Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/24281e-e1ea-4f69-b53d-7f0338e49ee1/1/Dct1KnHlMjQEBf8FzrUaVj8hNPo.roa
File: Dct1KnHlMjQEBf8FzrUaVj8hNPo.roa (raw, json)
Hash identifier: GFTblhcJpBtD5bZfbGwg+0xfnKk6qwYm9g5i1rXxbnw=
Subject key identifier: 0D:CB:75:2A:71:E5:32:34:04:05:FF:05:CE:B5:1A:56:3F:21:34:FA
Certificate issuer: /CN=42ebfd8917b58f0686d93eb48de421ec01370ac9
Certificate serial: 019423D734A5D1112B5ED84B6595241AB5FF
Authority key identifier: 42:EB:FD:89:17:B5:8F:06:86:D9:3E:B4:8D:E4:21:EC:01:37:0A:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Quv9iRe1jwaG2T60jeQh7AE3Csk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/24281e-e1ea-4f69-b53d-7f0338e49ee1/1/Dct1KnHlMjQEBf8FzrUaVj8hNPo.roa
Signing time: Wed 01 Jan 2025 21:48:13 +0000
ROA not before: Wed 01 Jan 2025 21:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20658
IP address blocks: 217.170.224.0/24 maxlen: 24
217.170.225.0/24 maxlen: 24
217.170.226.0/24 maxlen: 24
217.170.227.0/24 maxlen: 24
217.170.228.0/24 maxlen: 24
217.170.229.0/24 maxlen: 24
217.170.230.0/24 maxlen: 24
217.170.231.0/24 maxlen: 24
217.170.232.0/24 maxlen: 24
217.170.233.0/24 maxlen: 24
217.170.234.0/24 maxlen: 24
217.170.235.0/24 maxlen: 24
217.170.236.0/24 maxlen: 24
217.170.237.0/24 maxlen: 24
217.170.238.0/24 maxlen: 24
217.170.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:34:a5:d1:11:2b:5e:d8:4b:65:95:24:1a:b5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ebfd8917b58f0686d93eb48de421ec01370ac9
Validity
Not Before: Jan 1 21:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dcb752a71e532340405ff05ceb51a563f2134fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0d:63:e0:81:ad:06:a3:36:fb:f1:34:f6:4e:
57:fb:81:db:52:0c:4b:be:d6:fb:bd:01:16:ed:15:
41:b8:fe:8a:0b:37:25:e1:d0:8a:80:68:58:87:d6:
d9:d6:3b:bf:93:2f:36:d3:0a:e2:3d:f5:da:a4:5a:
aa:43:34:37:5a:a2:21:b5:c4:72:24:4c:21:c1:31:
fb:7c:6d:43:65:85:9d:a5:05:3f:01:86:d8:1c:dc:
6d:83:9d:8c:e4:41:fc:67:1e:97:aa:81:84:89:e3:
91:9a:a4:38:9c:4f:71:71:db:56:52:6f:65:cc:4f:
bf:f0:4e:1d:bb:16:fb:a6:ab:29:28:fb:e2:a9:65:
d1:1d:08:9b:52:5f:4a:f1:19:7b:ee:28:49:91:24:
a0:0c:1b:ee:24:2c:78:95:ab:75:9b:c6:48:07:98:
9d:25:9d:2a:44:f8:38:f8:56:6e:6c:bf:c6:6e:19:
83:4b:5b:65:f9:92:ef:e6:ae:f6:5d:90:6e:b8:b2:
cd:2f:fe:04:8b:ad:ec:43:10:45:88:79:7c:59:fb:
3a:ff:78:03:f3:c1:f1:6a:76:7a:a5:68:bd:7e:81:
91:8f:3d:86:0c:2d:12:c2:2e:1f:bb:39:6b:e6:64:
d1:ec:74:e8:22:67:ab:27:62:25:04:d2:82:0f:a4:
51:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CB:75:2A:71:E5:32:34:04:05:FF:05:CE:B5:1A:56:3F:21:34:FA
X509v3 Authority Key Identifier:
keyid:42:EB:FD:89:17:B5:8F:06:86:D9:3E:B4:8D:E4:21:EC:01:37:0A:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Quv9iRe1jwaG2T60jeQh7AE3Csk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/24281e-e1ea-4f69-b53d-7f0338e49ee1/1/Dct1KnHlMjQEBf8FzrUaVj8hNPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/24281e-e1ea-4f69-b53d-7f0338e49ee1/1/Quv9iRe1jwaG2T60jeQh7AE3Csk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.224.0/20
Signature Algorithm: sha256WithRSAEncryption
2e:d9:4d:03:ce:fa:68:66:8d:70:15:48:03:2c:1c:2d:cc:de:
14:8d:d2:33:39:68:03:ea:f4:9e:35:48:53:d2:8b:4e:6f:59:
01:f4:5a:2c:9e:15:53:f7:d6:6a:55:c4:d4:8d:d6:37:db:88:
ac:f3:c5:3c:ec:00:e5:00:ef:7e:7e:81:ed:00:49:d5:28:fb:
78:f0:db:90:53:c0:4e:50:69:dd:57:e3:e4:3a:35:b0:34:1a:
70:ce:c0:a7:30:a5:ef:10:71:5b:39:d3:da:62:37:95:36:ed:
90:a5:69:15:86:06:60:99:2a:e1:2a:e1:c3:da:b4:1e:2b:ee:
0a:b5:61:da:12:fa:67:10:31:2e:68:07:70:5d:e0:c3:97:9f:
c5:c7:c7:14:1e:5d:23:13:4c:42:fb:f1:d8:71:52:ef:44:10:
4d:b8:35:a3:ce:df:e3:48:96:81:c8:45:06:73:2e:2b:ba:ce:
b7:3c:57:ff:86:fd:76:92:75:c5:b4:ec:5c:f6:52:e7:24:ca:
30:74:87:59:fd:bd:5c:5d:22:dd:a7:86:79:43:15:46:09:d9:
67:ba:33:46:e7:ae:8c:98:9b:6e:df:4e:91:0a:e8:3b:39:90:
8b:58:9f:38:dc:17:10:3d:1e:99:3b:17:53:53:ee:79:01:4b:
84:d7:5c:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1zSl0RErXthLZZUkGrX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZWJmZDg5MTdiNThmMDY4NmQ5M2ViNDhkZTQyMWVjMDEz
NzBhYzkwHhcNMjUwMTAxMjE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNiNzUyYTcxZTUzMjM0MDQwNWZmMDVjZWI1MWE1NjNmMjEzNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ1j4IGtBqM2+/E09k5X+4HbUgxL
vtb7vQEW7RVBuP6KCzcl4dCKgGhYh9bZ1ju/ky820wriPfXapFqqQzQ3WqIhtcRy
JEwhwTH7fG1DZYWdpQU/AYbYHNxtg52M5EH8Zx6XqoGEieORmqQ4nE9xcdtWUm9l
zE+/8E4duxb7pqspKPviqWXRHQibUl9K8Rl77ihJkSSgDBvuJCx4lat1m8ZIB5id
JZ0qRPg4+FZubL/GbhmDS1tl+ZLv5q72XZBuuLLNL/4Ei63sQxBFiHl8Wfs6/3gD
88HxanZ6pWi9foGRjz2GDC0Swi4fuzlr5mTR7HToImerJ2IlBNKCD6RRbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA3LdSpx5TI0BAX/Bc61GlY/ITT6MB8GA1UdIwQY
MBaAFELr/YkXtY8Ghtk+tI3kIewBNwrJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXV2OWlSZTFqd2FHMlQ2MGplUWg3QUUzQ3NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yNDI4MWUtZTFlYS00ZjY5LWI1M2Qt
N2YwMzM4ZTQ5ZWUxLzEvRGN0MUtuSGxNalFFQmY4RnpyVWFWajhoTlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8yNDI4MWUtZTFlYS00ZjY5LWI1M2QtN2YwMzM4ZTQ5ZWUx
LzEvUXV2OWlSZTFqd2FHMlQ2MGplUWg3QUUzQ3NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2argMA0G
CSqGSIb3DQEBCwUAA4IBAQAu2U0DzvpoZo1wFUgDLBwtzN4UjdIzOWgD6vSeNUhT
0otOb1kB9FosnhVT99ZqVcTUjdY324is88U87ADlAO9+foHtAEnVKPt48NuQU8BO
UGndV+PkOjWwNBpwzsCnMKXvEHFbOdPaYjeVNu2QpWkVhgZgmSrhKuHD2rQeK+4K
tWHaEvpnEDEuaAdwXeDDl5/Fx8cUHl0jE0xC+/HYcVLvRBBNuDWjzt/jSJaByEUG
cy4rus63PFf/hv12knXFtOxc9lLnJMowdIdZ/b1cXSLdp4Z5QxVGCdlnujNG566M
mJtu306RCug7OZCLWJ843BcQPR6ZOxdTU+55AUuE11xr
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:29 2025 by rpki-client