Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/2I_gyEpNZ4JuV81yJRUXBVu-KOA.roa
File: 2I_gyEpNZ4JuV81yJRUXBVu-KOA.roa (raw, json)
Hash identifier: r49ywNskr+Vb41Ou7x0XARQgE2G5ZH5biPRfE9u4cAc=
Subject key identifier: D8:8F:E0:C8:4A:4D:67:82:6E:57:CD:72:25:15:17:05:5B:BE:28:E0
Certificate issuer: /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial: 019421B21E2916F6C10FE920F0041A1DA7E9
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/2I_gyEpNZ4JuV81yJRUXBVu-KOA.roa
Signing time: Wed 01 Jan 2025 11:48:28 +0000
ROA not before: Wed 01 Jan 2025 11:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51321
IP address blocks: 84.17.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1e:29:16:f6:c1:0f:e9:20:f0:04:1a:1d:a7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Validity
Not Before: Jan 1 11:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d88fe0c84a4d67826e57cd72251517055bbe28e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:df:c5:ea:42:66:cf:f2:df:c1:da:75:48:6b:
56:d8:1a:95:24:29:5f:34:2a:ac:58:d0:86:41:ae:
43:77:9a:02:76:10:6a:73:7c:58:ab:8e:f2:2b:98:
0b:f7:52:fd:70:98:b1:d2:b8:58:7e:01:8c:fb:b0:
c3:30:04:f2:1d:1a:dc:48:ee:04:42:c1:ec:fb:38:
4d:47:fd:e5:ae:62:2a:c2:af:4b:9b:50:40:4e:a8:
cd:70:1a:61:52:ee:1e:dd:e9:a4:80:5f:dd:37:b4:
4b:30:66:2c:29:76:67:11:2d:fe:d8:ca:34:fc:73:
ed:e5:d0:15:f8:0f:1d:f6:2b:1b:d6:aa:9f:b3:5e:
af:38:24:af:b5:e8:90:ee:a0:aa:13:d6:9b:18:04:
fb:30:66:92:e6:1c:da:7b:47:60:48:00:f7:54:44:
74:a8:d0:c1:e1:21:c1:d8:b8:65:b6:8d:dc:9d:41:
08:52:04:ec:4d:01:93:90:06:7a:10:a6:d3:3e:d9:
03:91:30:7d:7e:bf:ce:32:1c:77:fd:6d:37:c5:63:
da:7b:2d:7c:af:a7:20:69:5d:cf:8f:e0:df:ce:07:
f8:1e:ef:43:30:70:20:11:5a:2c:28:69:6a:de:3d:
be:bd:f2:cd:28:25:66:f0:f3:cd:65:18:55:44:08:
3f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:8F:E0:C8:4A:4D:67:82:6E:57:CD:72:25:15:17:05:5B:BE:28:E0
X509v3 Authority Key Identifier:
keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/2I_gyEpNZ4JuV81yJRUXBVu-KOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.87.0/24
Signature Algorithm: sha256WithRSAEncryption
66:4c:0b:4b:17:74:c2:de:fc:be:ff:cf:02:64:ce:44:01:95:
43:50:2b:67:4d:13:96:e6:48:51:a3:ef:d4:22:82:47:f5:b1:
9c:a7:39:00:d6:fd:df:be:e5:f2:dd:2a:10:40:00:93:3d:b7:
95:2d:82:82:93:ff:03:2d:81:28:bc:14:93:67:d5:ea:10:67:
c5:70:54:60:85:96:78:4c:94:16:c6:ff:23:8d:95:34:ee:3f:
bb:94:17:ef:8c:e8:cd:4a:00:d3:6c:4f:43:7f:9e:d1:07:4c:
a7:a4:88:08:40:06:5e:91:1b:ca:f9:11:78:a5:d3:7c:6c:aa:
e7:c2:7b:8f:2b:64:c1:90:dc:ff:8d:2e:2c:40:ba:25:35:91:
b1:30:80:03:92:0a:f2:f0:d9:cf:01:8b:a7:09:e1:04:ba:15:
b6:ff:2a:5d:b5:83:20:b9:50:b3:64:0e:5a:9e:0f:ff:e2:c7:
0d:ee:6d:e9:0d:ec:b6:fc:9f:88:2c:0e:b3:5d:cb:6e:20:48:
21:17:6e:86:7b:72:8a:6a:83:42:a7:6a:38:4d:1c:a7:6e:7f:
6e:42:c2:82:58:b4:ea:2a:5c:63:63:aa:24:7d:94:8a:07:9a:
da:92:06:d2:33:25:bb:a0:99:9d:e4:fd:d2:d4:cf:f1:12:cf:
ac:50:27:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsh4pFvbBD+kg8AQaHafpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjUwMTAxMTE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODhmZTBjODRhNGQ2NzgyNmU1N2NkNzIyNTE1MTcwNTViYmUyOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsN/F6kJmz/Lfwdp1SGtW2BqVJClf
NCqsWNCGQa5Dd5oCdhBqc3xYq47yK5gL91L9cJix0rhYfgGM+7DDMATyHRrcSO4E
QsHs+zhNR/3lrmIqwq9Lm1BATqjNcBphUu4e3emkgF/dN7RLMGYsKXZnES3+2Mo0
/HPt5dAV+A8d9isb1qqfs16vOCSvteiQ7qCqE9abGAT7MGaS5hzae0dgSAD3VER0
qNDB4SHB2Lhlto3cnUEIUgTsTQGTkAZ6EKbTPtkDkTB9fr/OMhx3/W03xWPaey18
r6cgaV3Pj+Dfzgf4Hu9DMHAgEVosKGlq3j2+vfLNKCVm8PPNZRhVRAg/3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNiP4MhKTWeCblfNciUVFwVbvijgMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvMklfZ3lFcE5aNEp1VjgxeUpSVVhCVnUtS09BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVBFXMA0G
CSqGSIb3DQEBCwUAA4IBAQBmTAtLF3TC3vy+/88CZM5EAZVDUCtnTROW5khRo+/U
IoJH9bGcpzkA1v3fvuXy3SoQQACTPbeVLYKCk/8DLYEovBSTZ9XqEGfFcFRghZZ4
TJQWxv8jjZU07j+7lBfvjOjNSgDTbE9Df57RB0ynpIgIQAZekRvK+RF4pdN8bKrn
wnuPK2TBkNz/jS4sQLolNZGxMIADkgry8NnPAYunCeEEuhW2/ypdtYMguVCzZA5a
ng//4scN7m3pDey2/J+ILA6zXctuIEghF26Ge3KKaoNCp2o4TRynbn9uQsKCWLTq
KlxjY6okfZSKB5rakgbSMyW7oJmd5P3S1M/xEs+sUCfA
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:33:14 2025 by rpki-client