Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/Grfbj_Ip-tkC_UOgcuNsu5LYJLA.roa
File: Grfbj_Ip-tkC_UOgcuNsu5LYJLA.roa (raw, json)
Hash identifier: 34NZcsQxUlkmXZ4fp9iiiisWwtkgTqgG9pSr6DGre7s=
Subject key identifier: 1A:B7:DB:8F:F2:29:FA:D9:02:FD:43:A0:72:E3:6C:BB:92:D8:24:B0
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 0194266B66F62702F38A94CFD82647EF6FFB
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/Grfbj_Ip-tkC_UOgcuNsu5LYJLA.roa
Signing time: Thu 02 Jan 2025 09:49:20 +0000
ROA not before: Thu 02 Jan 2025 09:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34093
IP address blocks: 217.197.144.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:66:f6:27:02:f3:8a:94:cf:d8:26:47:ef:6f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Jan 2 09:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ab7db8ff229fad902fd43a072e36cbb92d824b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8d:7f:03:2b:12:c9:b4:59:8f:e5:b7:6d:8b:
87:b1:88:00:c8:88:02:19:65:77:ec:e0:66:8d:e4:
32:42:5e:80:63:bf:f3:ec:59:4c:ea:25:d4:7a:2c:
e8:ee:8b:3f:c6:77:c5:5f:15:ee:19:5d:2c:09:c3:
da:a7:32:27:b8:c3:46:dc:8c:ea:4b:ee:b8:81:9b:
33:8a:b4:5d:df:ee:6f:92:89:10:71:a7:aa:a9:a5:
b0:c1:39:b4:6e:a5:45:c8:79:4a:99:b8:22:63:65:
f0:22:47:07:96:70:bc:d2:dd:df:ea:d1:d5:d8:1b:
68:f7:93:db:03:55:c1:f4:72:7f:1b:f1:dd:b2:2e:
20:a8:e3:65:c6:46:56:62:d2:94:11:5a:83:63:61:
c9:1c:d8:45:aa:cb:ea:fe:d4:ba:ed:99:cb:08:88:
97:f5:b7:af:7a:56:29:4a:cd:bc:fb:44:f6:27:39:
26:d6:82:6d:0f:96:53:69:3e:e5:a4:5c:f5:a8:70:
9f:bf:6f:c8:2e:c9:89:fb:40:ee:f9:c9:1f:ad:af:
9a:af:02:40:51:14:56:38:8b:d1:ee:20:2f:64:64:
a9:9b:45:e9:bb:cb:03:5a:40:ba:e0:6a:d7:57:d0:
f2:15:39:98:9a:f6:c9:f1:a8:ee:e6:59:e6:e6:80:
13:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B7:DB:8F:F2:29:FA:D9:02:FD:43:A0:72:E3:6C:BB:92:D8:24:B0
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/Grfbj_Ip-tkC_UOgcuNsu5LYJLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.144.0/20
Signature Algorithm: sha256WithRSAEncryption
10:e6:f6:2d:aa:ac:b3:64:5c:b1:a9:2c:09:b2:97:26:4f:ad:
2f:9b:08:36:1e:30:89:d1:4b:2e:b7:9c:a3:39:fe:69:c4:c3:
0f:1e:c4:04:54:de:69:5d:bb:92:0c:64:a8:e9:63:79:aa:91:
b8:1f:c8:af:08:64:c5:07:97:37:02:8d:bd:7a:6b:1d:58:ad:
49:23:86:9b:10:4d:5f:ff:d2:6a:55:13:21:29:32:26:18:57:
14:3c:aa:b2:23:e4:4c:d6:5c:e7:7c:20:3c:ef:f6:49:31:9f:
c9:18:bc:dc:d5:73:97:36:72:fb:a1:7e:58:b2:86:3b:c1:92:
ea:fd:5e:cd:6f:a5:3d:d9:b4:8d:d2:43:cd:30:f4:44:72:f8:
b9:b2:d5:64:cd:99:02:8b:66:38:97:fb:bc:a2:2d:f6:03:79:
b8:35:95:49:36:94:49:5d:81:ad:8b:05:86:44:53:d7:ac:b4:
18:37:9d:b8:0e:c4:df:16:d6:d9:01:40:0c:98:db:b9:76:ec:
83:f2:5d:74:27:bb:75:7f:57:86:29:8d:37:37:f9:12:e7:66:
83:2b:a6:50:44:5b:2f:cd:46:29:98:ba:a1:36:11:86:46:f6:
4c:a0:84:6b:27:32:ac:6d:10:51:3d:0a:99:0a:bc:12:5d:df:
7c:5f:25:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma2b2JwLzipTP2CZH72/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjUwMTAyMDk0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWI3ZGI4ZmYyMjlmYWQ5MDJmZDQzYTA3MmUzNmNiYjkyZDgyNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Y1/AysSybRZj+W3bYuHsYgAyIgC
GWV37OBmjeQyQl6AY7/z7FlM6iXUeizo7os/xnfFXxXuGV0sCcPapzInuMNG3Izq
S+64gZszirRd3+5vkokQcaeqqaWwwTm0bqVFyHlKmbgiY2XwIkcHlnC80t3f6tHV
2Bto95PbA1XB9HJ/G/Hdsi4gqONlxkZWYtKUEVqDY2HJHNhFqsvq/tS67ZnLCIiX
9bevelYpSs28+0T2Jzkm1oJtD5ZTaT7lpFz1qHCfv2/ILsmJ+0Du+ckfra+arwJA
URRWOIvR7iAvZGSpm0Xpu8sDWkC64GrXV9DyFTmYmvbJ8aju5lnm5oAT8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBq324/yKfrZAv1DoHLjbLuS2CSwMB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvR3JmYmpfSXAtdGtDX1VPZ2N1TnN1NUxZSkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAtYzI5YjQ0ZGU1M2E4
LzEvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2cWQMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ5vYtqqyzZFyxqSwJspcmT60vmwg2HjCJ0Usut5yj
Of5pxMMPHsQEVN5pXbuSDGSo6WN5qpG4H8ivCGTFB5c3Ao29emsdWK1JI4abEE1f
/9JqVRMhKTImGFcUPKqyI+RM1lznfCA87/ZJMZ/JGLzc1XOXNnL7oX5YsoY7wZLq
/V7Nb6U92bSN0kPNMPREcvi5stVkzZkCi2Y4l/u8oi32A3m4NZVJNpRJXYGtiwWG
RFPXrLQYN524DsTfFtbZAUAMmNu5duyD8l10J7t1f1eGKY03N/kS52aDK6ZQRFsv
zUYpmLqhNhGGRvZMoIRrJzKsbRBRPQqZCrwSXd98XyUd
-----END CERTIFICATE-----
Generated at Thu Jan 23 19:13:09 2025 by rpki-client on console.sobornost.net