:82:c4:5c:52:31:9f:70:f2:db:6b:
2b:ba:8e:fd:d8:a8:88:06:f9:a8:16:c6:92:54:52:
9e:b2:89:55:81:0e:3b:6d:13:b2:83:45:4b:83:ff:
b6:f1:c6:46:0c:7e:45:fd:c4:3f:c9:f6:16:53:ca:
c9:a2:4c:c7:5c:b7:ce:4a:62:72:2e:43:fe:9f:6d:
90:b5:8b:27:7e:32:56:bc:9f:01:35:83:9e:48:ab:
b5:37:3c:f4:95:1b:44:90:40:b7:a3:75:6c:29:24:
30:da:22:6a:06:5f:9c:38:5a:05:c5:9f:45:91:74:
12:5a:e8:6b:58:df:96:b0:22:02:42:34:2b:73:c7:
88:2c:25:18:98:13:5f:13:1d:77:62:e0:59:8d:de:
5f:b3:4e:1c:94:c6:1b:35:80:8d:aa:26:46:cc:0f:
11:f8:d1:a6:98:57:2b:67:51:74:3b:4a:59:d1:7d:
32:bd:f2:a4:94:6a:c4:7a:e8:f3:5c:e8:96:76:aa:
63:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DC:BC:91:3C:77:D6:6E:B8:BE:E8:44:EC:10:62:77:94:59:30:01
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hdy8kTx31m64vuhE7BBid5RZMAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.196.0/23
217.60.244.0/23
217.60.255.0/24
IPv6:
2a14:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
1b:14:7f:af:69:fa:7b:7d:f1:88:dc:ad:f4:8d:b5:5c:ea:e4:
56:7f:42:e9:e3:49:05:09:2c:4d:ad:dd:da:af:99:2b:3a:59:
5c:fa:49:d0:13:84:2f:aa:bb:4d:79:64:97:57:a9:57:db:7c:
5f:fe:c6:cf:b9:10:b8:ff:20:71:8d:07:3c:1c:73:ad:38:5d:
7d:73:de:68:98:97:d4:fd:4c:65:e3:6a:7d:0e:c8:c3:5f:cc:
85:24:55:a8:af:9d:bd:48:a9:36:de:a2:18:90:56:aa:ec:f1:
43:8d:0c:5f:6c:be:ea:6b:26:51:19:33:f6:6f:06:b6:c7:28:
4e:15:ce:9a:65:b7:e9:cf:11:5d:b4:db:f3:0a:1d:5c:eb:48:
15:f0:f2:d3:46:e3:dd:7c:54:db:9c:05:c5:8d:95:a4:9b:ec:
dc:8b:c2:6e:8d:4a:8d:90:a4:73:97:f5:99:07:cc:dd:00:de:
24:35:93:79:d4:5d:58:ca:4a:70:3d:7d:8b:bc:3d:27:13:1f:
8e:7e:59:f8:2d:0b:a7:c3:fb:bd:6c:82:10:3f:8d:fa:f2:f1:
0c:01:e0:51:fc:9b:f7:fa:26:14:d6:4b:dc:4e:8b:7f:de:c3:
ba:12:25:10:e3:40:95:9c:f2:60:ae:49:b5:a3:0d:fc:20:d2:
7e:e2:8c:d5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZW079AaWgyUqbJ9k3t+/7OAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzIwMTkwMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWRjYmM5MTNjNzdkNjZlYjhiZWU4NDRlYzEwNjI3Nzk0NTkzMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7/EOwrr6Jcsh8zDNsm5ndaNl4cv
DGVzuJWnf5fURT1bnWnnxA4COWjzBInNBHCSHDLDCNG+n9mVkOjArK3CgILEXFIx
n3Dy22sruo792KiIBvmoFsaSVFKesolVgQ47bROyg0VLg/+28cZGDH5F/cQ/yfYW
U8rJokzHXLfOSmJyLkP+n22QtYsnfjJWvJ8BNYOeSKu1Nzz0lRtEkEC3o3VsKSQw
2iJqBl+cOFoFxZ9FkXQSWuhrWN+WsCICQjQrc8eILCUYmBNfEx13YuBZjd5fs04c
lMYbNYCNqiZGzA8R+NGmmFcrZ1F0O0pZ0X0yvfKklGrEeujzXOiWdqpj9QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIXcvJE8d9ZuuL7oROwQYneUWTABMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaGR5OGtUeDMxbTY0dnVoRTdCQmlkNVJaTUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQB2TzEAwQB
2Tz0AwQA2Tz/MA0EAgACMAcDBQAqFG5AMA0GCSqGSIb3DQEBCwUAA4IBAQAbFH+v
afp7ffGI3K30jbVc6uRWf0Lp40kFCSxNrd3ar5krOllc+knQE4QvqrtNeWSXV6lX
23xf/sbPuRC4/yBxjQc8HHOtOF19c95omJfU/Uxl42p9DsjDX8yFJFWor529SKk2
3qIYkFaq7PFDjQxfbL7qayZRGTP2bwa2xyhOFc6aZbfpzxFdtNvzCh1c60gV8PLT
RuPdfFTbnAXFjZWkm+zci8JujUqNkKRzl/WZB8zdAN4kNZN51F1YykpwPX2LvD0n
Ex+Ofln4LQunw/u9bIIQP4368vEMAeBR/Jv3+iYU1kvcTot/3sO6EiUQ40CVnPJg
rkm1ow38INJ+4ozV
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:10:43 2025 by rpki-client