Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/cK0E2MhGVrGSWPTCnfeQC1sAuxs.roa
File: cK0E2MhGVrGSWPTCnfeQC1sAuxs.roa (raw, json)
Hash identifier: uuk3LoGMturH/eTE0jHSUZ94kTlLI2qzp8ngct2Ku4s=
Subject key identifier: 70:AD:04:D8:C8:46:56:B1:92:58:F4:C2:9D:F7:90:0B:5B:00:BB:1B
Certificate issuer: /CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Certificate serial: 0194236A2E24087A40836627DD953870B269
Authority key identifier: DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/cK0E2MhGVrGSWPTCnfeQC1sAuxs.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29637
IP address blocks: 217.66.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2e:24:08:7a:40:83:66:27:dd:95:38:70:b2:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70ad04d8c84656b19258f4c29df7900b5b00bb1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:02:67:e4:aa:46:c2:cd:d6:9b:b3:c2:9e:79:
65:3e:eb:06:7d:0d:30:b4:85:9b:a1:1b:d4:5a:18:
8a:20:0d:3a:6b:86:48:ec:d1:b0:1c:83:d9:91:98:
0a:f2:5c:9b:c8:f4:ad:a7:3a:f0:53:f5:16:90:5a:
d6:5f:67:64:28:b2:b2:09:84:81:55:5f:4a:cc:2a:
69:e6:ac:58:75:47:87:cd:7e:e8:bb:81:ad:38:b9:
ae:80:b6:84:e2:ba:9f:39:27:31:69:44:6d:c8:5e:
93:68:88:e9:5e:d2:09:f3:7a:ac:4a:e8:49:9b:91:
7d:7f:cb:91:2f:33:17:53:3d:48:85:24:fc:38:90:
08:07:20:b1:f0:24:ad:71:64:9f:d1:84:33:e6:c6:
45:ef:86:b2:1c:d6:ce:95:e1:0b:d0:46:f9:f4:c2:
6a:cb:ec:99:2b:82:73:ce:aa:78:23:28:5b:82:d0:
2c:6b:a9:ed:b1:fb:35:da:76:c3:1e:db:87:b1:4c:
71:50:b3:cf:c7:ca:67:af:90:0a:ec:ac:14:5e:37:
de:18:86:4e:f7:d6:cf:c1:fb:54:01:ae:ec:b3:50:
1f:14:db:f7:4c:66:0a:47:59:3c:d6:62:7a:a8:1e:
b3:85:c8:f9:ae:f5:a7:79:90:82:35:29:be:ee:80:
67:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:AD:04:D8:C8:46:56:B1:92:58:F4:C2:9D:F7:90:0B:5B:00:BB:1B
X509v3 Authority Key Identifier:
keyid:DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/cK0E2MhGVrGSWPTCnfeQC1sAuxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/2vy2Q-aiHi-24hzQZTqwlenr7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.66.96.0/22
Signature Algorithm: sha256WithRSAEncryption
63:ee:87:40:9f:dc:9c:0a:52:78:ee:00:74:57:62:d8:a4:5d:
1f:76:d7:81:47:eb:41:ee:80:6e:73:63:76:dd:6c:b0:2c:d7:
9b:11:5b:9f:31:aa:79:aa:f8:4e:91:6b:0f:da:38:09:89:1f:
dd:76:1c:b2:bb:a1:91:b1:05:49:de:7d:0d:c2:b5:07:8a:fc:
64:8b:ba:a2:7e:8d:3d:80:81:ca:e8:e1:7f:0e:03:6d:5f:7b:
db:7c:c6:ee:fa:62:bc:29:8d:8e:d8:a5:08:33:83:7a:a7:32:
38:cb:79:a5:c1:ab:84:59:10:ac:4f:93:6e:d9:2f:ad:05:2a:
a9:64:ef:9a:5e:38:a4:0a:bc:da:39:2b:27:b3:77:bb:b1:07:
24:96:9d:a4:e9:6a:98:7b:39:95:09:e1:c4:f0:67:5b:e6:78:
a9:f1:01:d6:72:6a:5d:33:01:12:cb:bd:c5:c6:4c:86:d1:5b:
b7:0e:0d:40:52:9a:bf:22:ac:ae:6d:ce:a7:08:6e:4b:e3:94:
57:96:9f:ef:a4:98:ae:5c:74:de:84:12:09:26:4a:7d:75:7d:
61:af:de:60:74:70:3e:a4:23:80:63:65:3b:fe:86:4c:fb:a1:
7e:6f:be:a8:bf:5b:87:d1:71:6a:42:a4:cb:b3:cc:dd:9b:dd:
93:be:b0:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjai4kCHpAg2Yn3ZU4cLJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmNiNjQzZTZhMjFlMmZiNmUyMWNkMDY1M2FiMDk1ZTll
YmVmMTMwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGFkMDRkOGM4NDY1NmIxOTI1OGY0YzI5ZGY3OTAwYjViMDBiYjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AJn5KpGws3Wm7PCnnllPusGfQ0w
tIWboRvUWhiKIA06a4ZI7NGwHIPZkZgK8lybyPStpzrwU/UWkFrWX2dkKLKyCYSB
VV9KzCpp5qxYdUeHzX7ou4GtOLmugLaE4rqfOScxaURtyF6TaIjpXtIJ83qsSuhJ
m5F9f8uRLzMXUz1IhST8OJAIByCx8CStcWSf0YQz5sZF74ayHNbOleEL0Eb59MJq
y+yZK4Jzzqp4IyhbgtAsa6ntsfs12nbDHtuHsUxxULPPx8pnr5AK7KwUXjfeGIZO
99bPwftUAa7ss1AfFNv3TGYKR1k81mJ6qB6zhcj5rvWneZCCNSm+7oBnowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCtBNjIRlaxklj0wp33kAtbALsbMB8GA1UdIwQY
MBaAFNr8tkPmoh4vtuIc0GU6sJXp6+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ5MlEtYWlIaS0yNGh6UVpUcXdsZW5yN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yN2EzNzQtYzk4NC00YjE5LWFjN2Ut
ZGUyZGUxNWY5MGVkLzEvY0swRTJNaEdWckdTV1BUQ25mZVFDMXNBdXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yN2EzNzQtYzk4NC00YjE5LWFjN2UtZGUyZGUxNWY5MGVk
LzEvMnZ5MlEtYWlIaS0yNGh6UVpUcXdsZW5yN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UJgMA0G
CSqGSIb3DQEBCwUAA4IBAQBj7odAn9ycClJ47gB0V2LYpF0fdteBR+tB7oBuc2N2
3WywLNebEVufMap5qvhOkWsP2jgJiR/ddhyyu6GRsQVJ3n0NwrUHivxki7qifo09
gIHK6OF/DgNtX3vbfMbu+mK8KY2O2KUIM4N6pzI4y3mlwauEWRCsT5Nu2S+tBSqp
ZO+aXjikCrzaOSsns3e7sQcklp2k6WqYezmVCeHE8Gdb5nip8QHWcmpdMwESy73F
xkyG0Vu3Dg1AUpq/Iqyubc6nCG5L45RXlp/vpJiuXHTehBIJJkp9dX1hr95gdHA+
pCOAY2U7/oZM+6F+b76ov1uH0XFqQqTLs8zdm92TvrBx
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:34:54 2025 by rpki-client