Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/61e583-4c07-43db-b23c-2b12a005d5fe/1/I-i10fu0XQ-5PRDxSVGZFVdHDdM.roa
File: I-i10fu0XQ-5PRDxSVGZFVdHDdM.roa (raw, json)
Hash identifier: KpehZerRLm8xk1POz/rhIyCyab3CsX2FJm55TqFOIh4=
Subject key identifier: 23:E8:B5:D1:FB:B4:5D:0F:B9:3D:10:F1:49:51:99:15:57:47:0D:D3
Certificate issuer: /CN=10160aa3782177b138e6b00544398a701fb4c514
Certificate serial: 018CC5DC27DF1EB66FCCD5A2F079A858E1BD
Authority key identifier: 10:16:0A:A3:78:21:77:B1:38:E6:B0:05:44:39:8A:70:1F:B4:C5:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EBYKo3ghd7E45rAFRDmKcB-0xRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/61e583-4c07-43db-b23c-2b12a005d5fe/1/I-i10fu0XQ-5PRDxSVGZFVdHDdM.roa
Signing time: Mon 01 Jan 2024 16:29:48 +0000
ROA not before: Mon 01 Jan 2024 16:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196695
IP address blocks: 217.28.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:27:df:1e:b6:6f:cc:d5:a2:f0:79:a8:58:e1:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10160aa3782177b138e6b00544398a701fb4c514
Validity
Not Before: Jan 1 16:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23e8b5d1fbb45d0fb93d10f14951991557470dd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:63:60:60:e4:0d:fd:3d:12:14:6c:bf:17:b2:
1a:1b:2a:92:4a:c3:bd:41:1b:aa:2d:a7:d7:99:35:
71:23:ba:0f:27:2c:64:51:c0:08:0d:6c:38:af:b4:
a7:ff:e6:cd:ea:99:2d:32:c8:52:76:e5:4a:f3:b7:
d4:3a:1a:26:df:1f:ed:87:2b:55:b5:51:57:fd:e5:
02:57:b9:5c:a5:06:2c:18:35:cf:f0:e7:0e:a9:03:
b6:36:f4:aa:c3:1b:5e:1f:dc:bf:71:b8:7b:c7:13:
ee:bb:35:0c:8a:fa:bb:b3:70:c6:fd:f3:4e:c0:d7:
83:64:cc:4c:ab:5d:6d:39:8d:c9:5e:17:e5:45:f8:
07:10:fb:a9:df:bf:22:a5:75:1a:e0:63:62:e0:0a:
08:77:6b:ae:af:1a:da:da:ba:2e:45:43:4c:ae:39:
9e:29:28:70:71:8f:2e:38:56:e5:e9:9d:e1:95:5a:
98:b5:6a:6f:e9:17:58:cd:fb:ab:db:ae:86:90:13:
b4:d5:33:95:52:60:13:c9:ad:f1:9c:f6:b6:d3:a2:
83:a6:29:75:96:a2:ed:71:ac:50:bb:40:b9:12:99:
ec:e7:17:08:cc:2b:6a:f8:e7:18:88:d1:ca:88:33:
b5:d7:85:97:b9:37:90:e8:6f:fa:92:4e:48:be:72:
45:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E8:B5:D1:FB:B4:5D:0F:B9:3D:10:F1:49:51:99:15:57:47:0D:D3
X509v3 Authority Key Identifier:
keyid:10:16:0A:A3:78:21:77:B1:38:E6:B0:05:44:39:8A:70:1F:B4:C5:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EBYKo3ghd7E45rAFRDmKcB-0xRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/61e583-4c07-43db-b23c-2b12a005d5fe/1/I-i10fu0XQ-5PRDxSVGZFVdHDdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/61e583-4c07-43db-b23c-2b12a005d5fe/1/EBYKo3ghd7E45rAFRDmKcB-0xRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.141.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:e1:c4:67:c9:b6:96:89:68:98:68:a2:32:7b:50:e1:60:c4:
c9:39:09:26:cf:3f:ea:bc:3d:62:7f:24:89:aa:c4:4e:ef:8e:
54:69:79:16:dc:e5:4d:6b:f2:79:b3:91:1a:0e:a4:d5:9c:18:
4b:2d:aa:f9:30:63:62:97:cd:2f:d9:09:3b:18:a7:cc:15:df:
e9:f5:fa:29:be:22:87:b7:d9:97:f3:a3:fc:a7:f4:65:a3:34:
32:d4:75:af:51:2a:74:72:77:8f:bf:b8:91:4c:25:04:44:59:
67:f2:d0:41:19:c0:05:d0:aa:38:18:06:75:c5:d8:68:2a:78:
66:33:f2:51:43:dd:3b:86:76:4e:dd:d6:26:27:b8:ff:cb:37:
1e:00:b9:29:9b:77:a9:91:48:11:3c:9d:ca:08:fc:ce:e8:c3:
77:f9:be:bb:e7:e9:09:9e:95:90:61:c7:97:f3:76:69:14:f7:
bd:52:f0:0f:fa:2d:b5:c4:28:79:94:98:2e:b1:59:94:dd:72:
07:fb:f5:c6:02:5f:7e:60:35:fa:b0:e6:ad:ff:60:98:f2:4e:
ce:e3:4b:ba:19:b8:e5:e7:04:03:eb:02:0a:8f:46:1f:61:56:
05:02:9c:f7:69:8a:5c:f7:a1:82:82:e7:ca:e2:93:b3:fa:ca:
fa:29:dd:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3CffHrZvzNWi8HmoWOG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMTYwYWEzNzgyMTc3YjEzOGU2YjAwNTQ0Mzk4YTcwMWZi
NGM1MTQwHhcNMjQwMTAxMTYyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2U4YjVkMWZiYjQ1ZDBmYjkzZDEwZjE0OTUxOTkxNTU3NDcwZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGNgYOQN/T0SFGy/F7IaGyqSSsO9
QRuqLafXmTVxI7oPJyxkUcAIDWw4r7Sn/+bN6pktMshSduVK87fUOhom3x/thytV
tVFX/eUCV7lcpQYsGDXP8OcOqQO2NvSqwxteH9y/cbh7xxPuuzUMivq7s3DG/fNO
wNeDZMxMq11tOY3JXhflRfgHEPup378ipXUa4GNi4AoId2uurxra2rouRUNMrjme
KShwcY8uOFbl6Z3hlVqYtWpv6RdYzfur266GkBO01TOVUmATya3xnPa206KDpil1
lqLtcaxQu0C5Epns5xcIzCtq+OcYiNHKiDO114WXuTeQ6G/6kk5IvnJFTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPotdH7tF0PuT0Q8UlRmRVXRw3TMB8GA1UdIwQY
MBaAFBAWCqN4IXexOOawBUQ5inAftMUUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUJZS28zZ2hkN0U0NXJBRlJEbUtjQi0weFJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy82MWU1ODMtNGMwNy00M2RiLWIyM2Mt
MmIxMmEwMDVkNWZlLzEvSS1pMTBmdTBYUS01UFJEeFNWR1pGVmRIRGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy82MWU1ODMtNGMwNy00M2RiLWIyM2MtMmIxMmEwMDVkNWZl
LzEvRUJZS28zZ2hkN0U0NXJBRlJEbUtjQi0weFJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyNMA0G
CSqGSIb3DQEBCwUAA4IBAQBr4cRnybaWiWiYaKIye1DhYMTJOQkmzz/qvD1ifySJ
qsRO745UaXkW3OVNa/J5s5EaDqTVnBhLLar5MGNil80v2Qk7GKfMFd/p9fopviKH
t9mX86P8p/RlozQy1HWvUSp0cnePv7iRTCUERFln8tBBGcAF0Ko4GAZ1xdhoKnhm
M/JRQ907hnZO3dYmJ7j/yzceALkpm3epkUgRPJ3KCPzO6MN3+b675+kJnpWQYceX
83ZpFPe9UvAP+i21xCh5lJgusVmU3XIH+/XGAl9+YDX6sOat/2CY8k7O40u6Gbjl
5wQD6wIKj0YfYVYFApz3aYpc96GCgufK4pOz+sr6Kd0H
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:10 2025 by rpki-client