Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/aXdnGGz3CPaV_rKPqf9fjNSKmDo.roa
File: aXdnGGz3CPaV_rKPqf9fjNSKmDo.roa (raw, json)
Hash identifier: UTlrXGl5jgNE0Irz2TFDSpnT/vxgCRnu1l21qC0IzZo=
Subject key identifier: 69:77:67:18:6C:F7:08:F6:95:FE:B2:8F:A9:FF:5F:8C:D4:8A:98:3A
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01941F8C363089FD2CF40CC7A5991C004D15
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/aXdnGGz3CPaV_rKPqf9fjNSKmDo.roa
Signing time: Wed 01 Jan 2025 01:47:50 +0000
ROA not before: Wed 01 Jan 2025 01:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199429
IP address blocks: 217.156.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:36:30:89:fd:2c:f4:0c:c7:a5:99:1c:00:4d:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 01:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=697767186cf708f695feb28fa9ff5f8cd48a983a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:93:b0:75:3f:af:cd:2e:73:da:fc:37:15:72:
d1:ae:54:88:87:54:fe:b4:9f:73:f7:b6:91:ef:de:
a6:67:01:ee:3d:0d:f5:28:a8:6c:44:2d:40:16:8b:
78:f8:bf:2c:6f:fd:45:a2:4d:fd:5b:ac:aa:22:0c:
73:52:ff:4a:10:dd:22:91:08:9b:d0:93:e7:bc:91:
26:0b:93:b3:4e:77:ea:41:99:92:5a:71:92:04:29:
09:8f:f2:c4:82:f8:5f:a3:25:4a:71:f5:b3:a7:6b:
26:d7:a3:59:c0:2f:58:b1:3a:f5:94:4b:35:60:a1:
65:29:90:d7:49:6a:c4:70:d3:42:da:20:ee:e7:9f:
57:ff:fd:19:26:af:d5:dd:11:c6:94:0f:b1:16:c8:
b9:7e:c5:59:ba:c6:fe:be:45:ef:bd:ef:19:80:85:
08:8b:1a:d9:bc:1e:0b:76:85:bb:17:7e:18:8a:dc:
4f:a2:39:ca:de:ee:ad:43:16:87:9f:56:2d:4a:9e:
55:41:d4:d3:39:fe:9b:aa:61:44:f1:dd:fe:b5:cd:
b9:a9:fa:25:68:ec:31:89:6c:e3:79:0b:fe:ec:4c:
84:de:31:06:ac:d9:11:3f:0c:fa:c6:ff:45:cd:25:
7f:0b:a6:ba:c3:15:1a:49:9b:8f:8d:23:b8:db:b1:
bd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:77:67:18:6C:F7:08:F6:95:FE:B2:8F:A9:FF:5F:8C:D4:8A:98:3A
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/aXdnGGz3CPaV_rKPqf9fjNSKmDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.156.90.0/24
Signature Algorithm: sha256WithRSAEncryption
77:44:bb:37:ed:9d:cd:4d:7f:4d:9e:7f:2f:1b:a5:94:a4:af:
b8:09:22:e8:34:8a:c5:b8:a0:c9:ff:01:4f:96:7c:f2:89:a7:
77:3d:da:59:08:8b:3d:17:a5:58:03:e5:40:c3:74:38:cd:06:
69:5e:2a:a0:1e:a3:df:5b:6a:be:aa:49:cf:f6:28:14:0d:ba:
5d:ff:47:54:e8:7b:1f:5d:95:1f:67:10:0e:6b:55:c0:33:2c:
4b:28:2a:3d:ad:b5:33:e9:b2:07:b3:40:46:f4:e6:5e:8a:77:
1e:eb:aa:4e:6b:87:00:eb:49:a2:65:98:c6:dd:df:bc:4b:a9:
b3:37:35:81:16:6d:fd:77:30:8a:de:c4:bc:0c:ee:64:db:f1:
32:49:e0:63:c9:0e:c7:65:5a:1f:e3:a1:e6:1a:5c:42:06:3b:
5c:e6:db:05:f0:16:c8:78:3c:43:5f:c3:2b:fd:ea:77:96:09:
7b:83:d0:d7:0b:91:b9:6a:e3:72:0e:67:29:81:d9:7f:cf:f8:
f2:c0:ee:84:ad:bb:45:ec:65:3e:b7:d0:a4:ec:ae:fc:b6:33:
72:9e:93:43:c6:84:17:a1:14:2e:13:92:41:3f:66:07:50:b4:
d7:d5:a2:f8:20:04:eb:30:aa:d5:23:0d:14:83:c8:bf:e3:9b:
88:ca:ba:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjDYwif0s9AzHpZkcAE0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwMTAxMDE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc3NjcxODZjZjcwOGY2OTVmZWIyOGZhOWZmNWY4Y2Q0OGE5ODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JOwdT+vzS5z2vw3FXLRrlSIh1T+
tJ9z97aR796mZwHuPQ31KKhsRC1AFot4+L8sb/1Fok39W6yqIgxzUv9KEN0ikQib
0JPnvJEmC5OzTnfqQZmSWnGSBCkJj/LEgvhfoyVKcfWzp2sm16NZwC9YsTr1lEs1
YKFlKZDXSWrEcNNC2iDu559X//0ZJq/V3RHGlA+xFsi5fsVZusb+vkXvve8ZgIUI
ixrZvB4LdoW7F34YitxPojnK3u6tQxaHn1YtSp5VQdTTOf6bqmFE8d3+tc25qfol
aOwxiWzjeQv+7EyE3jEGrNkRPwz6xv9FzSV/C6a6wxUaSZuPjSO427G9BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGl3Zxhs9wj2lf6yj6n/X4zUipg6MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvYVhkbkdHejNDUGFWX3JLUHFmOWZqTlNLbURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZxaMA0G
CSqGSIb3DQEBCwUAA4IBAQB3RLs37Z3NTX9Nnn8vG6WUpK+4CSLoNIrFuKDJ/wFP
lnzyiad3PdpZCIs9F6VYA+VAw3Q4zQZpXiqgHqPfW2q+qknP9igUDbpd/0dU6Hsf
XZUfZxAOa1XAMyxLKCo9rbUz6bIHs0BG9OZeince66pOa4cA60miZZjG3d+8S6mz
NzWBFm39dzCK3sS8DO5k2/EySeBjyQ7HZVof46HmGlxCBjtc5tsF8BbIeDxDX8Mr
/ep3lgl7g9DXC5G5auNyDmcpgdl/z/jywO6ErbtF7GU+t9Ck7K78tjNynpNDxoQX
oRQuE5JBP2YHULTX1aL4IATrMKrVIw0Ug8i/45uIyrrF
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:02:08 2025 by rpki-client