Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/12f56c-be48-4152-8182-1591ea07d4d9/1/rOnRX0BWglyVdGwFT0JEEkRLrac.roa
File: rOnRX0BWglyVdGwFT0JEEkRLrac.roa (raw, json)
Hash identifier: IJWIIlxS2zvvtvxxqi+4SsIYHHUfpDAW/sL3xWX4oIk=
Subject key identifier: AC:E9:D1:5F:40:56:82:5C:95:74:6C:05:4F:42:44:12:44:4B:AD:A7
Certificate issuer: /CN=a158fb060437efb97f4c03dffb7517169f2049c4
Certificate serial: 0189654AC2596D6C7CBDBFF887707E7C527F
Authority key identifier: A1:58:FB:06:04:37:EF:B9:7F:4C:03:DF:FB:75:17:16:9F:20:49:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oVj7BgQ377l_TAPf-3UXFp8gScQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/12f56c-be48-4152-8182-1591ea07d4d9/1/rOnRX0BWglyVdGwFT0JEEkRLrac.roa
Signing time: Mon 17 Jul 2023 19:19:04 +0000
ROA not before: Mon 17 Jul 2023 19:19:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 176.116.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:65:4a:c2:59:6d:6c:7c:bd:bf:f8:87:70:7e:7c:52:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a158fb060437efb97f4c03dffb7517169f2049c4
Validity
Not Before: Jul 17 19:19:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ace9d15f4056825c95746c054f424412444bada7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:77:53:62:88:87:e3:3c:63:34:7b:94:7e:d8:
25:a6:40:01:41:c5:44:82:ae:b2:a8:99:d7:fa:56:
e9:8a:2c:c6:09:01:61:ff:f4:67:10:aa:27:3d:00:
a3:56:3f:c1:28:17:c5:29:35:67:21:af:47:e6:c7:
27:68:20:d2:f9:52:f3:22:04:df:b9:ba:4a:d2:d9:
5d:87:0d:09:1c:31:bf:0d:10:ef:f7:f3:9c:b5:04:
fb:a5:b7:bf:14:08:98:65:32:5c:d8:af:cb:c4:bb:
48:ab:5a:90:89:d8:f7:4e:66:84:34:7e:ca:81:8b:
6e:33:af:ae:db:5b:f0:71:d8:15:66:a8:dc:2d:90:
69:6c:da:e5:85:56:d2:9f:f2:46:c9:42:22:71:b4:
97:c3:04:7b:de:b6:e5:e7:4a:fc:86:89:bb:8f:31:
bd:9d:e8:c6:ff:42:04:2e:72:e4:92:9d:70:56:dc:
b7:63:b9:c7:69:21:c4:81:c1:ac:a2:9c:4e:36:0e:
94:da:8c:dc:6a:84:b3:91:e7:5b:ec:a0:75:e5:e2:
0f:8e:40:2d:c7:6a:0b:45:67:aa:b0:7c:9a:cd:dd:
6e:df:5e:a8:07:c2:d8:5d:23:b3:4e:d0:95:46:73:
e1:72:5a:b4:01:ee:92:a1:b6:51:6c:f0:22:38:f3:
88:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E9:D1:5F:40:56:82:5C:95:74:6C:05:4F:42:44:12:44:4B:AD:A7
X509v3 Authority Key Identifier:
keyid:A1:58:FB:06:04:37:EF:B9:7F:4C:03:DF:FB:75:17:16:9F:20:49:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVj7BgQ377l_TAPf-3UXFp8gScQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/12f56c-be48-4152-8182-1591ea07d4d9/1/rOnRX0BWglyVdGwFT0JEEkRLrac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/12f56c-be48-4152-8182-1591ea07d4d9/1/oVj7BgQ377l_TAPf-3UXFp8gScQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.17.0/24
Signature Algorithm: sha256WithRSAEncryption
09:3d:e7:6d:f4:c0:f0:ad:24:a7:40:1d:82:3a:95:4f:50:d5:
cd:df:5a:24:58:57:a2:a0:04:4d:74:fd:c9:a5:99:47:72:c2:
16:e2:7a:fb:35:ae:9f:ad:94:2f:08:ae:b4:20:14:b7:42:ee:
9b:82:27:1f:77:03:9a:c0:26:69:c0:c4:23:78:4d:eb:af:eb:
f7:81:0a:f1:33:55:5c:4d:ba:b3:9e:13:26:02:58:0b:bc:b9:
28:7d:0c:c0:e0:6c:cb:8a:00:4a:b1:25:63:a2:fa:69:ba:71:
a0:19:eb:9e:60:58:5b:e7:9a:97:a3:2d:00:6e:a9:3f:04:36:
6e:a5:93:6d:bd:ba:f7:0b:46:ed:71:3d:26:f9:63:c9:64:08:
25:00:67:21:71:45:74:ce:8b:05:fd:82:af:94:a1:7b:7b:72:
d6:a6:78:c7:34:fd:17:f1:bb:45:23:72:fc:74:5d:22:cc:6b:
1b:8d:85:3a:05:99:25:ee:c5:ee:ca:b7:ff:6b:04:04:0b:f5:
33:bb:d1:53:27:d1:12:12:01:79:ac:a3:e7:3f:6e:16:2a:26:
8a:5e:e2:10:b3:62:b9:36:fb:e6:9c:7d:63:46:96:c8:7d:2b:
7d:1b:d1:d8:ce:21:b7:e5:50:ee:97:e8:9d:6c:54:bc:04:05:
af:13:3c:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYllSsJZbWx8vb/4h3B+fFJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNThmYjA2MDQzN2VmYjk3ZjRjMDNkZmZiNzUxNzE2OWYy
MDQ5YzQwHhcNMjMwNzE3MTkxOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2U5ZDE1ZjQwNTY4MjVjOTU3NDZjMDU0ZjQyNDQxMjQ0NGJhZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXdTYoiH4zxjNHuUftglpkABQcVE
gq6yqJnX+lbpiizGCQFh//RnEKonPQCjVj/BKBfFKTVnIa9H5scnaCDS+VLzIgTf
ubpK0tldhw0JHDG/DRDv9/OctQT7pbe/FAiYZTJc2K/LxLtIq1qQidj3TmaENH7K
gYtuM6+u21vwcdgVZqjcLZBpbNrlhVbSn/JGyUIicbSXwwR73rbl50r8hom7jzG9
nejG/0IELnLkkp1wVty3Y7nHaSHEgcGsopxONg6U2ozcaoSzkedb7KB15eIPjkAt
x2oLRWeqsHyazd1u316oB8LYXSOzTtCVRnPhclq0Ae6SobZRbPAiOPOIkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKzp0V9AVoJclXRsBU9CRBJES62nMB8GA1UdIwQY
MBaAFKFY+wYEN++5f0wD3/t1FxafIEnEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZqN0JnUTM3N2xfVEFQZi0zVVhGcDhnU2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8xMmY1NmMtYmU0OC00MTUyLTgxODIt
MTU5MWVhMDdkNGQ5LzEvck9uUlgwQldnbHlWZEd3RlQwSkVFa1JMcmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8xMmY1NmMtYmU0OC00MTUyLTgxODItMTU5MWVhMDdkNGQ5
LzEvb1ZqN0JnUTM3N2xfVEFQZi0zVVhGcDhnU2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHQRMA0G
CSqGSIb3DQEBCwUAA4IBAQAJPedt9MDwrSSnQB2COpVPUNXN31okWFeioARNdP3J
pZlHcsIW4nr7Na6frZQvCK60IBS3Qu6bgicfdwOawCZpwMQjeE3rr+v3gQrxM1Vc
TbqznhMmAlgLvLkofQzA4GzLigBKsSVjovppunGgGeueYFhb55qXoy0Abqk/BDZu
pZNtvbr3C0btcT0m+WPJZAglAGchcUV0zosF/YKvlKF7e3LWpnjHNP0X8btFI3L8
dF0izGsbjYU6BZkl7sXuyrf/awQEC/Uzu9FTJ9ESEgF5rKPnP24WKiaKXuIQs2K5
NvvmnH1jRpbIfSt9G9HYziG35VDul+idbFS8BAWvEzwR
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:02:44 2025 by rpki-client