Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/9b16f3-0100-4964-9ec9-e5ec2cc647aa/1/2Y-BQWwW7_ggvBXNnc8W9Hw_ByE.roa
File: 2Y-BQWwW7_ggvBXNnc8W9Hw_ByE.roa (raw, json)
Hash identifier: JhmK62xSjdy0MLOq5+Y9bNPh5TyhHzNoMKSxAmlyqP4=
Subject key identifier: D9:8F:81:41:6C:16:EF:F8:20:BC:15:CD:9D:CF:16:F4:7C:3F:07:21
Certificate issuer: /CN=9b47ee1f17c987debb2c020d8b5f2d8bdadbeb77
Certificate serial: 01941F8C9CF10234848C918DAB3869D6BE29
Authority key identifier: 9B:47:EE:1F:17:C9:87:DE:BB:2C:02:0D:8B:5F:2D:8B:DA:DB:EB:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m0fuHxfJh967LAINi18ti9rb63c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/9b16f3-0100-4964-9ec9-e5ec2cc647aa/1/2Y-BQWwW7_ggvBXNnc8W9Hw_ByE.roa
Signing time: Wed 01 Jan 2025 01:48:16 +0000
ROA not before: Wed 01 Jan 2025 01:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 217.8.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9c:f1:02:34:84:8c:91:8d:ab:38:69:d6:be:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b47ee1f17c987debb2c020d8b5f2d8bdadbeb77
Validity
Not Before: Jan 1 01:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d98f81416c16eff820bc15cd9dcf16f47c3f0721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:30:ec:23:62:20:6d:2d:51:3e:19:21:2d:e2:
82:e8:2c:79:ee:94:49:0d:62:08:3b:ce:24:0b:d9:
cf:62:6c:ac:d1:f4:3e:a2:3a:ea:af:fd:3e:a0:69:
ca:8b:f4:d0:e1:0e:76:25:3e:60:07:7a:23:02:68:
21:91:da:5c:44:2e:9b:2e:b3:35:57:e3:4f:f1:4e:
6b:ea:83:c8:e4:4a:f3:58:40:1d:98:45:8a:79:8e:
0a:01:5e:40:b9:98:8d:16:b6:fd:23:9b:e1:98:e1:
b0:99:38:22:fd:27:91:aa:7b:5e:79:90:c5:9d:4c:
27:e7:01:ac:1f:4b:15:18:02:56:fb:ec:70:4a:2b:
e9:91:c8:1d:c6:98:92:0d:c3:07:49:43:21:b3:b8:
54:05:81:6b:3d:7f:6d:30:a9:3f:80:1b:1e:e6:61:
79:c0:61:2d:24:60:d5:d4:30:8c:3a:71:f2:51:03:
4c:78:34:6d:71:33:47:38:9f:0c:93:a8:e8:25:55:
5c:18:d5:5e:bd:e6:b5:b5:e4:7b:2b:7f:8b:f4:5e:
27:dd:6f:b9:73:cf:15:24:6c:88:63:2f:dd:0d:c8:
7a:75:72:a2:d3:87:e9:cc:39:ad:e0:63:69:0b:fa:
4b:40:6b:11:23:0a:47:dd:c3:64:81:75:7a:bc:87:
f9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:8F:81:41:6C:16:EF:F8:20:BC:15:CD:9D:CF:16:F4:7C:3F:07:21
X509v3 Authority Key Identifier:
keyid:9B:47:EE:1F:17:C9:87:DE:BB:2C:02:0D:8B:5F:2D:8B:DA:DB:EB:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m0fuHxfJh967LAINi18ti9rb63c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/9b16f3-0100-4964-9ec9-e5ec2cc647aa/1/2Y-BQWwW7_ggvBXNnc8W9Hw_ByE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/9b16f3-0100-4964-9ec9-e5ec2cc647aa/1/m0fuHxfJh967LAINi18ti9rb63c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.8.118.0/24
Signature Algorithm: sha256WithRSAEncryption
41:da:38:2a:f1:01:c7:2c:14:a0:14:dc:5e:99:e1:7f:a4:5c:
be:b1:8f:20:0e:a2:95:71:aa:c7:86:1b:9e:0f:15:3f:d8:81:
9d:83:df:32:21:66:36:86:e3:58:18:5a:b9:c4:2b:dc:15:25:
35:d7:25:63:8b:ba:d4:26:c3:fd:8e:5c:0e:a6:db:ed:4e:cf:
e1:6f:59:94:74:49:51:24:7a:25:a5:77:47:a0:b9:29:19:3a:
b1:48:8c:98:0e:50:79:93:61:b0:a6:a7:71:da:cb:d1:d8:2e:
3f:bd:66:05:c8:d3:76:77:c8:14:0c:c7:72:0b:bc:3a:99:d8:
1e:2a:31:16:f8:29:48:b8:6d:32:9f:0c:13:cb:4b:e1:2b:8f:
d7:a4:05:51:e9:9f:03:73:76:20:16:ee:a4:71:a4:47:e6:61:
e4:f0:07:b7:60:52:ba:cf:b2:a4:a7:12:23:3a:0b:61:47:bd:
4b:21:a3:8b:3a:4d:46:04:c4:a2:62:a8:eb:ee:88:0f:65:16:
1b:d3:9e:f8:e3:e6:ab:7d:15:3f:9e:be:dd:7a:29:0c:88:da:
31:5c:27:2f:01:a7:c4:c6:92:6e:e9:df:ff:c9:69:49:29:1c:
fd:b0:aa:34:d5:de:41:df:ea:44:60:29:9e:68:a2:77:1a:70:
47:9b:7f:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJzxAjSEjJGNqzhp1r4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNDdlZTFmMTdjOTg3ZGViYjJjMDIwZDhiNWYyZDhiZGFk
YmViNzcwHhcNMjUwMTAxMDE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOThmODE0MTZjMTZlZmY4MjBiYzE1Y2Q5ZGNmMTZmNDdjM2YwNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9DDsI2IgbS1RPhkhLeKC6Cx57pRJ
DWIIO84kC9nPYmys0fQ+ojrqr/0+oGnKi/TQ4Q52JT5gB3ojAmghkdpcRC6bLrM1
V+NP8U5r6oPI5ErzWEAdmEWKeY4KAV5AuZiNFrb9I5vhmOGwmTgi/SeRqnteeZDF
nUwn5wGsH0sVGAJW++xwSivpkcgdxpiSDcMHSUMhs7hUBYFrPX9tMKk/gBse5mF5
wGEtJGDV1DCMOnHyUQNMeDRtcTNHOJ8Mk6joJVVcGNVevea1teR7K3+L9F4n3W+5
c88VJGyIYy/dDch6dXKi04fpzDmt4GNpC/pLQGsRIwpH3cNkgXV6vIf56wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmPgUFsFu/4ILwVzZ3PFvR8PwchMB8GA1UdIwQY
MBaAFJtH7h8XyYfeuywCDYtfLYva2+t3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTBmdUh4ZkpoOTY3TEFJTmkxOHRpOXJiNjNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS85YjE2ZjMtMDEwMC00OTY0LTllYzkt
ZTVlYzJjYzY0N2FhLzEvMlktQlFXd1c3X2dndkJYTm5jOFc5SHdfQnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS85YjE2ZjMtMDEwMC00OTY0LTllYzktZTVlYzJjYzY0N2Fh
LzEvbTBmdUh4ZkpoOTY3TEFJTmkxOHRpOXJiNjNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Qh2MA0G
CSqGSIb3DQEBCwUAA4IBAQBB2jgq8QHHLBSgFNxemeF/pFy+sY8gDqKVcarHhhue
DxU/2IGdg98yIWY2huNYGFq5xCvcFSU11yVji7rUJsP9jlwOptvtTs/hb1mUdElR
JHolpXdHoLkpGTqxSIyYDlB5k2Gwpqdx2svR2C4/vWYFyNN2d8gUDMdyC7w6mdge
KjEW+ClIuG0ynwwTy0vhK4/XpAVR6Z8Dc3YgFu6kcaRH5mHk8Ae3YFK6z7KkpxIj
OgthR71LIaOLOk1GBMSiYqjr7ogPZRYb05744+arfRU/nr7deikMiNoxXCcvAafE
xpJu6d//yWlJKRz9sKo01d5B3+pEYCmeaKJ3GnBHm3/2
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:43:16 2025 by rpki-client