Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/t0D44ZEz-Iwp8V7DioKFvN034bQ.roa
File: t0D44ZEz-Iwp8V7DioKFvN034bQ.roa (raw, json)
Hash identifier: K8kKIwIIPrr5Q1UjO/lgEqHXhtdvg37UIe6vY7RGrZw=
Subject key identifier: B7:40:F8:E1:91:33:F8:8C:29:F1:5E:C3:8A:82:85:BC:DD:37:E1:B4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01955B9B507F8767A2087EC2B498B34A22D2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/t0D44ZEz-Iwp8V7DioKFvN034bQ.roa
Signing time: Mon 03 Mar 2025 10:44:20 +0000
ROA not before: Mon 03 Mar 2025 10:44:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18811
IP address blocks: 217.60.0.0/21 maxlen: 24
217.60.8.0/21 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.32.0/21 maxlen: 24
217.60.44.0/22 maxlen: 24
217.60.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:9b:50:7f:87:67:a2:08:7e:c2:b4:98:b3:4a:22:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 3 10:44:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b740f8e19133f88c29f15ec38a8285bcdd37e1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f6:0e:59:eb:7a:03:cd:c2:e5:0a:c4:5c:85:
fe:62:aa:09:00:d6:ad:fc:82:9e:52:b9:98:31:1e:
fc:2d:8f:01:4e:47:5f:8b:22:f1:1e:ce:9b:b8:a6:
88:b2:5b:0e:6c:c9:4d:5b:a7:3f:b6:36:02:dc:0d:
a7:ce:a8:00:d0:46:0f:3c:58:33:6f:3c:03:22:66:
a6:2c:bf:7c:86:79:4a:96:02:ea:6d:fd:b8:e5:f7:
7f:d1:84:e2:56:80:5b:de:73:a7:ba:05:88:a3:c3:
91:ab:d3:10:17:8d:89:03:18:c3:a8:d6:db:eb:13:
2a:36:73:b6:d7:7b:8e:b6:b3:62:dd:c7:4d:7a:a2:
8c:33:29:ca:75:9a:98:06:32:b2:bb:27:09:64:a9:
1b:ce:8d:bb:58:db:b7:f4:82:37:4a:0b:25:5b:23:
7a:ec:06:85:eb:46:1f:0b:09:22:40:17:5c:37:29:
b9:bb:b7:60:85:2d:8d:d2:55:cb:fa:80:13:73:bc:
d8:64:74:be:ab:70:f1:6b:da:70:c6:b2:cd:c1:31:
59:c3:10:24:8f:3d:c7:f4:61:98:ee:87:a8:86:a1:
1d:4c:ff:c5:91:bf:9e:d8:ca:2d:1a:f3:a0:b7:b6:
e5:c7:d7:76:c1:76:ef:a1:89:cf:99:09:ef:22:2f:
a8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:40:F8:E1:91:33:F8:8C:29:F1:5E:C3:8A:82:85:BC:DD:37:E1:B4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/t0D44ZEz-Iwp8V7DioKFvN034bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.0.0/20
217.60.24.0/22
217.60.32.0/21
217.60.44.0/22
217.60.56.0/21
Signature Algorithm: sha256WithRSAEncryption
67:28:4c:0c:24:3f:7b:ba:09:36:be:4a:43:f2:b7:20:09:df:
71:ee:33:a5:00:96:bf:67:36:db:04:94:4e:cc:e6:87:ab:78:
4f:b0:c0:42:00:d3:c6:bd:1d:5f:c6:02:a9:bd:e7:e1:32:c0:
7b:7b:b5:0c:af:13:46:aa:7d:07:04:cc:a1:36:c1:c2:01:e0:
07:47:e0:d2:90:fe:74:a2:74:8b:83:ee:f7:40:ea:a7:29:e1:
25:ac:7f:c3:b1:97:09:c9:f0:31:e8:d0:d2:a3:d5:27:65:05:
36:d0:fb:53:0a:77:f7:24:16:bb:50:e0:f1:b0:95:50:50:4b:
24:ec:5a:e5:f0:21:cd:89:af:d7:a0:7f:8a:d9:9e:42:3f:d1:
cd:61:6e:4b:ce:07:d9:98:74:eb:77:1f:7f:de:dd:42:5a:1f:
45:04:80:31:86:2b:2c:15:55:6a:a1:46:b4:9f:06:41:8f:97:
9b:24:7b:ea:f0:e7:bd:a4:fc:be:3b:a2:af:7d:20:73:17:0b:
1c:a0:9d:6d:49:34:33:c1:97:33:25:51:07:8b:22:f4:a4:65:
b6:e5:16:72:f8:0f:0a:92:34:e8:13:32:28:17:ea:63:fa:9b:
2b:b7:ab:44:e9:08:49:7f:8a:6f:c6:9d:b1:31:da:42:35:e9:
26:ff:9a:10
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZVbm1B/h2eiCH7CtJizSiLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzAzMTA0NDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzQwZjhlMTkxMzNmODhjMjlmMTVlYzM4YTgyODViY2RkMzdlMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfYOWet6A83C5QrEXIX+YqoJANat
/IKeUrmYMR78LY8BTkdfiyLxHs6buKaIslsObMlNW6c/tjYC3A2nzqgA0EYPPFgz
bzwDImamLL98hnlKlgLqbf245fd/0YTiVoBb3nOnugWIo8ORq9MQF42JAxjDqNbb
6xMqNnO213uOtrNi3cdNeqKMMynKdZqYBjKyuycJZKkbzo27WNu39II3SgslWyN6
7AaF60YfCwkiQBdcNym5u7dghS2N0lXL+oATc7zYZHS+q3Dxa9pwxrLNwTFZwxAk
jz3H9GGY7oeohqEdTP/Fkb+e2MotGvOgt7blx9d2wXbvoYnPmQnvIi+oowIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLdA+OGRM/iMKfFew4qChbzdN+G0MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdDBENDRaRXotSXdwOFY3RGlvS0Z2TjAzNGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQE2TwAAwQC
2TwYAwQD2TwgAwQC2TwsAwQD2Tw4MA0GCSqGSIb3DQEBCwUAA4IBAQBnKEwMJD97
ugk2vkpD8rcgCd9x7jOlAJa/ZzbbBJROzOaHq3hPsMBCANPGvR1fxgKpvefhMsB7
e7UMrxNGqn0HBMyhNsHCAeAHR+DSkP50onSLg+73QOqnKeElrH/DsZcJyfAx6NDS
o9UnZQU20PtTCnf3JBa7UODxsJVQUEsk7Frl8CHNia/XoH+K2Z5CP9HNYW5LzgfZ
mHTrdx9/3t1CWh9FBIAxhissFVVqoUa0nwZBj5ebJHvq8Oe9pPy+O6KvfSBzFwsc
oJ1tSTQzwZczJVEHiyL0pGW25RZy+A8KkjToEzIoF+pj+psrt6tE6QhJf4pvxp2x
MdpCNekm/5oQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:34:28 2025 by rpki-client