Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/lydOFdT2ZB4VXyRnspFs-1TL_6A.roa
File: lydOFdT2ZB4VXyRnspFs-1TL_6A.roa (raw, json)
Hash identifier: 8itP19agssSYawEYfpGuFEww3nKwbJHsZKc1MH8kG3s=
Subject key identifier: 97:27:4E:15:D4:F6:64:1E:15:5F:24:67:B2:91:6C:FB:54:CB:FF:A0
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 0194244522EB1684A340404803D043F50CD2
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/lydOFdT2ZB4VXyRnspFs-1TL_6A.roa
Signing time: Wed 01 Jan 2025 23:48:18 +0000
ROA not before: Wed 01 Jan 2025 23:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44587
IP address blocks: 217.151.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:22:eb:16:84:a3:40:40:48:03:d0:43:f5:0c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 1 23:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97274e15d4f6641e155f2467b2916cfb54cbffa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5a:be:c7:a9:db:75:b3:c4:3a:ba:55:b8:83:
87:03:08:35:6f:84:cd:fc:7b:10:c2:95:05:51:40:
71:53:d7:35:b0:37:e4:6b:b6:25:bd:28:49:c3:00:
32:26:e4:0b:cc:97:27:46:e7:36:96:14:ac:65:9f:
1f:23:1b:86:fd:91:d3:39:56:8f:f5:5e:09:1e:a9:
03:5e:6d:c1:46:bd:11:d9:a7:45:dc:b8:41:9b:ee:
8f:55:2e:c7:63:be:ae:db:e8:3a:0a:c1:af:cc:74:
17:c7:c1:c3:bc:53:63:64:b7:43:66:df:a3:6f:f6:
fb:11:14:98:b9:7a:bf:1c:2f:49:8c:13:0d:cf:c4:
e8:32:80:7a:61:bb:75:38:59:46:39:93:63:45:97:
1d:6c:32:9a:e1:ca:0f:60:5a:3b:37:8a:be:de:c0:
51:79:b5:cb:e5:05:05:30:ac:a5:7c:d5:d2:62:ca:
41:75:46:01:b1:6d:25:da:dc:a2:f4:31:78:25:ce:
bf:d9:d9:6f:c7:74:61:d8:36:ef:8d:59:15:10:ab:
4b:cb:96:03:26:e6:77:72:2e:b5:75:3b:3b:ee:f1:
50:dc:be:67:7d:2d:a4:f7:2b:07:a9:ba:01:b3:93:
68:b6:c5:3c:61:8e:6e:77:2e:02:86:c8:79:5a:0b:
d1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:27:4E:15:D4:F6:64:1E:15:5F:24:67:B2:91:6C:FB:54:CB:FF:A0
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/lydOFdT2ZB4VXyRnspFs-1TL_6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.151.228.0/24
Signature Algorithm: sha256WithRSAEncryption
17:3a:4b:78:a9:ac:28:cc:a1:e4:f6:15:b5:ac:48:de:38:6f:
9a:be:02:b2:da:4d:12:55:6c:26:6e:70:43:be:61:1a:6e:34:
2e:62:e0:68:6a:76:a5:6d:59:f1:1f:8e:7a:bf:82:41:9c:f0:
df:48:31:8a:43:8e:f5:c8:ea:b2:8c:81:7c:0d:ff:66:02:63:
b4:b5:e1:8e:a4:d3:ca:0b:d7:dc:b0:d6:7f:9e:45:1f:b4:e1:
87:7d:ff:85:03:ef:15:4f:ad:40:03:ee:93:fa:23:af:84:d8:
e2:4a:29:73:8e:ab:d0:8a:62:33:02:47:b8:d3:be:7a:12:cf:
a7:15:05:74:e2:48:88:1d:07:c1:46:15:e0:f4:8d:d6:72:45:
49:39:3c:7b:0f:ba:ac:26:67:ba:a6:4b:45:4d:9f:0d:6a:48:
fa:88:26:f2:71:31:45:0f:ec:9f:85:fc:f1:31:19:04:4f:ce:
35:03:1b:57:48:b4:bd:2f:05:58:01:e3:e5:91:18:c4:f1:5a:
12:7c:47:4b:76:ac:4b:5f:ae:6c:dd:af:64:44:ed:d0:b4:fe:
f4:ac:72:31:c2:b1:d2:7d:89:1b:62:31:20:0d:06:90:93:c0:
5c:15:5a:24:a5:4d:1e:38:4f:01:80:eb:07:4c:32:0c:13:d5:
9e:ad:39:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRSLrFoSjQEBIA9BD9QzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjUwMTAxMjM0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI3NGUxNWQ0ZjY2NDFlMTU1ZjI0NjdiMjkxNmNmYjU0Y2JmZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVq+x6nbdbPEOrpVuIOHAwg1b4TN
/HsQwpUFUUBxU9c1sDfka7YlvShJwwAyJuQLzJcnRuc2lhSsZZ8fIxuG/ZHTOVaP
9V4JHqkDXm3BRr0R2adF3LhBm+6PVS7HY76u2+g6CsGvzHQXx8HDvFNjZLdDZt+j
b/b7ERSYuXq/HC9JjBMNz8ToMoB6Ybt1OFlGOZNjRZcdbDKa4coPYFo7N4q+3sBR
ebXL5QUFMKylfNXSYspBdUYBsW0l2tyi9DF4Jc6/2dlvx3Rh2DbvjVkVEKtLy5YD
JuZ3ci61dTs77vFQ3L5nfS2k9ysHqboBs5NotsU8YY5udy4Chsh5WgvRmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcnThXU9mQeFV8kZ7KRbPtUy/+gMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvbHlkT0ZkVDJaQjRWWHlSbnNwRnMtMVRMXzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZfkMA0G
CSqGSIb3DQEBCwUAA4IBAQAXOkt4qawozKHk9hW1rEjeOG+avgKy2k0SVWwmbnBD
vmEabjQuYuBoanalbVnxH456v4JBnPDfSDGKQ471yOqyjIF8Df9mAmO0teGOpNPK
C9fcsNZ/nkUftOGHff+FA+8VT61AA+6T+iOvhNjiSilzjqvQimIzAke40756Es+n
FQV04kiIHQfBRhXg9I3WckVJOTx7D7qsJme6pktFTZ8Nakj6iCbycTFFD+yfhfzx
MRkET841AxtXSLS9LwVYAePlkRjE8VoSfEdLdqxLX65s3a9kRO3QtP70rHIxwrHS
fYkbYjEgDQaQk8BcFVokpU0eOE8BgOsHTDIME9WerTkJ
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:03:41 2025 by rpki-client