Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/v2HXLCZWsI0s9KIXOuBOD4NKWbo.roa
File: v2HXLCZWsI0s9KIXOuBOD4NKWbo.roa (raw, json)
Hash identifier: /mndx1AHWJXPlNn93oMmIR/duKvVFpLSwcZoOaPa0GM=
Subject key identifier: BF:61:D7:2C:26:56:B0:8D:2C:F4:A2:17:3A:E0:4E:0F:83:4A:59:BA
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 0194221FA6FE4F9D3810C9E175E4AD919C44
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/v2HXLCZWsI0s9KIXOuBOD4NKWbo.roa
Signing time: Wed 01 Jan 2025 13:48:07 +0000
ROA not before: Wed 01 Jan 2025 13:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206728
IP address blocks: 217.196.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:a6:fe:4f:9d:38:10:c9:e1:75:e4:ad:91:9c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Jan 1 13:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf61d72c2656b08d2cf4a2173ae04e0f834a59ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:83:70:6b:39:11:08:f9:64:c8:a9:87:48:4a:
f3:ce:91:32:8a:1e:b1:5b:78:32:a5:d9:bf:b0:61:
10:66:4c:c3:eb:72:c3:d2:48:1a:e5:37:12:49:5b:
83:38:51:66:ea:85:f2:e4:13:63:89:cc:de:ac:31:
fa:f6:de:2d:9c:b8:d5:cd:f0:59:1b:8d:41:b1:c2:
40:1f:4b:fe:c7:b8:38:48:64:30:76:ae:dc:c8:7b:
ce:78:6c:00:43:02:cc:de:05:88:ee:7e:e8:a0:e1:
ea:7a:57:5f:9e:b7:33:01:b2:e7:b9:35:2e:2b:24:
cf:c1:0f:bc:d4:9b:41:74:25:77:d7:60:fd:3b:21:
70:ed:82:62:a9:b1:56:8a:0d:34:7e:03:cb:86:ce:
fc:d5:5c:94:87:13:d1:5c:52:35:c6:c6:37:65:10:
f9:38:54:62:11:83:80:ef:ec:cd:84:ae:07:8b:5b:
c3:e7:97:61:c5:c6:b0:a5:4f:a9:0e:68:5b:84:ef:
c1:f9:2c:3d:2f:d5:5f:b5:4c:5e:4e:ed:56:d8:bf:
2a:04:bf:91:bc:8c:9b:ab:98:5c:60:36:ad:2f:17:
b0:26:61:48:34:2a:06:27:c0:cd:99:74:66:9d:8b:
e6:98:41:4c:62:ff:3e:28:48:b8:d5:fd:2e:44:6e:
14:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:61:D7:2C:26:56:B0:8D:2C:F4:A2:17:3A:E0:4E:0F:83:4A:59:BA
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/v2HXLCZWsI0s9KIXOuBOD4NKWbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.102.0/24
Signature Algorithm: sha256WithRSAEncryption
32:3e:da:09:b5:b3:f0:e9:fb:3c:6a:de:c5:16:56:ac:36:c1:
93:b3:e2:69:64:91:a6:21:52:13:b2:42:30:56:8c:76:27:5e:
02:49:8e:93:7d:4e:17:12:0e:8e:1c:27:cc:c9:4e:2f:0c:74:
c7:60:f9:fb:1a:6c:e8:60:5f:70:ac:7b:5c:59:89:14:6c:1c:
ed:de:11:f2:22:ec:8a:14:db:81:fa:1a:59:a5:16:36:4e:ea:
f9:af:75:66:87:ec:f4:e2:91:81:b4:3c:db:60:21:19:23:2c:
e9:58:48:91:89:b1:72:23:e3:98:4a:e1:11:5f:71:21:55:92:
54:c9:c7:58:c2:4c:82:ee:f4:8b:68:f1:aa:70:95:d5:4c:0b:
1f:f4:d7:49:da:6b:9d:ed:f9:ed:5b:1c:d1:3f:28:ec:01:b4:
76:a2:6c:4b:b5:f9:0e:b3:5c:01:fb:53:9d:82:3d:04:b6:34:
26:56:c5:bc:c1:b0:1b:8e:3a:5a:76:1a:15:04:10:ab:0f:d1:
e5:9b:80:dd:3d:8d:89:c7:c0:12:a8:07:dd:9a:86:5f:e3:49:
b5:95:68:ad:b8:fb:e9:a8:b4:e4:d8:ba:5b:c8:10:9a:ef:e1:
53:65:a6:d4:dd:a4:00:a5:f5:a1:bd:80:b4:6c:80:59:c3:1d:
82:7e:74:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH6b+T504EMnhdeStkZxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjUwMTAxMTM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjYxZDcyYzI2NTZiMDhkMmNmNGEyMTczYWUwNGUwZjgzNGE1OWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYNwazkRCPlkyKmHSErzzpEyih6x
W3gypdm/sGEQZkzD63LD0kga5TcSSVuDOFFm6oXy5BNjiczerDH69t4tnLjVzfBZ
G41BscJAH0v+x7g4SGQwdq7cyHvOeGwAQwLM3gWI7n7ooOHqeldfnrczAbLnuTUu
KyTPwQ+81JtBdCV312D9OyFw7YJiqbFWig00fgPLhs781VyUhxPRXFI1xsY3ZRD5
OFRiEYOA7+zNhK4Hi1vD55dhxcawpU+pDmhbhO/B+Sw9L9VftUxeTu1W2L8qBL+R
vIybq5hcYDatLxewJmFINCoGJ8DNmXRmnYvmmEFMYv8+KEi41f0uRG4U9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9h1ywmVrCNLPSiFzrgTg+DSlm6MB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvdjJIWExDWldzSTBzOUtJWE91Qk9ENE5LV2JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cRmMA0G
CSqGSIb3DQEBCwUAA4IBAQAyPtoJtbPw6fs8at7FFlasNsGTs+JpZJGmIVITskIw
Vox2J14CSY6TfU4XEg6OHCfMyU4vDHTHYPn7GmzoYF9wrHtcWYkUbBzt3hHyIuyK
FNuB+hpZpRY2Tur5r3Vmh+z04pGBtDzbYCEZIyzpWEiRibFyI+OYSuERX3EhVZJU
ycdYwkyC7vSLaPGqcJXVTAsf9NdJ2mud7fntWxzRPyjsAbR2omxLtfkOs1wB+1Od
gj0EtjQmVsW8wbAbjjpadhoVBBCrD9Hlm4DdPY2Jx8ASqAfdmoZf40m1lWituPvp
qLTk2LpbyBCa7+FTZabU3aQApfWhvYC0bIBZwx2CfnRK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:46 2025 by rpki-client