Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/amXihoIti_1rSNyGXmBzzCK307E.roa
File: amXihoIti_1rSNyGXmBzzCK307E.roa (raw, json)
Hash identifier: nLmxvSWML2dah+dCWe4SPAyANy3yKBIMLrJwHa4DIEM=
Subject key identifier: 6A:65:E2:86:82:2D:8B:FD:6B:48:DC:86:5E:60:73:CC:22:B7:D3:B1
Certificate issuer: /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial: 019427B5B903CF443B2284FC9A4AF1A1E28F
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/amXihoIti_1rSNyGXmBzzCK307E.roa
Signing time: Thu 02 Jan 2025 15:50:08 +0000
ROA not before: Thu 02 Jan 2025 15:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 85.115.38.0/24 maxlen: 24
157.167.134.0/24 maxlen: 24
157.167.135.0/24 maxlen: 24
157.167.136.0/21 maxlen: 21
157.167.144.0/21 maxlen: 21
157.167.152.0/24 maxlen: 24
157.167.153.0/24 maxlen: 24
157.167.155.0/24 maxlen: 24
157.167.156.0/24 maxlen: 24
157.167.184.0/21 maxlen: 21
157.167.224.0/24 maxlen: 24
157.167.225.0/24 maxlen: 24
157.167.226.0/24 maxlen: 24
157.167.227.0/24 maxlen: 24
157.167.228.0/24 maxlen: 24
157.167.229.0/24 maxlen: 24
157.167.230.0/24 maxlen: 24
157.167.231.0/24 maxlen: 24
157.167.232.0/24 maxlen: 24
157.167.233.0/24 maxlen: 24
157.167.234.0/24 maxlen: 24
157.167.235.0/24 maxlen: 24
157.167.236.0/24 maxlen: 24
157.167.237.0/24 maxlen: 24
157.167.238.0/24 maxlen: 24
157.167.239.0/24 maxlen: 24
157.167.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:b9:03:cf:44:3b:22:84:fc:9a:4a:f1:a1:e2:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Validity
Not Before: Jan 2 15:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a65e286822d8bfd6b48dc865e6073cc22b7d3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8a:73:9a:e4:5d:8b:70:24:98:4d:2a:77:e2:
72:87:1d:de:62:d0:91:f8:7f:b3:3f:9a:1e:10:26:
17:bf:fc:ca:59:36:99:d6:a9:2e:ae:61:63:b0:39:
8c:54:a8:bc:7d:6b:c7:bb:8d:49:e6:8d:f9:96:bf:
7d:81:75:a9:94:fe:ff:13:1b:5d:23:75:b9:1d:98:
4b:83:49:a2:3f:8b:25:93:e5:d8:86:a3:c1:d7:48:
ee:49:a5:60:28:4f:18:f1:14:6f:e7:36:e5:ff:77:
ae:f9:a4:5c:da:35:96:27:86:a2:4c:c1:f9:5d:54:
11:71:d8:6a:0e:8f:15:99:3d:85:b6:8d:fd:e8:08:
61:62:05:18:c3:fa:e2:87:40:a8:45:e5:84:93:11:
6c:e2:1f:40:91:9e:91:d8:45:48:db:83:22:91:1c:
1a:36:9e:ca:5d:6e:d6:24:64:80:59:7d:52:f9:c7:
55:4a:b3:26:eb:e6:f1:ae:6c:86:a5:29:7f:95:1b:
8c:29:eb:93:d1:d3:b1:60:b2:ec:af:30:da:e8:98:
f5:63:1f:33:01:77:c8:41:91:eb:59:67:04:cd:c8:
96:44:5e:98:db:52:27:d6:28:57:a9:98:2b:4e:9c:
3c:bc:5d:48:cd:13:82:a7:8a:ac:74:e4:91:02:e8:
68:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:65:E2:86:82:2D:8B:FD:6B:48:DC:86:5E:60:73:CC:22:B7:D3:B1
X509v3 Authority Key Identifier:
keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/amXihoIti_1rSNyGXmBzzCK307E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.38.0/24
157.167.134.0-157.167.153.255
157.167.155.0-157.167.156.255
157.167.184.0/21
157.167.224.0-157.167.240.255
Signature Algorithm: sha256WithRSAEncryption
49:bc:4b:87:db:3d:68:61:68:9a:77:9e:19:c3:98:c5:34:cc:
b9:13:98:ef:9d:58:91:c4:9e:20:63:1d:74:5e:8e:59:b8:3e:
16:4c:61:d8:3a:1b:3f:c6:7b:f3:57:c0:cd:5b:a5:aa:d9:cf:
fa:eb:c0:83:e6:22:c2:68:e4:64:88:f7:63:73:5d:22:eb:d2:
46:67:d2:bf:92:90:68:b8:d7:d0:ef:8c:c5:33:ec:9c:2d:52:
b4:fe:b5:62:6b:4a:34:6f:96:bd:b5:97:1d:5d:dc:5a:be:c8:
71:ae:2f:68:1d:8e:9e:68:f4:42:eb:bc:33:37:e6:93:5b:a0:
bf:2f:72:bd:b8:53:22:af:23:60:01:f7:8c:2d:00:6a:69:00:
11:88:30:20:c6:df:10:16:08:36:75:9e:65:10:e4:41:c0:03:
b0:9c:81:80:c6:66:c6:8c:ac:18:47:77:a0:76:43:dd:b8:e3:
3d:74:94:65:4b:ee:08:80:1b:55:79:df:1f:26:7e:dc:3c:35:
f8:11:11:fb:03:71:f0:8c:72:07:f0:87:43:a5:14:c2:3b:68:
29:f2:71:10:c0:3d:e5:66:db:1d:0e:de:62:b8:00:8f:64:a2:
dc:71:fc:23:ae:1d:52:2d:bf:24:8b:49:47:d3:ed:0b:18:62:
cb:47:80:a8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQntbkDz0Q7IoT8mkrxoeKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjUwMTAyMTU1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTY1ZTI4NjgyMmQ4YmZkNmI0OGRjODY1ZTYwNzNjYzIyYjdkM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1opzmuRdi3AkmE0qd+Jyhx3eYtCR
+H+zP5oeECYXv/zKWTaZ1qkurmFjsDmMVKi8fWvHu41J5o35lr99gXWplP7/Extd
I3W5HZhLg0miP4slk+XYhqPB10juSaVgKE8Y8RRv5zbl/3eu+aRc2jWWJ4aiTMH5
XVQRcdhqDo8VmT2Fto396AhhYgUYw/rih0CoReWEkxFs4h9AkZ6R2EVI24MikRwa
Np7KXW7WJGSAWX1S+cdVSrMm6+bxrmyGpSl/lRuMKeuT0dOxYLLsrzDa6Jj1Yx8z
AXfIQZHrWWcEzciWRF6Y21In1ihXqZgrTpw8vF1IzROCp4qsdOSRAuhoPQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGpl4oaCLYv9a0jchl5gc8wit9OxMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvYW1YaWhvSXRpXzFyU055R1htQnp6Q0szMDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVXMmMAwD
BAGdp4YDBAGdp5gwDAMEAJ2nmwMEAJ2nnAMEA52nuDAMAwQFnafgAwQAnafwMA0G
CSqGSIb3DQEBCwUAA4IBAQBJvEuH2z1oYWiad54Zw5jFNMy5E5jvnViRxJ4gYx10
Xo5ZuD4WTGHYOhs/xnvzV8DNW6Wq2c/668CD5iLCaORkiPdjc10i69JGZ9K/kpBo
uNfQ74zFM+ycLVK0/rVia0o0b5a9tZcdXdxavshxri9oHY6eaPRC67wzN+aTW6C/
L3K9uFMiryNgAfeMLQBqaQARiDAgxt8QFgg2dZ5lEORBwAOwnIGAxmbGjKwYR3eg
dkPduOM9dJRlS+4IgBtVed8fJn7cPDX4ERH7A3HwjHIH8IdDpRTCO2gp8nEQwD3l
ZtsdDt5iuACPZKLccfwjrh1SLb8ki0lH0+0LGGLLR4Co
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:41:20 2025 by rpki-client