Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/s67wfBYN4Keq-XcZ3aP-wu5Usu8.roa
File: s67wfBYN4Keq-XcZ3aP-wu5Usu8.roa (raw, json)
Hash identifier: iepRGsTeT7EybANIxB57/7dp/YbwlG1MHY+mia+/CQ8=
Subject key identifier: B3:AE:F0:7C:16:0D:E0:A7:AA:F9:77:19:DD:A3:FE:C2:EE:54:B2:EF
Certificate issuer: /CN=df9c64e170b7f255d7ca30035d6532c8957eb169
Certificate serial: 019427B5B278484DFE459D0A8ACE4FC08DA8
Authority key identifier: DF:9C:64:E1:70:B7:F2:55:D7:CA:30:03:5D:65:32:C8:95:7E:B1:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/35xk4XC38lXXyjADXWUyyJV-sWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/s67wfBYN4Keq-XcZ3aP-wu5Usu8.roa
Signing time: Thu 02 Jan 2025 15:50:06 +0000
ROA not before: Thu 02 Jan 2025 15:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2119
IP address blocks: 217.147.4.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:b2:78:48:4d:fe:45:9d:0a:8a:ce:4f:c0:8d:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df9c64e170b7f255d7ca30035d6532c8957eb169
Validity
Not Before: Jan 2 15:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3aef07c160de0a7aaf97719dda3fec2ee54b2ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:01:9f:b2:d9:fe:9c:10:27:db:1b:8e:f5:e4:
b0:dd:1b:10:74:0c:51:bf:2f:52:7e:df:ec:7f:00:
49:fe:44:48:e9:14:da:93:80:e2:b6:f5:bd:e9:d2:
74:e0:37:13:6f:53:1b:d9:1d:7d:75:11:1a:eb:84:
e8:2b:48:94:7b:8e:18:84:87:65:57:dd:17:82:1e:
05:a0:86:8b:b8:cb:0e:66:e2:fe:09:e1:bf:cd:1c:
af:29:90:4a:e8:d2:1d:c3:d9:d5:5b:5c:88:9a:87:
5d:5b:a2:dc:dd:84:53:18:e5:e6:c2:15:e6:34:4a:
0d:83:0b:0e:da:e8:bc:aa:9a:3c:90:2b:c2:a0:0a:
42:9f:a8:5a:1d:06:b2:07:9d:5e:7b:1d:7f:5b:5e:
89:9f:24:46:de:f3:77:10:20:b6:bc:6f:7a:ec:ca:
77:c5:2c:9e:ad:08:f3:9a:5a:32:e6:92:83:b2:dc:
e7:a4:e1:fa:73:bb:12:a9:74:cb:fe:d1:43:8e:cc:
5f:13:4c:27:7c:4b:2c:96:13:94:5d:ca:c3:47:93:
a1:94:de:cf:cb:e5:86:88:c7:fc:74:08:10:62:36:
50:d0:04:cb:18:c1:6f:b8:09:66:6e:b8:ae:b3:d7:
80:8e:8b:ff:ee:bf:83:1a:67:b6:7e:26:2a:68:cf:
70:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AE:F0:7C:16:0D:E0:A7:AA:F9:77:19:DD:A3:FE:C2:EE:54:B2:EF
X509v3 Authority Key Identifier:
keyid:DF:9C:64:E1:70:B7:F2:55:D7:CA:30:03:5D:65:32:C8:95:7E:B1:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35xk4XC38lXXyjADXWUyyJV-sWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/s67wfBYN4Keq-XcZ3aP-wu5Usu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/abd12f-1d66-412f-9be2-28cb3bbf05ae/1/35xk4XC38lXXyjADXWUyyJV-sWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.4.0/22
Signature Algorithm: sha256WithRSAEncryption
08:b6:62:c2:96:ea:aa:94:02:30:f7:f4:cf:2b:f2:07:73:d6:
c7:88:91:d2:23:d4:4a:fe:22:62:4f:82:bc:ea:be:2f:00:b4:
26:cb:82:cb:f2:26:a4:05:32:df:41:bd:72:61:b4:64:ef:98:
da:50:66:e9:bd:dc:ab:bd:bc:34:6b:0e:ba:00:30:bb:ad:5c:
e1:ca:ba:eb:7f:d8:08:de:5a:aa:65:d0:4d:af:b7:0f:69:a7:
f3:c1:78:5e:b7:c6:8a:6a:cf:7d:5a:31:ed:f9:30:ff:b8:1f:
2c:35:fc:62:b2:28:3b:62:1f:8f:e2:47:07:03:90:3c:23:82:
a2:bb:50:78:90:42:e6:76:1f:59:24:fe:c0:30:ea:49:3b:7d:
75:38:48:a3:d8:2a:fe:8a:56:8d:ee:b0:8c:fe:96:41:f5:81:
30:a6:92:e8:13:12:02:31:2e:db:4f:fc:10:56:29:fc:f4:7f:
ee:1a:69:ba:72:55:93:83:92:cc:95:b1:50:ff:a4:3e:1d:4e:
83:e7:d5:a5:14:97:e5:37:4b:3d:5f:d1:fe:63:fc:7a:27:1f:
34:11:f3:c9:97:f7:df:01:d8:ff:9f:ca:97:d8:b7:36:1c:36:
32:d5:6e:4b:be:20:7b:3f:f2:2e:46:3a:0c:59:fb:84:b9:34:
c2:9c:20:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntbJ4SE3+RZ0Kis5PwI2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWM2NGUxNzBiN2YyNTVkN2NhMzAwMzVkNjUzMmM4OTU3
ZWIxNjkwHhcNMjUwMTAyMTU1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2FlZjA3YzE2MGRlMGE3YWFmOTc3MTlkZGEzZmVjMmVlNTRiMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwGfstn+nBAn2xuO9eSw3RsQdAxR
vy9Sft/sfwBJ/kRI6RTak4DitvW96dJ04DcTb1Mb2R19dREa64ToK0iUe44YhIdl
V90Xgh4FoIaLuMsOZuL+CeG/zRyvKZBK6NIdw9nVW1yImoddW6Lc3YRTGOXmwhXm
NEoNgwsO2ui8qpo8kCvCoApCn6haHQayB51eex1/W16JnyRG3vN3ECC2vG967Mp3
xSyerQjzmloy5pKDstznpOH6c7sSqXTL/tFDjsxfE0wnfEsslhOUXcrDR5OhlN7P
y+WGiMf8dAgQYjZQ0ATLGMFvuAlmbrius9eAjov/7r+DGme2fiYqaM9wSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOu8HwWDeCnqvl3Gd2j/sLuVLLvMB8GA1UdIwQY
MBaAFN+cZOFwt/JV18owA11lMsiVfrFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzV4azRYQzM4bFhYeWpBRFhXVXl5SlYtc1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hYmQxMmYtMWQ2Ni00MTJmLTliZTIt
MjhjYjNiYmYwNWFlLzEvczY3d2ZCWU40S2VxLVhjWjNhUC13dTVVc3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hYmQxMmYtMWQ2Ni00MTJmLTliZTItMjhjYjNiYmYwNWFl
LzEvMzV4azRYQzM4bFhYeWpBRFhXVXl5SlYtc1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2ZMEMA0G
CSqGSIb3DQEBCwUAA4IBAQAItmLCluqqlAIw9/TPK/IHc9bHiJHSI9RK/iJiT4K8
6r4vALQmy4LL8iakBTLfQb1yYbRk75jaUGbpvdyrvbw0aw66ADC7rVzhyrrrf9gI
3lqqZdBNr7cPaafzwXhet8aKas99WjHt+TD/uB8sNfxisig7Yh+P4kcHA5A8I4Ki
u1B4kELmdh9ZJP7AMOpJO311OEij2Cr+ilaN7rCM/pZB9YEwppLoExICMS7bT/wQ
Vin89H/uGmm6clWTg5LMlbFQ/6Q+HU6D59WlFJflN0s9X9H+Y/x6Jx80EfPJl/ff
Adj/n8qX2Lc2HDYy1W5LviB7P/IuRjoMWfuEuTTCnCCh
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:07:23 2025 by rpki-client