Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a6ef94-6fa7-4af8-aeec-c97449bebadf/1/ODs2HVLffjTFZ-HUwWeKuSWUhw8.roa
File: ODs2HVLffjTFZ-HUwWeKuSWUhw8.roa (raw, json)
Hash identifier: QgRipPeC2S3udoDR7o2EggBgBn3DJA75EKpNF0jDAEg=
Subject key identifier: 38:3B:36:1D:52:DF:7E:34:C5:67:E1:D4:C1:67:8A:B9:25:94:87:0F
Certificate issuer: /CN=45c1607381e1c92d7531af73a07f0b9f038c23a2
Certificate serial: 040E8623
Authority key identifier: 45:C1:60:73:81:E1:C9:2D:75:31:AF:73:A0:7F:0B:9F:03:8C:23:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RcFgc4HhyS11Ma9zoH8LnwOMI6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a6ef94-6fa7-4af8-aeec-c97449bebadf/1/ODs2HVLffjTFZ-HUwWeKuSWUhw8.roa
Signing time: Sat 01 Jan 2022 04:02:13 +0000
ROA not before: Sat 01 Jan 2022 04:02:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 217.20.252.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68060707 (0x40e8623)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45c1607381e1c92d7531af73a07f0b9f038c23a2
Validity
Not Before: Jan 1 04:02:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=383b361d52df7e34c567e1d4c1678ab92594870f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c6:5e:47:7d:62:f8:a0:8f:e8:02:33:e4:9c:
8b:94:5d:1c:bf:39:e1:96:5b:60:8c:22:95:af:58:
8c:f1:2f:64:62:49:29:71:dd:6e:a4:66:88:cd:43:
16:2f:9f:e1:00:6d:72:c7:50:09:b6:cc:fe:3e:d0:
86:77:e8:3a:2f:9d:b1:ea:9e:42:24:2a:33:43:65:
48:d1:c9:89:c7:c7:4e:a9:86:88:5f:ae:e5:54:a3:
68:90:ca:e7:4a:70:b3:bc:97:15:bc:d8:ed:02:e6:
cd:19:75:83:5d:fb:99:d5:8c:96:85:f0:a8:73:1f:
fb:d2:a8:3d:49:07:2f:c1:fe:20:c4:35:99:49:0e:
59:3e:bd:c5:7b:4c:96:e1:46:3d:e6:78:96:e9:ad:
85:e7:bc:7f:22:27:0f:fa:1e:0d:b2:8f:91:11:c0:
52:87:b3:4d:10:f4:9b:c3:42:79:ef:5b:f9:35:28:
7d:31:5b:49:48:a0:2a:16:f7:53:50:58:71:d9:0c:
38:3f:2f:2f:bf:24:30:26:8e:2a:36:ff:2d:fd:72:
a6:f9:10:11:c1:11:7f:53:1c:7e:d1:e3:c4:6f:67:
2d:49:f5:63:48:c7:5b:25:55:8e:93:84:85:2b:12:
d1:21:1e:51:fc:2a:34:ca:e6:bc:8a:f0:e0:a7:73:
5f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:3B:36:1D:52:DF:7E:34:C5:67:E1:D4:C1:67:8A:B9:25:94:87:0F
X509v3 Authority Key Identifier:
keyid:45:C1:60:73:81:E1:C9:2D:75:31:AF:73:A0:7F:0B:9F:03:8C:23:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RcFgc4HhyS11Ma9zoH8LnwOMI6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a6ef94-6fa7-4af8-aeec-c97449bebadf/1/ODs2HVLffjTFZ-HUwWeKuSWUhw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a6ef94-6fa7-4af8-aeec-c97449bebadf/1/RcFgc4HhyS11Ma9zoH8LnwOMI6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.20.252.0/22
Signature Algorithm: sha256WithRSAEncryption
63:eb:b8:86:34:b7:c2:30:90:2f:b2:32:7b:3a:7b:0d:61:91:
67:4f:14:c3:95:b0:6a:39:4d:85:c6:cc:d2:3b:f8:12:c4:c2:
f0:94:f0:ee:3b:91:65:4d:47:94:8c:46:f4:62:12:06:ee:44:
42:9d:47:d3:5a:b0:ce:b2:a9:45:70:03:b2:10:cb:ac:5b:14:
d6:f1:0a:ed:c1:b7:d2:2d:b7:f7:2b:98:07:88:c6:ea:ee:fe:
9a:fb:d6:36:60:52:08:c0:18:b1:b1:c5:82:ae:7a:c8:b3:1b:
0d:33:1c:9a:c1:99:bf:ca:db:5f:4c:5f:ee:79:96:2b:a2:51:
c6:b6:61:dc:d3:18:95:04:3c:1e:ca:53:a3:b3:01:c6:46:1f:
09:79:39:7e:cf:9b:1c:f0:39:f0:2d:6c:7e:67:1a:42:4c:4f:
6d:ef:e7:82:d5:8f:79:46:4f:71:c6:db:3b:ac:59:61:f2:1a:
c0:09:72:d4:61:52:08:95:77:fd:a3:76:ec:10:db:74:ba:aa:
46:fb:b7:de:51:d9:13:5c:8d:3f:b9:19:c7:98:41:f3:48:31:
40:7f:7b:d1:07:56:2e:15:a3:38:9f:05:fc:e2:4c:37:58:8c:
5c:e9:20:87:b9:81:0e:c2:11:66:d1:8d:52:49:c6:de:58:d9:
69:49:af:cd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBA6GIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NWMxNjA3MzgxZTFjOTJkNzUzMWFmNzNhMDdmMGI5ZjAzOGMyM2EyMB4XDTIyMDEw
MTA0MDIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzgzYjM2MWQ1MmRm
N2UzNGM1NjdlMWQ0YzE2NzhhYjkyNTk0ODcwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI/GXkd9Yvigj+gCM+Sci5RdHL854ZZbYIwila9YjPEvZGJJ
KXHdbqRmiM1DFi+f4QBtcsdQCbbM/j7QhnfoOi+dseqeQiQqM0NlSNHJicfHTqmG
iF+u5VSjaJDK50pws7yXFbzY7QLmzRl1g137mdWMloXwqHMf+9KoPUkHL8H+IMQ1
mUkOWT69xXtMluFGPeZ4lumthee8fyInD/oeDbKPkRHAUoezTRD0m8NCee9b+TUo
fTFbSUigKhb3U1BYcdkMOD8vL78kMCaOKjb/Lf1ypvkQEcERf1McftHjxG9nLUn1
Y0jHWyVVjpOEhSsS0SEeUfwqNMrmvIrw4KdzXzsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4OzYdUt9+NMVn4dTBZ4q5JZSHDzAfBgNVHSMEGDAWgBRFwWBzgeHJLXUx
r3OgfwufA4wjojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JjRmdjNEhoeVMxMU1hOXpvSDhMbndPTUk2SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTZlZjk0LTZmYTctNGFmOC1hZWVjLWM5NzQ0OWJlYmFkZi8x
L09EczJIVkxmZmpURlotSFV3V2VLdVNXVWh3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTZlZjk0LTZmYTctNGFmOC1hZWVjLWM5NzQ0OWJlYmFkZi8xL1JjRmdjNEhoeVMx
MU1hOXpvSDhMbndPTUk2SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtkU/DANBgkqhkiG9w0BAQsFAAOC
AQEAY+u4hjS3wjCQL7Iyezp7DWGRZ08Uw5WwajlNhcbM0jv4EsTC8JTw7juRZU1H
lIxG9GISBu5EQp1H01qwzrKpRXADshDLrFsU1vEK7cG30i239yuYB4jG6u7+mvvW
NmBSCMAYsbHFgq56yLMbDTMcmsGZv8rbX0xf7nmWK6JRxrZh3NMYlQQ8HspTo7MB
xkYfCXk5fs+bHPA58C1sfmcaQkxPbe/ngtWPeUZPccbbO6xZYfIawAly1GFSCJV3
/aN27BDbdLqqRvu33lHZE1yNP7kZx5hB80gxQH970QdWLhWjOJ8F/OJMN1iMXOkg
h7mBDsIRZtGNUknG3ljZaUmvzQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:36:51 2025 by rpki-client