Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/k0eS8GbpTFpaVPi3K9_CZDFOaPU.roa
File: k0eS8GbpTFpaVPi3K9_CZDFOaPU.roa (raw, json)
Hash identifier: Ej4uiaS/aPM289NUT10w3nroNfgE/+kc/Uq0qTQREqg=
Subject key identifier: 93:47:92:F0:66:E9:4C:5A:5A:54:F8:B7:2B:DF:C2:64:31:4E:68:F5
Certificate issuer: /CN=59c3cc99899373c85974f01c9cd7aa057ab97fab
Certificate serial: 019420D5980C80679414241572B9EEEBD668
Authority key identifier: 59:C3:CC:99:89:93:73:C8:59:74:F0:1C:9C:D7:AA:05:7A:B9:7F:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WcPMmYmTc8hZdPAcnNeqBXq5f6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/k0eS8GbpTFpaVPi3K9_CZDFOaPU.roa
Signing time: Wed 01 Jan 2025 07:47:36 +0000
ROA not before: Wed 01 Jan 2025 07:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29503
IP address blocks: 217.146.32.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:98:0c:80:67:94:14:24:15:72:b9:ee:eb:d6:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59c3cc99899373c85974f01c9cd7aa057ab97fab
Validity
Not Before: Jan 1 07:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=934792f066e94c5a5a54f8b72bdfc264314e68f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7a:b5:5f:19:67:02:36:68:97:f2:f2:c2:39:
ee:e6:11:70:88:c5:5b:b0:07:d5:41:b8:bb:ba:1e:
4d:25:7e:f3:50:f4:da:5a:38:4e:66:91:8b:16:13:
e3:8d:91:e5:82:4b:90:c5:c9:b1:25:83:16:be:f7:
a7:a2:7e:ff:f9:f3:a8:2a:4a:81:bc:24:eb:c4:e3:
64:92:e4:c1:1f:40:27:76:f7:ba:20:80:a2:92:fb:
84:9e:dc:a7:43:06:47:10:5a:47:ba:0b:b2:5a:e6:
83:fd:1f:56:40:82:5c:92:70:f2:f3:08:50:70:bf:
cd:7e:29:22:d7:5d:c8:dc:e8:86:65:7e:f2:42:f1:
b7:12:5c:c6:fb:c9:a9:d2:b6:98:c5:1e:a1:6c:40:
d8:c2:d7:10:d5:94:e2:fb:31:37:43:7e:1f:05:bd:
ed:27:d8:f1:f8:82:8f:66:62:8d:0b:db:a9:74:d4:
c3:c9:38:9f:d7:57:e5:96:54:1f:ef:64:10:a7:65:
2c:85:18:1a:17:c4:75:53:34:0d:d0:19:67:84:84:
16:84:80:e2:46:df:15:9a:90:75:bb:1a:39:9f:6f:
26:2f:e2:33:09:86:fd:09:6e:ec:3d:74:cd:bd:b9:
ea:e8:b6:df:2c:f9:0a:8c:e6:25:44:12:0a:f1:a7:
6a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:47:92:F0:66:E9:4C:5A:5A:54:F8:B7:2B:DF:C2:64:31:4E:68:F5
X509v3 Authority Key Identifier:
keyid:59:C3:CC:99:89:93:73:C8:59:74:F0:1C:9C:D7:AA:05:7A:B9:7F:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WcPMmYmTc8hZdPAcnNeqBXq5f6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/k0eS8GbpTFpaVPi3K9_CZDFOaPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/95f051-5e1d-4d36-a593-1a5eb50885ae/1/WcPMmYmTc8hZdPAcnNeqBXq5f6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.146.32.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:c2:92:61:0f:c7:56:47:d4:39:8d:0b:f4:ef:fc:f0:d2:f0:
25:2f:3e:a3:60:4b:44:b0:86:26:de:1b:76:5e:b4:07:c3:3e:
6f:3a:0e:20:0c:4b:d6:9e:38:44:42:4c:5e:fa:6a:6f:8e:a7:
5a:83:95:ee:57:ea:5f:fd:bb:83:20:9a:ae:42:70:14:b2:88:
17:db:b2:89:22:f7:8a:a1:cb:79:53:b1:d6:bb:88:e1:4f:c9:
d4:e1:a9:e3:7b:53:64:b6:81:8e:51:ad:a5:32:95:2a:59:8d:
27:d5:a9:f2:2c:ff:fb:62:7d:b6:a4:b7:7d:23:a8:5b:09:55:
8d:a0:88:69:eb:32:e8:d0:af:dc:87:c0:07:af:92:45:2d:e9:
17:38:58:ac:31:5b:e0:46:20:d5:c5:2c:fe:bd:9a:07:32:81:
22:fd:ea:c4:c2:11:bb:26:87:53:d6:07:b9:18:be:b7:77:d2:
c3:d9:ac:29:36:a0:7c:29:2d:7b:c5:53:6d:40:a9:53:c7:55:
2f:71:86:68:9e:cc:6a:31:21:e3:e0:9f:98:a9:16:6d:4a:94:
40:1a:59:17:52:fb:1e:d7:58:82:6d:0d:ae:e0:11:55:ea:64:
28:f8:ec:b9:0d:f1:8d:57:fe:ab:25:d7:7a:d6:19:0f:3b:e2:
a7:a0:ea:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1ZgMgGeUFCQVcrnu69ZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5YzNjYzk5ODk5MzczYzg1OTc0ZjAxYzljZDdhYTA1N2Fi
OTdmYWIwHhcNMjUwMTAxMDc0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzQ3OTJmMDY2ZTk0YzVhNWE1NGY4YjcyYmRmYzI2NDMxNGU2OGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnq1XxlnAjZol/Lywjnu5hFwiMVb
sAfVQbi7uh5NJX7zUPTaWjhOZpGLFhPjjZHlgkuQxcmxJYMWvvenon7/+fOoKkqB
vCTrxONkkuTBH0Andve6IICikvuEntynQwZHEFpHuguyWuaD/R9WQIJcknDy8whQ
cL/Nfiki113I3OiGZX7yQvG3ElzG+8mp0raYxR6hbEDYwtcQ1ZTi+zE3Q34fBb3t
J9jx+IKPZmKNC9updNTDyTif11flllQf72QQp2UshRgaF8R1UzQN0BlnhIQWhIDi
Rt8VmpB1uxo5n28mL+IzCYb9CW7sPXTNvbnq6LbfLPkKjOYlRBIK8adqzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNHkvBm6UxaWlT4tyvfwmQxTmj1MB8GA1UdIwQY
MBaAFFnDzJmJk3PIWXTwHJzXqgV6uX+rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2NQTW1ZbVRjOGhaZFBBY25OZXFCWHE1ZjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85NWYwNTEtNWUxZC00ZDM2LWE1OTMt
MWE1ZWI1MDg4NWFlLzEvazBlUzhHYnBURnBhVlBpM0s5X0NaREZPYVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny85NWYwNTEtNWUxZC00ZDM2LWE1OTMtMWE1ZWI1MDg4NWFl
LzEvV2NQTW1ZbVRjOGhaZFBBY25OZXFCWHE1ZjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2ZIgMA0G
CSqGSIb3DQEBCwUAA4IBAQAewpJhD8dWR9Q5jQv07/zw0vAlLz6jYEtEsIYm3ht2
XrQHwz5vOg4gDEvWnjhEQkxe+mpvjqdag5XuV+pf/buDIJquQnAUsogX27KJIveK
oct5U7HWu4jhT8nU4anje1NktoGOUa2lMpUqWY0n1anyLP/7Yn22pLd9I6hbCVWN
oIhp6zLo0K/ch8AHr5JFLekXOFisMVvgRiDVxSz+vZoHMoEi/erEwhG7JodT1ge5
GL63d9LD2awpNqB8KS17xVNtQKlTx1UvcYZonsxqMSHj4J+YqRZtSpRAGlkXUvse
11iCbQ2u4BFV6mQo+Oy5DfGNV/6rJdd61hkPO+KnoOoA
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:52 2025 by rpki-client