Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/xRYUvRXSS94lAILWRE8foV910eY.roa
File: xRYUvRXSS94lAILWRE8foV910eY.roa (raw, json)
Hash identifier: kbfHwhqkpD58/aPhgeZb2L8X4i4DLw2R5Cp0d3c4c5M=
Subject key identifier: C5:16:14:BD:15:D2:4B:DE:25:00:82:D6:44:4F:1F:A1:5F:75:D1:E6
Certificate issuer: /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial: 019428770F95164866EF78CF08DCC9E8BC90
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/xRYUvRXSS94lAILWRE8foV910eY.roa
Signing time: Thu 02 Jan 2025 19:21:18 +0000
ROA not before: Thu 02 Jan 2025 19:21:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213245
IP address blocks: 84.17.69.0/24 maxlen: 24
84.17.72.0/24 maxlen: 24
84.17.88.0/24 maxlen: 24
84.17.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:77:0f:95:16:48:66:ef:78:cf:08:dc:c9:e8:bc:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Validity
Not Before: Jan 2 19:21:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c51614bd15d24bde250082d6444f1fa15f75d1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f8:3f:ea:46:5d:c5:ad:ce:f6:9e:9b:e2:30:
b3:9c:f5:3d:0e:68:05:be:a5:70:61:de:6f:49:9b:
2b:17:ce:15:38:bf:c9:c8:80:8b:09:0f:eb:ca:1d:
51:b8:13:0f:0d:5a:69:27:39:7e:56:a5:b5:4f:9a:
54:7c:01:f9:9a:f2:83:6f:e4:cc:c6:e8:aa:9b:0a:
22:35:7d:a0:1c:fd:6a:2e:9b:a1:50:36:56:4e:64:
69:7f:eb:c2:6d:81:15:4c:02:4c:c5:12:45:40:c7:
9f:7f:d2:b0:78:01:f7:00:4a:a5:36:4f:db:00:4a:
66:8c:bb:46:e4:38:3a:78:a1:96:ad:98:f5:8d:e8:
1a:49:f4:32:1a:7c:25:32:d5:1a:d6:61:f9:fd:e2:
84:34:24:f2:3c:b1:1b:61:30:d3:05:f8:0e:02:90:
82:3e:c5:e8:fe:f5:62:da:71:46:12:8d:67:bf:6f:
de:19:06:ae:3a:d9:ea:d7:6b:13:53:3d:a5:d5:eb:
c0:9e:8b:e3:9e:04:2e:f6:31:aa:49:a4:40:81:0f:
5d:0f:62:38:4f:07:29:2a:72:4c:4e:10:ba:79:1a:
28:16:3a:0b:b2:16:5d:d4:d4:78:f9:1d:51:1f:46:
15:f6:aa:4c:6f:28:c0:20:0e:fb:89:5b:85:18:5e:
f8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:16:14:BD:15:D2:4B:DE:25:00:82:D6:44:4F:1F:A1:5F:75:D1:E6
X509v3 Authority Key Identifier:
keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/xRYUvRXSS94lAILWRE8foV910eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.69.0/24
84.17.72.0/24
84.17.88.0/24
84.17.95.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:db:34:a1:15:50:84:75:f7:cf:35:4f:c0:d5:3c:75:74:14:
3d:af:0d:ab:eb:c3:67:fd:29:23:94:76:84:40:6e:c7:8c:85:
62:f6:4c:7c:55:b2:f9:71:d3:7e:5c:44:a1:5f:d6:4d:a5:0e:
e0:77:46:2b:32:15:12:af:dc:90:a2:a2:32:47:64:3f:d7:71:
94:01:79:3b:18:75:3a:3e:79:d4:57:e1:c5:0c:60:0c:9b:f4:
67:04:a1:e9:c8:21:2b:3c:8a:0d:a2:60:47:50:73:c5:76:1f:
02:da:8c:a3:b9:58:17:c5:dd:0e:bf:ab:2d:5b:92:0f:db:42:
78:7b:47:e7:83:81:30:94:3f:7a:86:45:a3:8b:a4:0b:e0:08:
7d:fb:2a:bb:54:b8:9a:34:7d:bb:ff:3d:e7:db:a5:12:3d:28:
99:86:8e:8a:35:b4:08:7e:05:19:65:29:93:ad:34:db:c2:50:
e1:c2:72:bc:4e:ea:be:9f:78:ad:9f:1e:16:49:7b:d3:3d:32:
7c:a0:25:4e:c7:88:f8:f9:fe:f9:96:a5:77:50:7b:c3:74:e6:
14:d0:b4:ca:97:89:38:3f:b6:d6:f1:8c:f8:b9:67:69:9d:97:
2d:1a:37:bc:fb:c6:38:fe:b3:a7:d3:38:91:5d:5f:c2:13:ff:
03:71:90:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQodw+VFkhm73jPCNzJ6LyQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjUwMTAyMTkyMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTE2MTRiZDE1ZDI0YmRlMjUwMDgyZDY0NDRmMWZhMTVmNzVkMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPg/6kZdxa3O9p6b4jCznPU9DmgF
vqVwYd5vSZsrF84VOL/JyICLCQ/ryh1RuBMPDVppJzl+VqW1T5pUfAH5mvKDb+TM
xuiqmwoiNX2gHP1qLpuhUDZWTmRpf+vCbYEVTAJMxRJFQMeff9KweAH3AEqlNk/b
AEpmjLtG5Dg6eKGWrZj1jegaSfQyGnwlMtUa1mH5/eKENCTyPLEbYTDTBfgOApCC
PsXo/vVi2nFGEo1nv2/eGQauOtnq12sTUz2l1evAnovjngQu9jGqSaRAgQ9dD2I4
TwcpKnJMThC6eRooFjoLshZd1NR4+R1RH0YV9qpMbyjAIA77iVuFGF74ewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMUWFL0V0kveJQCC1kRPH6FfddHmMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEveFJZVXZSWFNTOTRsQUlMV1JFOGZvVjkxMGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVBFFAwQA
VBFIAwQAVBFYAwQAVBFfMA0GCSqGSIb3DQEBCwUAA4IBAQBr2zShFVCEdffPNU/A
1Tx1dBQ9rw2r68Nn/SkjlHaEQG7HjIVi9kx8VbL5cdN+XEShX9ZNpQ7gd0YrMhUS
r9yQoqIyR2Q/13GUAXk7GHU6PnnUV+HFDGAMm/RnBKHpyCErPIoNomBHUHPFdh8C
2oyjuVgXxd0Ov6stW5IP20J4e0fng4EwlD96hkWji6QL4Ah9+yq7VLiaNH27/z3n
26USPSiZho6KNbQIfgUZZSmTrTTbwlDhwnK8Tuq+n3itnx4WSXvTPTJ8oCVOx4j4
+f75lqV3UHvDdOYU0LTKl4k4P7bW8Yz4uWdpnZctGje8+8Y4/rOn0ziRXV/CE/8D
cZDx
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:01:57 2025 by rpki-client