Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/e7edff-86da-449f-b89c-d7b2ad01a1d7/1/tsVYnpOVNhxQr_bPHI_-F6N2XYE.roa
File: tsVYnpOVNhxQr_bPHI_-F6N2XYE.roa (raw, json)
Hash identifier: 5UdLaEJ/BQ/Ia5MdB60NdYvnjMmVIxJ7NtyqJB0vszk=
Subject key identifier: B6:C5:58:9E:93:95:36:1C:50:AF:F6:CF:1C:8F:FE:17:A3:76:5D:81
Certificate issuer: /CN=22a19ed85a2c0cfc4f50bead16fc9f6f1465ad11
Certificate serial: 01941F8C8CB4EEEBDC9EF97F151317E53C8E
Authority key identifier: 22:A1:9E:D8:5A:2C:0C:FC:4F:50:BE:AD:16:FC:9F:6F:14:65:AD:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqGe2FosDPxPUL6tFvyfbxRlrRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/e7edff-86da-449f-b89c-d7b2ad01a1d7/1/tsVYnpOVNhxQr_bPHI_-F6N2XYE.roa
Signing time: Wed 01 Jan 2025 01:48:12 +0000
ROA not before: Wed 01 Jan 2025 01:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208867
IP address blocks: 217.29.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:8c:b4:ee:eb:dc:9e:f9:7f:15:13:17:e5:3c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a19ed85a2c0cfc4f50bead16fc9f6f1465ad11
Validity
Not Before: Jan 1 01:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6c5589e9395361c50aff6cf1c8ffe17a3765d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:87:10:cd:74:9d:38:e3:8b:39:b8:8b:93:82:
f7:fb:b4:b7:10:76:0e:01:49:70:cc:d5:5f:98:b8:
81:1e:ab:28:72:22:ab:99:c0:ea:db:b5:14:86:f1:
30:ae:0b:f4:d7:ca:b0:3e:1c:12:54:6a:84:e1:b2:
cf:6e:50:fa:b8:9d:b2:41:eb:8e:e0:5b:d8:ca:d3:
4c:c0:1a:22:04:01:16:b2:78:74:29:98:f0:17:ee:
62:8f:48:49:ab:4f:dc:ef:50:f5:1f:3c:e7:48:d2:
18:4c:6f:05:36:d0:1c:b3:ad:19:c9:4b:74:a2:0d:
57:3d:94:ce:7c:9e:75:f2:2c:86:70:59:72:59:49:
3e:6f:2c:de:4b:f0:f4:52:22:46:49:3f:75:e8:5f:
46:40:4c:72:85:2b:e9:57:f4:95:68:d7:31:e5:a5:
d6:0e:4e:ea:a8:2d:71:ae:51:39:2d:7f:69:64:d5:
92:9a:31:6e:e1:17:c4:4b:70:78:e0:d5:e2:48:38:
54:af:4c:8a:0c:2c:dc:ef:a9:79:7e:b7:c4:c0:c4:
0e:85:6b:78:ec:5a:dc:a7:cd:c5:e9:b1:e3:b7:67:
9d:e3:74:4c:a9:a7:be:a4:29:21:d7:18:9e:82:1a:
c6:da:32:bd:6d:c1:0d:1d:a0:37:1c:7b:38:40:27:
ef:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C5:58:9E:93:95:36:1C:50:AF:F6:CF:1C:8F:FE:17:A3:76:5D:81
X509v3 Authority Key Identifier:
keyid:22:A1:9E:D8:5A:2C:0C:FC:4F:50:BE:AD:16:FC:9F:6F:14:65:AD:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqGe2FosDPxPUL6tFvyfbxRlrRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e7edff-86da-449f-b89c-d7b2ad01a1d7/1/tsVYnpOVNhxQr_bPHI_-F6N2XYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e7edff-86da-449f-b89c-d7b2ad01a1d7/1/IqGe2FosDPxPUL6tFvyfbxRlrRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.29.192.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:30:ef:6d:3f:ba:40:78:56:0a:30:bf:9f:c5:1c:01:c9:bb:
95:66:a5:46:1d:6a:d9:8b:0f:9a:0f:0f:85:bd:12:3a:10:1e:
71:a5:12:ec:13:f2:b8:e2:a1:be:69:87:d6:77:01:fd:e4:be:
90:cc:67:91:b6:0e:a1:e7:43:71:13:8c:a1:ab:2d:c5:11:d8:
00:0b:4b:ab:46:f7:2f:13:77:91:35:0e:a0:16:02:32:4b:43:
03:2d:c2:c2:7d:0a:a1:e9:45:cf:25:11:f2:a5:34:59:e3:51:
16:67:85:1c:fc:ef:03:c8:a2:db:3e:eb:97:bf:d2:30:28:be:
81:1b:ae:f4:74:66:d6:90:ab:41:15:6d:05:f0:71:b8:8d:58:
c9:81:c7:b0:73:4a:b1:99:77:a2:05:cd:42:f3:34:db:df:71:
a8:69:71:4c:9a:35:79:51:fa:df:68:4d:7b:50:93:ee:7c:1d:
0d:e7:1f:a3:8a:0e:59:9e:ea:2e:5d:ce:05:8f:3f:f3:63:e9:
73:df:d3:b7:e1:da:96:18:b3:61:b2:4c:74:f3:d7:6b:31:90:
e4:db:38:44:44:d6:45:76:39:c2:7c:89:36:b0:a8:db:6e:7b:
c0:5b:6f:0d:2d:a6:1b:a4:13:5e:bb:35:b2:2d:0e:e6:95:eb:
69:db:f0:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjIy07uvcnvl/FRMX5TyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTE5ZWQ4NWEyYzBjZmM0ZjUwYmVhZDE2ZmM5ZjZmMTQ2
NWFkMTEwHhcNMjUwMTAxMDE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmM1NTg5ZTkzOTUzNjFjNTBhZmY2Y2YxYzhmZmUxN2EzNzY1ZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoocQzXSdOOOLObiLk4L3+7S3EHYO
AUlwzNVfmLiBHqsociKrmcDq27UUhvEwrgv018qwPhwSVGqE4bLPblD6uJ2yQeuO
4FvYytNMwBoiBAEWsnh0KZjwF+5ij0hJq0/c71D1HzznSNIYTG8FNtAcs60ZyUt0
og1XPZTOfJ518iyGcFlyWUk+byzeS/D0UiJGST916F9GQExyhSvpV/SVaNcx5aXW
Dk7qqC1xrlE5LX9pZNWSmjFu4RfES3B44NXiSDhUr0yKDCzc76l5frfEwMQOhWt4
7Frcp83F6bHjt2ed43RMqae+pCkh1xieghrG2jK9bcENHaA3HHs4QCfv5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbFWJ6TlTYcUK/2zxyP/hejdl2BMB8GA1UdIwQY
MBaAFCKhnthaLAz8T1C+rRb8n28UZa0RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFHZTJGb3NEUHhQVUw2dEZ2eWZieFJsclJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9lN2VkZmYtODZkYS00NDlmLWI4OWMt
ZDdiMmFkMDFhMWQ3LzEvdHNWWW5wT1ZOaHhRcl9iUEhJXy1GNk4yWFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9lN2VkZmYtODZkYS00NDlmLWI4OWMtZDdiMmFkMDFhMWQ3
LzEvSXFHZTJGb3NEUHhQVUw2dEZ2eWZieFJsclJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2R3AMA0G
CSqGSIb3DQEBCwUAA4IBAQAMMO9tP7pAeFYKML+fxRwBybuVZqVGHWrZiw+aDw+F
vRI6EB5xpRLsE/K44qG+aYfWdwH95L6QzGeRtg6h50NxE4yhqy3FEdgAC0urRvcv
E3eRNQ6gFgIyS0MDLcLCfQqh6UXPJRHypTRZ41EWZ4Uc/O8DyKLbPuuXv9IwKL6B
G670dGbWkKtBFW0F8HG4jVjJgcewc0qxmXeiBc1C8zTb33GoaXFMmjV5UfrfaE17
UJPufB0N5x+jig5ZnuouXc4Fjz/zY+lz39O34dqWGLNhskx089drMZDk2zhERNZF
djnCfIk2sKjbbnvAW28NLaYbpBNeuzWyLQ7mletp2/BA
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:49:11 2025 by rpki-client