Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/986946-58b8-49f1-8bb4-7f955e68e693/1/dcZCZyJnUa9OGjqhgO8EzJhev_8.roa
File: dcZCZyJnUa9OGjqhgO8EzJhev_8.roa (raw, json)
Hash identifier: +vp1kJkBWnkCuoQSfxqjZGywW5j8N3+tXcpVWeF5atc=
Subject key identifier: 75:C6:42:67:22:67:51:AF:4E:1A:3A:A1:80:EF:04:CC:98:5E:BF:FF
Certificate issuer: /CN=f03528a5045200f614da2bf3a5bcd2624c8f73ac
Certificate serial: 018571954E7B96C1C35F63E8EEB6248703A0
Authority key identifier: F0:35:28:A5:04:52:00:F6:14:DA:2B:F3:A5:BC:D2:62:4C:8F:73:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DUopQRSAPYU2ivzpbzSYkyPc6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/986946-58b8-49f1-8bb4-7f955e68e693/1/dcZCZyJnUa9OGjqhgO8EzJhev_8.roa
Signing time: Mon 02 Jan 2023 08:24:48 +0000
ROA not before: Mon 02 Jan 2023 08:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56851
IP address blocks: 217.28.140.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:4e:7b:96:c1:c3:5f:63:e8:ee:b6:24:87:03:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f03528a5045200f614da2bf3a5bcd2624c8f73ac
Validity
Not Before: Jan 2 08:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75c64267226751af4e1a3aa180ef04cc985ebfff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:be:b2:a7:14:f2:6d:3b:f0:4b:a7:5a:ca:7e:
99:47:b2:4e:2f:bb:1f:76:c3:4f:07:ce:4a:9e:ef:
cc:f9:b8:2d:ce:1e:fe:8c:77:ad:c3:a6:51:f6:45:
d5:83:b8:10:5f:66:78:ae:ec:1b:3d:db:fa:d9:a6:
c7:c0:ca:16:e8:07:db:c6:1c:2b:2f:55:ec:06:d9:
35:32:45:18:7b:37:6b:8f:01:9e:fd:5e:66:a3:01:
dd:45:4c:ab:bd:22:75:af:1c:11:fb:97:64:9b:36:
0a:6e:86:2e:3c:09:ab:2a:cf:d6:e0:70:43:f4:4e:
27:65:66:7b:c3:36:98:2b:13:d7:df:22:eb:12:f1:
f0:14:b8:9d:95:1f:f8:58:35:73:1c:5d:de:fc:3c:
4d:73:47:68:f1:55:00:26:af:e8:c2:b9:e2:8f:ec:
7f:18:a9:f4:df:dc:b8:ca:fa:ee:ad:7a:e0:0e:ee:
f3:78:d7:73:cc:b5:93:7a:60:c1:4d:98:d3:b1:24:
a7:2c:3d:ca:1b:60:11:c9:c1:01:1a:ab:1b:ae:b8:
aa:cd:a8:f2:51:95:ee:58:98:c6:ce:c7:64:9e:83:
b0:f3:0c:45:45:2b:f6:da:08:76:1d:48:90:29:f0:
ca:8a:9d:32:0e:3c:b7:46:6a:31:c8:e8:38:88:7b:
b8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C6:42:67:22:67:51:AF:4E:1A:3A:A1:80:EF:04:CC:98:5E:BF:FF
X509v3 Authority Key Identifier:
keyid:F0:35:28:A5:04:52:00:F6:14:DA:2B:F3:A5:BC:D2:62:4C:8F:73:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DUopQRSAPYU2ivzpbzSYkyPc6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/986946-58b8-49f1-8bb4-7f955e68e693/1/dcZCZyJnUa9OGjqhgO8EzJhev_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/986946-58b8-49f1-8bb4-7f955e68e693/1/8DUopQRSAPYU2ivzpbzSYkyPc6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.140.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:f7:65:4c:5a:cf:c6:60:1d:61:43:d0:94:54:9c:c1:cb:2b:
6d:76:39:64:28:d0:96:31:40:5f:e6:9f:7b:96:a6:97:43:6a:
34:ae:c4:23:a6:cd:d2:ba:1e:0c:5a:d4:6a:79:6d:6c:40:67:
ba:a9:dc:29:58:b0:b6:42:0f:6a:99:fb:6c:4e:ab:ce:27:40:
9a:29:81:8c:08:a6:78:2a:37:6c:b0:37:ea:04:93:97:73:50:
d7:2e:ec:8b:76:d8:94:77:2b:fa:c5:27:b7:9f:64:d6:eb:97:
5f:4b:d6:dd:de:52:51:5e:77:35:6f:eb:a1:6a:df:8f:85:e8:
34:96:72:c2:5b:c5:04:d9:85:2c:51:ce:69:d2:7f:61:a8:e0:
71:16:92:22:a4:da:1e:07:aa:ca:24:1b:4a:5a:5d:4d:66:17:
df:0b:ea:56:32:3c:ba:db:bf:46:7b:5e:cb:dc:de:7d:20:0c:
e5:65:75:4f:fa:da:79:48:e6:65:ec:b3:94:9c:75:87:7a:0d:
ff:6a:72:a2:1b:02:90:b5:61:83:3f:28:5e:b8:05:81:02:de:
c2:6b:df:3a:c0:08:d2:07:03:c3:14:70:08:43:22:ce:02:8e:
6d:60:bc:14:88:b3:ad:16:0b:59:3b:3e:52:68:4a:fc:0a:43:
57:e3:71:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlU57lsHDX2Po7rYkhwOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzUyOGE1MDQ1MjAwZjYxNGRhMmJmM2E1YmNkMjYyNGM4
ZjczYWMwHhcNMjMwMTAyMDgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWM2NDI2NzIyNjc1MWFmNGUxYTNhYTE4MGVmMDRjYzk4NWViZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb6ypxTybTvwS6dayn6ZR7JOL7sf
dsNPB85Knu/M+bgtzh7+jHetw6ZR9kXVg7gQX2Z4ruwbPdv62abHwMoW6Afbxhwr
L1XsBtk1MkUYezdrjwGe/V5mowHdRUyrvSJ1rxwR+5dkmzYKboYuPAmrKs/W4HBD
9E4nZWZ7wzaYKxPX3yLrEvHwFLidlR/4WDVzHF3e/DxNc0do8VUAJq/owrnij+x/
GKn039y4yvrurXrgDu7zeNdzzLWTemDBTZjTsSSnLD3KG2ARycEBGqsbrriqzajy
UZXuWJjGzsdknoOw8wxFRSv22gh2HUiQKfDKip0yDjy3RmoxyOg4iHu4DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHXGQmciZ1GvTho6oYDvBMyYXr//MB8GA1UdIwQY
MBaAFPA1KKUEUgD2FNor86W80mJMj3OsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERVb3BRUlNBUFlVMml2enBielNZa3lQYzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85ODY5NDYtNThiOC00OWYxLThiYjQt
N2Y5NTVlNjhlNjkzLzEvZGNaQ1p5Sm5VYTlPR2pxaGdPOEV6Smhldl84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85ODY5NDYtNThiOC00OWYxLThiYjQtN2Y5NTVlNjhlNjkz
LzEvOERVb3BRUlNBUFlVMml2enBielNZa3lQYzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyMMA0G
CSqGSIb3DQEBCwUAA4IBAQAN92VMWs/GYB1hQ9CUVJzByyttdjlkKNCWMUBf5p97
lqaXQ2o0rsQjps3Suh4MWtRqeW1sQGe6qdwpWLC2Qg9qmftsTqvOJ0CaKYGMCKZ4
KjdssDfqBJOXc1DXLuyLdtiUdyv6xSe3n2TW65dfS9bd3lJRXnc1b+uhat+Pheg0
lnLCW8UE2YUsUc5p0n9hqOBxFpIipNoeB6rKJBtKWl1NZhffC+pWMjy6279Ge17L
3N59IAzlZXVP+tp5SOZl7LOUnHWHeg3/anKiGwKQtWGDPyheuAWBAt7Ca986wAjS
BwPDFHAIQyLOAo5tYLwUiLOtFgtZOz5SaEr8CkNX43Fj
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:11:40 2025 by rpki-client