Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/KeLhOHzM1hDk5wpHT7c7dEJSGkg.roa
File: KeLhOHzM1hDk5wpHT7c7dEJSGkg.roa (raw, json)
Hash identifier: k3lH8dOoEf0HsgtNnTnuPk43FfXpsQ32ISf9a9kGUX8=
Subject key identifier: 29:E2:E1:38:7C:CC:D6:10:E4:E7:0A:47:4F:B7:3B:74:42:52:1A:48
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 019421B2498E82B2CF122FB59F88A5295B92
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/KeLhOHzM1hDk5wpHT7c7dEJSGkg.roa
Signing time: Wed 01 Jan 2025 11:48:39 +0000
ROA not before: Wed 01 Jan 2025 11:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33371
IP address blocks: 217.79.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:49:8e:82:b2:cf:12:2f:b5:9f:88:a5:29:5b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jan 1 11:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29e2e1387cccd610e4e70a474fb73b7442521a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:47:55:65:e4:0d:b8:76:4e:f9:51:3a:4e:95:
92:53:e4:3a:4d:6b:43:0a:53:15:0c:73:bf:14:ba:
d2:1e:3a:85:a0:15:c3:e5:49:35:77:b6:ce:3a:80:
52:98:d6:fa:db:89:c6:b1:df:6d:c6:ce:c0:6d:8b:
d1:bc:5b:1b:57:37:b3:cc:02:b2:5c:a3:ce:8b:b0:
32:96:ab:dd:1f:77:7d:eb:e9:6e:44:43:5a:b9:4b:
7e:c4:71:b7:cc:b7:f3:1d:8a:25:7c:ec:66:33:df:
fd:33:2c:5b:cd:dc:41:2d:6f:2e:62:99:e5:8f:dc:
5d:5b:82:e3:10:84:10:e0:f4:13:ea:34:61:59:5d:
32:52:96:6a:5b:83:4b:c3:15:b2:67:97:79:a5:57:
37:45:fb:1b:ad:77:2d:69:8b:51:08:af:79:66:69:
27:90:4f:89:56:f2:1b:0c:d9:77:89:3e:cf:f3:09:
bf:e9:c3:98:cf:39:0c:91:43:6b:81:e1:30:54:61:
7f:6a:3a:9a:74:5d:04:8a:1f:60:ce:a0:cf:75:2a:
32:66:aa:38:65:6c:c0:c6:20:2d:e4:06:54:e3:f2:
50:73:38:88:91:6a:ec:9d:fb:b6:7b:78:a0:d8:1c:
c6:12:a1:52:a7:51:46:82:d8:14:e7:70:af:a5:70:
e8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E2:E1:38:7C:CC:D6:10:E4:E7:0A:47:4F:B7:3B:74:42:52:1A:48
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/KeLhOHzM1hDk5wpHT7c7dEJSGkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.79.174.0/24
Signature Algorithm: sha256WithRSAEncryption
48:20:b5:d8:88:c1:6a:66:3d:c0:6f:c7:22:97:bc:ca:08:c1:
63:f5:7e:3a:3b:d8:2c:ea:a8:68:5b:15:c5:d9:4c:35:5e:71:
55:e9:ae:8c:24:ee:69:23:a5:d1:4d:aa:9a:2f:67:42:46:90:
00:65:30:ba:5a:37:7a:4f:17:b6:95:53:e6:9e:a0:81:f6:59:
26:c5:1b:c5:7d:70:a3:e6:8d:89:a8:ab:0f:4a:3c:63:9d:c3:
45:f3:3d:26:6f:8b:87:ac:fd:14:c3:ae:ca:a9:2e:28:3a:4d:
38:08:96:5a:f8:74:bd:f0:95:7d:5c:09:4f:e6:a2:cc:3d:0b:
d3:96:cd:b7:1e:2f:08:c8:93:a8:06:66:a6:d9:e3:ba:ca:62:
eb:87:3e:38:60:c5:09:c8:17:8a:09:5f:fe:7b:f4:05:96:47:
1d:dd:6d:15:74:93:0c:d9:8c:f9:5b:d6:77:5b:47:f6:04:f1:
f2:ab:e3:b5:5e:ad:45:3f:4e:fb:c3:5d:0e:7b:5a:6c:53:ec:
3b:32:bf:26:ef:af:ec:c0:7b:96:ae:d4:b0:bd:0f:70:c0:d6:
69:93:66:bc:22:01:e4:8b:57:e1:98:7b:8d:4f:6f:d2:6e:96:
7d:0e:a5:46:d8:8d:46:de:00:ef:c2:f7:e9:60:ca:f7:02:92:
34:93:b9:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhskmOgrLPEi+1n4ilKVuSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjUwMTAxMTE0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWUyZTEzODdjY2NkNjEwZTRlNzBhNDc0ZmI3M2I3NDQyNTIxYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0dVZeQNuHZO+VE6TpWSU+Q6TWtD
ClMVDHO/FLrSHjqFoBXD5Uk1d7bOOoBSmNb624nGsd9txs7AbYvRvFsbVzezzAKy
XKPOi7AylqvdH3d96+luRENauUt+xHG3zLfzHYolfOxmM9/9MyxbzdxBLW8uYpnl
j9xdW4LjEIQQ4PQT6jRhWV0yUpZqW4NLwxWyZ5d5pVc3RfsbrXctaYtRCK95Zmkn
kE+JVvIbDNl3iT7P8wm/6cOYzzkMkUNrgeEwVGF/ajqadF0Eih9gzqDPdSoyZqo4
ZWzAxiAt5AZU4/JQcziIkWrsnfu2e3ig2BzGEqFSp1FGgtgU53CvpXDofwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCni4Th8zNYQ5OcKR0+3O3RCUhpIMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvS2VMaE9Iek0xaERrNXdwSFQ3YzdkRUpTR2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2U+uMA0G
CSqGSIb3DQEBCwUAA4IBAQBIILXYiMFqZj3Ab8cil7zKCMFj9X46O9gs6qhoWxXF
2Uw1XnFV6a6MJO5pI6XRTaqaL2dCRpAAZTC6Wjd6Txe2lVPmnqCB9lkmxRvFfXCj
5o2JqKsPSjxjncNF8z0mb4uHrP0Uw67KqS4oOk04CJZa+HS98JV9XAlP5qLMPQvT
ls23Hi8IyJOoBmam2eO6ymLrhz44YMUJyBeKCV/+e/QFlkcd3W0VdJMM2Yz5W9Z3
W0f2BPHyq+O1Xq1FP077w10Oe1psU+w7Mr8m76/swHuWrtSwvQ9wwNZpk2a8IgHk
i1fhmHuNT2/SbpZ9DqVG2I1G3gDvwvfpYMr3ApI0k7ny
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:11:18 2025 by rpki-client