Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/bOta_jzXvubQBfo1PD_hDUEIM4U.roa
File: bOta_jzXvubQBfo1PD_hDUEIM4U.roa (raw, json)
Hash identifier: DWYz5kNKfCQclLKcW0LS/53Q4FerBeztCI8/S0Adm0s=
Subject key identifier: 6C:EB:5A:FE:3C:D7:BE:E6:D0:05:FA:35:3C:3F:E1:0D:41:08:33:85
Certificate issuer: /CN=ca91c42dfa6afbc11e78ee9de2e785f8a20b5043
Certificate serial: 0184AF34E998B159F2C377766962C74C4574
Authority key identifier: CA:91:C4:2D:FA:6A:FB:C1:1E:78:EE:9D:E2:E7:85:F8:A2:0B:50:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypHELfpq-8EeeO6d4ueF-KILUEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/bOta_jzXvubQBfo1PD_hDUEIM4U.roa
Signing time: Fri 25 Nov 2022 14:33:11 +0000
ROA not before: Fri 25 Nov 2022 14:33:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25540
IP address blocks: 217.147.192.0/22 maxlen: 22
217.147.196.0/22 maxlen: 22
217.147.200.0/22 maxlen: 22
217.147.200.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:af:34:e9:98:b1:59:f2:c3:77:76:69:62:c7:4c:45:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca91c42dfa6afbc11e78ee9de2e785f8a20b5043
Validity
Not Before: Nov 25 14:33:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ceb5afe3cd7bee6d005fa353c3fe10d41083385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:50:1d:93:18:f7:7a:55:5e:3e:63:d1:de:49:
ea:dd:4d:a2:23:46:29:d0:2d:37:fa:c8:61:9d:62:
75:63:ee:09:13:82:e8:12:e7:65:0a:04:a4:95:27:
b4:11:66:ab:be:86:e1:08:06:63:8a:31:43:47:fa:
a6:6b:45:c6:af:ac:ad:00:13:e6:c7:c5:b7:69:02:
2d:42:c3:e1:3e:a9:66:b4:ee:77:89:c6:4f:5b:7d:
4e:5d:46:d5:27:08:a3:6d:fd:70:f1:e2:d8:ba:ce:
47:af:26:e2:18:31:e9:82:75:6a:34:ad:7d:10:4e:
24:d7:59:75:9b:4a:f9:67:ec:72:0b:ae:07:54:80:
2c:77:7f:cc:ea:0c:aa:d4:5d:76:19:2f:dc:5c:a8:
41:31:af:05:69:67:9c:cc:18:df:3d:dc:3a:08:1d:
35:23:78:c7:a7:6d:64:56:7d:53:95:25:2a:ac:08:
91:99:cb:0f:65:9f:3d:cd:8b:5b:9f:e5:03:a8:43:
0f:46:4a:3a:71:4a:ff:a5:c6:ab:ac:d1:43:7f:f1:
da:85:27:9f:b7:40:c8:b4:da:a4:a1:18:4c:88:f7:
62:b6:54:a5:79:4a:d9:47:77:37:1c:bd:e6:5f:95:
bf:ad:67:5f:da:66:0b:3a:0d:12:09:ac:84:97:0d:
a3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:EB:5A:FE:3C:D7:BE:E6:D0:05:FA:35:3C:3F:E1:0D:41:08:33:85
X509v3 Authority Key Identifier:
keyid:CA:91:C4:2D:FA:6A:FB:C1:1E:78:EE:9D:E2:E7:85:F8:A2:0B:50:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypHELfpq-8EeeO6d4ueF-KILUEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/bOta_jzXvubQBfo1PD_hDUEIM4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/851e84-2f1a-4c77-b1f2-d5865041a14f/1/ypHELfpq-8EeeO6d4ueF-KILUEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.192.0-217.147.203.255
Signature Algorithm: sha256WithRSAEncryption
99:db:90:9c:83:a4:37:a8:e3:94:89:db:73:35:67:5b:4f:20:
ff:9e:9d:11:f9:8b:9b:ab:78:48:27:dc:e5:22:23:05:cc:23:
e6:29:04:42:02:5c:11:f4:6a:b3:1e:1b:0c:e5:a7:ad:6e:19:
e0:38:23:41:11:17:96:a2:3e:13:63:7f:5c:5e:e6:de:15:69:
3d:57:d0:5d:ef:05:30:b9:ed:90:9b:ca:14:47:6a:d7:ba:a2:
48:53:bf:43:7d:c5:6e:b6:8b:69:35:e2:d1:d1:a0:e4:f4:6f:
9e:12:1e:e9:4a:b4:c7:bb:52:3f:d5:87:0a:a8:7a:51:ec:3b:
97:4d:e1:c6:31:11:a4:7a:84:86:bd:1a:91:70:ee:fc:fd:69:
e1:31:a7:68:20:be:0c:03:c7:20:2a:a3:1f:92:25:7a:d7:fd:
1b:ac:e6:7c:41:ee:b9:e4:e9:8b:fe:ff:29:61:f6:3a:5a:aa:
43:ce:e7:d7:a4:40:55:be:86:bd:38:e1:fd:8a:8f:8c:b1:eb:
98:c1:10:83:48:a2:d9:6a:c3:a2:a2:0d:95:7f:5d:48:a0:91:
f1:62:ad:d0:cd:5f:96:e5:1b:12:91:42:b8:91:8a:16:73:fe:
ba:c2:a7:41:90:eb:d8:7e:3b:cf:9c:de:85:37:c8:d4:17:2f:
53:1e:0a:e8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYSvNOmYsVnyw3d2aWLHTEV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTFjNDJkZmE2YWZiYzExZTc4ZWU5ZGUyZTc4NWY4YTIw
YjUwNDMwHhcNMjIxMTI1MTQzMzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ViNWFmZTNjZDdiZWU2ZDAwNWZhMzUzYzNmZTEwZDQxMDgzMzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1Adkxj3elVePmPR3knq3U2iI0Yp
0C03+shhnWJ1Y+4JE4LoEudlCgSklSe0EWarvobhCAZjijFDR/qma0XGr6ytABPm
x8W3aQItQsPhPqlmtO53icZPW31OXUbVJwijbf1w8eLYus5HrybiGDHpgnVqNK19
EE4k11l1m0r5Z+xyC64HVIAsd3/M6gyq1F12GS/cXKhBMa8FaWeczBjfPdw6CB01
I3jHp21kVn1TlSUqrAiRmcsPZZ89zYtbn+UDqEMPRko6cUr/pcarrNFDf/HahSef
t0DItNqkoRhMiPditlSleUrZR3c3HL3mX5W/rWdf2mYLOg0SCayElw2j7wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGzrWv48177m0AX6NTw/4Q1BCDOFMB8GA1UdIwQY
MBaAFMqRxC36avvBHnjuneLnhfiiC1BDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBIRUxmcHEtOEVlZU82ZDR1ZUYtS0lMVUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NTFlODQtMmYxYS00Yzc3LWIxZjIt
ZDU4NjUwNDFhMTRmLzEvYk90YV9qelh2dWJRQmZvMVBEX2hEVUVJTTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84NTFlODQtMmYxYS00Yzc3LWIxZjItZDU4NjUwNDFhMTRm
LzEveXBIRUxmcHEtOEVlZU82ZDR1ZUYtS0lMVUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAbZk8AD
BALZk8gwDQYJKoZIhvcNAQELBQADggEBAJnbkJyDpDeo45SJ23M1Z1tPIP+enRH5
i5ureEgn3OUiIwXMI+YpBEICXBH0arMeGwzlp61uGeA4I0ERF5aiPhNjf1xe5t4V
aT1X0F3vBTC57ZCbyhRHate6okhTv0N9xW62i2k14tHRoOT0b54SHulKtMe7Uj/V
hwqoelHsO5dN4cYxEaR6hIa9GpFw7vz9aeExp2ggvgwDxyAqox+SJXrX/Rus5nxB
7rnk6Yv+/ylh9jpaqkPO59ekQFW+hr044f2Kj4yx65jBEINIotlqw6KiDZV/XUig
kfFirdDNX5blGxKRQriRihZz/rrCp0GQ69h+O8+c3oU3yNQXL1MeCug=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:06:00 2025 by rpki-client