Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/hrJ9G8LdPfpuv4HEnlrj0UM1FZI.roa
File: hrJ9G8LdPfpuv4HEnlrj0UM1FZI.roa (raw, json)
Hash identifier: Ap/wGOk300z33ESWLkwykljx6YcmZDQ+kuaPYGOBuOE=
Subject key identifier: 86:B2:7D:1B:C2:DD:3D:FA:6E:BF:81:C4:9E:5A:E3:D1:43:35:15:92
Certificate issuer: /CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
Certificate serial: 019423D76BC656903324B5EA01025C9FF11A
Authority key identifier: E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/hrJ9G8LdPfpuv4HEnlrj0UM1FZI.roa
Signing time: Wed 01 Jan 2025 21:48:27 +0000
ROA not before: Wed 01 Jan 2025 21:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212570
IP address blocks: 2.58.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:6b:c6:56:90:33:24:b5:ea:01:02:5c:9f:f1:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
Validity
Not Before: Jan 1 21:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86b27d1bc2dd3dfa6ebf81c49e5ae3d143351592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6e:cc:a7:bc:4a:f9:5e:23:08:8a:32:36:4e:
62:29:7a:5f:73:d4:8a:69:7f:36:b0:b0:0f:33:f2:
fb:ff:d6:d9:4a:78:67:35:e6:ea:ea:d5:dc:d0:59:
ef:f2:77:21:8c:b5:41:d0:0c:bd:ed:41:29:92:b6:
e9:2d:71:4e:09:ae:e0:01:a8:0b:f1:2b:c0:49:64:
9a:fd:b5:a0:af:d0:e4:04:8f:34:e8:b5:89:7f:10:
a0:d7:8a:a3:ce:97:20:18:7e:58:4c:b0:d0:90:9f:
ea:09:61:4f:bd:e6:a4:8b:8a:cb:68:0f:7e:ab:14:
eb:e2:e6:92:6f:85:66:1a:51:44:5c:39:46:0c:c2:
c7:5e:43:ff:8f:41:fa:17:80:ef:d1:d9:1b:00:81:
8c:f2:cb:63:9d:69:4c:96:be:7f:03:29:9e:15:dd:
a5:bf:f1:7d:3f:ee:d1:4b:b4:6f:ae:cc:7d:24:ed:
b8:8f:5f:9c:72:f3:d1:f2:f8:fc:66:05:00:0f:13:
76:29:af:c5:0d:5b:85:ff:47:9c:1a:96:8c:e9:41:
f9:dd:0a:5d:a1:36:19:1e:84:c3:c1:84:5f:2d:8a:
16:32:07:be:0d:2f:f0:24:f2:87:1f:bb:33:26:59:
09:65:57:6f:d0:24:47:b5:49:3e:62:b3:8e:19:21:
40:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B2:7D:1B:C2:DD:3D:FA:6E:BF:81:C4:9E:5A:E3:D1:43:35:15:92
X509v3 Authority Key Identifier:
keyid:E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/hrJ9G8LdPfpuv4HEnlrj0UM1FZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/5L6O_sH7A9ivl5rxy6E6CEWnsLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.217.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:56:f6:27:7a:40:95:1f:f6:76:3d:87:35:87:e5:19:ff:a1:
74:6e:88:f3:f6:f3:35:ad:d7:2d:e4:f8:e7:e9:e8:35:a8:aa:
08:09:3d:b1:8b:aa:eb:81:34:f4:1f:f4:7c:94:c9:b1:2e:b6:
6d:67:c9:b7:2a:73:7a:e5:d3:56:44:7e:ac:17:10:33:ac:6e:
7a:65:f7:84:ba:b4:74:1d:ca:71:40:3f:99:59:77:86:dd:4a:
8a:f9:78:b4:45:f1:62:3f:93:44:5b:fc:eb:f8:2d:12:51:c8:
d9:2b:47:9d:c0:cf:50:c4:9c:76:53:b7:07:62:89:aa:24:ce:
f1:a2:cb:89:f4:61:a7:ce:9f:b5:20:02:03:1d:e0:4e:0a:4c:
b1:9d:26:b8:b9:af:38:b3:96:25:a7:57:07:d7:b8:b5:c0:cb:
59:d0:cf:d9:d5:d6:a8:d9:59:cb:df:cf:d6:05:68:9e:45:f7:
be:4f:57:f0:d3:c5:bd:b1:a6:70:25:1c:61:e5:ed:f1:56:53:
ef:e8:8c:7f:68:99:8a:5f:75:2a:0b:66:1e:65:e4:90:84:f9:
94:35:45:d8:9b:37:76:e4:92:e9:af:f3:6b:c8:21:4b:4d:c8:
0e:14:d1:52:8b:b6:56:a1:a4:4e:9d:0e:6c:94:0a:04:0a:0e:
ed:30:cb:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj12vGVpAzJLXqAQJcn/EaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YmU4ZWZlYzFmYjAzZDhhZjk3OWFmMWNiYTEzYTA4NDVh
N2IwYmEwHhcNMjUwMTAxMjE0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmIyN2QxYmMyZGQzZGZhNmViZjgxYzQ5ZTVhZTNkMTQzMzUxNTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm7Mp7xK+V4jCIoyNk5iKXpfc9SK
aX82sLAPM/L7/9bZSnhnNebq6tXc0Fnv8nchjLVB0Ay97UEpkrbpLXFOCa7gAagL
8SvASWSa/bWgr9DkBI806LWJfxCg14qjzpcgGH5YTLDQkJ/qCWFPveaki4rLaA9+
qxTr4uaSb4VmGlFEXDlGDMLHXkP/j0H6F4Dv0dkbAIGM8stjnWlMlr5/AymeFd2l
v/F9P+7RS7Rvrsx9JO24j1+ccvPR8vj8ZgUADxN2Ka/FDVuF/0ecGpaM6UH53Qpd
oTYZHoTDwYRfLYoWMge+DS/wJPKHH7szJlkJZVdv0CRHtUk+YrOOGSFAcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIayfRvC3T36br+BxJ5a49FDNRWSMB8GA1UdIwQY
MBaAFOS+jv7B+wPYr5ea8cuhOghFp7C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUt
ZGZiZmEzZmNmMDIxLzEvaHJKOUc4TGRQZnB1djRIRW5scmowVU0xRlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUtZGZiZmEzZmNmMDIx
LzEvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjrZMA0G
CSqGSIb3DQEBCwUAA4IBAQBrVvYnekCVH/Z2PYc1h+UZ/6F0bojz9vM1rdct5Pjn
6eg1qKoICT2xi6rrgTT0H/R8lMmxLrZtZ8m3KnN65dNWRH6sFxAzrG56ZfeEurR0
HcpxQD+ZWXeG3UqK+Xi0RfFiP5NEW/zr+C0SUcjZK0edwM9QxJx2U7cHYomqJM7x
osuJ9GGnzp+1IAIDHeBOCkyxnSa4ua84s5Ylp1cH17i1wMtZ0M/Z1dao2VnL38/W
BWieRfe+T1fw08W9saZwJRxh5e3xVlPv6Ix/aJmKX3UqC2YeZeSQhPmUNUXYmzd2
5JLpr/NryCFLTcgOFNFSi7ZWoaROnQ5slAoECg7tMMvw
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:29 2025 by rpki-client on console.sobornost.net