Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/1dolubZwJcbI7oZs5B9RIAfFlXk.roa
File: 1dolubZwJcbI7oZs5B9RIAfFlXk.roa (raw, json)
Hash identifier: 30+a7Fq3SX3G+xBPuAh3rlblRrBEuUGR6mkJfk4A+jg=
Subject key identifier: D5:DA:25:B9:B6:70:25:C6:C8:EE:86:6C:E4:1F:51:20:07:C5:95:79
Certificate issuer: /CN=69a28c2f84c75e8d0388694355152dd2b731f249
Certificate serial: 019425221FF50C90351EECB7B327C7245B04
Authority key identifier: 69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/1dolubZwJcbI7oZs5B9RIAfFlXk.roa
Signing time: Thu 02 Jan 2025 03:49:40 +0000
ROA not before: Thu 02 Jan 2025 03:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41783
IP address blocks: 217.26.16.0/20 maxlen: 22
2a00:7c00::/32 maxlen: 39
2a00:7c00::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:1f:f5:0c:90:35:1e:ec:b7:b3:27:c7:24:5b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a28c2f84c75e8d0388694355152dd2b731f249
Validity
Not Before: Jan 2 03:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5da25b9b67025c6c8ee866ce41f512007c59579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d3:7f:62:e4:42:99:82:07:7a:8d:e4:17:ab:
0b:34:06:e4:f5:66:31:4f:33:de:69:12:88:6e:8a:
0e:92:7b:43:37:57:91:28:31:00:64:aa:29:f8:86:
43:cc:d5:d2:fb:d7:9a:e6:d8:51:f9:2b:13:00:07:
42:cd:70:67:95:db:b2:31:d2:75:c3:b2:f4:6b:bf:
12:b8:87:ee:5b:7b:c3:a8:f5:ac:cd:56:47:44:95:
62:01:86:9b:78:2b:b4:2e:6d:1d:61:eb:ad:4f:57:
44:09:9b:46:50:a5:08:be:f7:7a:db:85:27:81:f3:
4e:6e:b1:8f:cf:68:ec:3c:71:d2:bb:ed:1b:a7:9f:
95:15:98:df:03:8c:b8:e1:5f:51:51:40:0e:c4:df:
50:c1:0b:40:0b:48:9c:b3:55:35:83:01:91:60:82:
89:d7:18:41:8b:83:64:e9:74:29:99:7a:df:8f:c0:
5f:c7:2b:16:2b:ba:44:f4:2f:00:e9:06:59:2b:2a:
d7:9b:c5:9a:89:dc:95:35:ed:56:fc:0a:84:09:23:
c7:e5:98:ab:04:9a:60:e0:41:95:96:1f:1e:f0:b9:
4d:7d:37:f1:8b:61:e1:2d:58:38:73:f7:08:45:4f:
4c:31:cf:8f:74:82:80:aa:c2:1b:76:fa:50:da:bf:
4f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:DA:25:B9:B6:70:25:C6:C8:EE:86:6C:E4:1F:51:20:07:C5:95:79
X509v3 Authority Key Identifier:
keyid:69:A2:8C:2F:84:C7:5E:8D:03:88:69:43:55:15:2D:D2:B7:31:F2:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaKML4THXo0DiGlDVRUt0rcx8kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/1dolubZwJcbI7oZs5B9RIAfFlXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/89ff47-0b7b-4309-a8af-2cbd55f9a8ee/1/aaKML4THXo0DiGlDVRUt0rcx8kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.26.16.0/20
IPv6:
2a00:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
91:29:6b:b4:fd:c5:ae:62:1f:78:c7:17:bc:fc:0f:b9:f8:c3:
3f:91:1e:eb:55:62:22:4e:8d:f8:b2:e5:e3:10:6a:2a:4e:81:
9b:4b:ff:f0:d8:be:be:53:8a:95:94:cf:d5:a6:d0:fb:1d:7d:
59:17:e2:53:61:fb:7a:ec:71:d3:27:8c:3a:a8:59:92:ed:75:
05:20:be:8e:43:e2:d2:d7:21:08:3e:02:88:9e:77:a0:e6:83:
58:a1:2d:e4:b3:e0:fe:c1:46:91:2f:64:8d:9a:ba:6b:16:25:
24:7e:ec:0b:9b:25:0a:4a:59:de:47:79:e4:f3:e9:be:a3:1a:
62:1a:7c:3e:b0:a1:6a:53:49:3c:2d:e5:21:f3:0f:55:5d:5d:
01:12:ab:1e:d8:4e:20:92:bb:00:a2:68:85:35:4d:13:4a:05:
cb:b3:92:2b:af:1e:15:b1:23:9d:9c:e9:0e:21:96:a8:81:5a:
e9:0a:1b:50:aa:c9:fe:e3:ec:6e:d8:ae:3d:ae:57:c9:33:36:
60:0c:99:36:10:9c:a0:70:3d:df:c9:85:80:31:dc:ef:b7:0d:
90:92:bd:bf:27:b8:1f:b8:34:bf:3e:13:48:da:5e:eb:a8:a6:
3f:72:04:e2:a8:5a:01:c5:26:02:4a:d8:97:06:ea:b1:77:44:
c6:50:1b:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlIh/1DJA1Huy3syfHJFsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTI4YzJmODRjNzVlOGQwMzg4Njk0MzU1MTUyZGQyYjcz
MWYyNDkwHhcNMjUwMTAyMDM0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWRhMjViOWI2NzAyNWM2YzhlZTg2NmNlNDFmNTEyMDA3YzU5NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNN/YuRCmYIHeo3kF6sLNAbk9WYx
TzPeaRKIbooOkntDN1eRKDEAZKop+IZDzNXS+9ea5thR+SsTAAdCzXBnlduyMdJ1
w7L0a78SuIfuW3vDqPWszVZHRJViAYabeCu0Lm0dYeutT1dECZtGUKUIvvd624Un
gfNObrGPz2jsPHHSu+0bp5+VFZjfA4y44V9RUUAOxN9QwQtAC0ics1U1gwGRYIKJ
1xhBi4Nk6XQpmXrfj8BfxysWK7pE9C8A6QZZKyrXm8WaidyVNe1W/AqECSPH5Zir
BJpg4EGVlh8e8LlNfTfxi2HhLVg4c/cIRU9MMc+PdIKAqsIbdvpQ2r9P5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNXaJbm2cCXGyO6GbOQfUSAHxZV5MB8GA1UdIwQY
MBaAFGmijC+Ex16NA4hpQ1UVLdK3MfJJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYt
MmNiZDU1ZjlhOGVlLzEvMWRvbHViWndKY2JJN29aczVCOVJJQWZGbFhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84OWZmNDctMGI3Yi00MzA5LWE4YWYtMmNiZDU1ZjlhOGVl
LzEvYWFLTUw0VEhYbzBEaUdsRFZSVXQwcmN4OGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2RoQMA0E
AgACMAcDBQAqAHwAMA0GCSqGSIb3DQEBCwUAA4IBAQCRKWu0/cWuYh94xxe8/A+5
+MM/kR7rVWIiTo34suXjEGoqToGbS//w2L6+U4qVlM/VptD7HX1ZF+JTYft67HHT
J4w6qFmS7XUFIL6OQ+LS1yEIPgKInneg5oNYoS3ks+D+wUaRL2SNmrprFiUkfuwL
myUKSlneR3nk8+m+oxpiGnw+sKFqU0k8LeUh8w9VXV0BEqse2E4gkrsAomiFNU0T
SgXLs5Irrx4VsSOdnOkOIZaogVrpChtQqsn+4+xu2K49rlfJMzZgDJk2EJygcD3f
yYWAMdzvtw2Qkr2/J7gfuDS/PhNI2l7rqKY/cgTiqFoBxSYCStiXBuqxd0TGUBta
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:12:54 2025 by rpki-client on console.sobornost.net