Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/dsI79c9RkSXCJw4J0k20aJh3S5k.roa
File: dsI79c9RkSXCJw4J0k20aJh3S5k.roa (raw, json)
Hash identifier: WdLdZEAe44rS1q9Lslq+6ZV6nfvfr1+ikiH+EPMF39M=
Subject key identifier: 76:C2:3B:F5:CF:51:91:25:C2:27:0E:09:D2:4D:B4:68:98:77:4B:99
Certificate issuer: /CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Certificate serial: 0194236A2E92FA7F326E0067D4BD09B0662F
Authority key identifier: DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/dsI79c9RkSXCJw4J0k20aJh3S5k.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43145
IP address blocks: 217.66.100.0/24 maxlen: 24
217.66.101.0/24 maxlen: 24
217.66.102.0/24 maxlen: 24
217.66.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2e:92:fa:7f:32:6e:00:67:d4:bd:09:b0:66:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76c23bf5cf519125c2270e09d24db46898774b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:87:87:c0:86:59:09:78:2a:c4:0d:3b:7c:e6:
4d:57:fc:64:34:9c:f8:64:dd:44:3f:c7:5e:e1:a2:
1b:1b:4e:08:45:81:94:57:a6:3e:c8:ea:65:5e:82:
c9:4e:0c:4f:94:8c:f7:2a:52:26:6b:5a:34:03:39:
f4:82:aa:3e:c7:e4:61:9d:a7:33:6f:33:16:86:59:
03:91:f1:1f:25:3c:1d:67:48:ca:d1:be:bf:33:72:
ba:a2:fd:a6:d0:26:c4:42:16:bb:02:38:38:28:6a:
98:dc:40:eb:d5:0b:52:cd:38:e6:bf:16:7c:a7:63:
e1:a8:7a:fc:83:7a:81:3f:f2:5e:e4:df:23:a6:05:
93:c2:5e:08:db:fe:8b:60:5d:b6:31:99:65:77:f7:
43:e0:61:3a:31:61:2b:ac:a0:fb:8f:2b:74:cf:95:
58:81:99:94:18:a9:72:e4:77:b6:1b:18:21:c5:5f:
cf:64:2d:49:73:95:69:b9:41:74:84:66:a7:c0:9c:
e4:ea:7f:7d:41:c7:10:2f:db:77:8a:10:36:f0:47:
e7:62:1c:d1:76:7d:4c:c2:bc:70:99:98:b7:f9:e2:
33:87:40:03:a4:04:f4:67:2e:3c:9a:16:58:b2:9a:
ae:9e:3e:2a:fe:55:7d:6f:25:b4:fa:d5:0d:d7:9c:
39:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C2:3B:F5:CF:51:91:25:C2:27:0E:09:D2:4D:B4:68:98:77:4B:99
X509v3 Authority Key Identifier:
keyid:DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/dsI79c9RkSXCJw4J0k20aJh3S5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/2vy2Q-aiHi-24hzQZTqwlenr7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.66.100.0/22
Signature Algorithm: sha256WithRSAEncryption
e6:53:bc:ba:4f:47:10:77:eb:f4:20:05:6f:89:c5:be:d0:49:
6e:ff:76:ed:c7:cc:16:4a:34:e9:3b:43:49:35:ff:08:76:49:
ce:68:bd:4d:1a:0e:20:bf:89:27:0f:61:c6:36:de:f0:fb:7c:
be:59:16:5d:cb:c5:02:aa:b2:5c:73:c8:cd:f3:99:e4:f3:24:
e9:72:f5:fa:3e:ca:d1:ff:ed:80:ae:ef:63:08:3f:cc:04:2d:
1d:5b:db:d4:60:47:01:1e:45:68:36:aa:10:36:97:57:49:db:
7a:95:f7:e7:32:70:e5:27:28:1c:c0:f3:74:20:54:cd:82:1d:
cd:0c:4c:0d:89:7a:a9:5a:46:dd:88:0f:7b:2d:24:93:5f:16:
99:a7:ef:5a:f0:27:9b:ae:f0:d3:5b:dd:10:c9:56:d4:5a:ae:
ff:ae:1c:74:d4:0a:f0:10:39:89:33:90:1e:ac:de:a4:b5:74:
43:7f:c2:84:b8:da:af:49:b1:8b:be:d9:38:17:97:d7:57:1b:
4e:e0:05:26:d5:5d:b9:cd:2d:0a:99:41:d7:4c:5b:c4:69:9c:
9a:d6:68:6e:f1:57:b3:80:d6:6d:af:5c:b4:16:86:6e:7b:0b:
e3:2c:56:35:b2:1c:f5:13:be:3e:e9:4b:ca:0d:f8:70:f1:6a:
48:3a:93:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjai6S+n8ybgBn1L0JsGYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmNiNjQzZTZhMjFlMmZiNmUyMWNkMDY1M2FiMDk1ZTll
YmVmMTMwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmMyM2JmNWNmNTE5MTI1YzIyNzBlMDlkMjRkYjQ2ODk4Nzc0Yjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoeHwIZZCXgqxA07fOZNV/xkNJz4
ZN1EP8de4aIbG04IRYGUV6Y+yOplXoLJTgxPlIz3KlIma1o0Azn0gqo+x+Rhnacz
bzMWhlkDkfEfJTwdZ0jK0b6/M3K6ov2m0CbEQha7Ajg4KGqY3EDr1QtSzTjmvxZ8
p2PhqHr8g3qBP/Je5N8jpgWTwl4I2/6LYF22MZlld/dD4GE6MWErrKD7jyt0z5VY
gZmUGKly5He2GxghxV/PZC1Jc5VpuUF0hGanwJzk6n99QccQL9t3ihA28EfnYhzR
dn1MwrxwmZi3+eIzh0ADpAT0Zy48mhZYspqunj4q/lV9byW0+tUN15w5JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbCO/XPUZElwicOCdJNtGiYd0uZMB8GA1UdIwQY
MBaAFNr8tkPmoh4vtuIc0GU6sJXp6+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ5MlEtYWlIaS0yNGh6UVpUcXdsZW5yN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yN2EzNzQtYzk4NC00YjE5LWFjN2Ut
ZGUyZGUxNWY5MGVkLzEvZHNJNzljOVJrU1hDSnc0SjBrMjBhSmgzUzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yN2EzNzQtYzk4NC00YjE5LWFjN2UtZGUyZGUxNWY5MGVk
LzEvMnZ5MlEtYWlIaS0yNGh6UVpUcXdsZW5yN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UJkMA0G
CSqGSIb3DQEBCwUAA4IBAQDmU7y6T0cQd+v0IAVvicW+0Elu/3btx8wWSjTpO0NJ
Nf8IdknOaL1NGg4gv4knD2HGNt7w+3y+WRZdy8UCqrJcc8jN85nk8yTpcvX6PsrR
/+2Aru9jCD/MBC0dW9vUYEcBHkVoNqoQNpdXSdt6lffnMnDlJygcwPN0IFTNgh3N
DEwNiXqpWkbdiA97LSSTXxaZp+9a8CebrvDTW90QyVbUWq7/rhx01ArwEDmJM5Ae
rN6ktXRDf8KEuNqvSbGLvtk4F5fXVxtO4AUm1V25zS0KmUHXTFvEaZya1mhu8Vez
gNZtr1y0FoZuewvjLFY1shz1E74+6UvKDfhw8WpIOpPl
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:51:12 2025 by rpki-client