Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/1a8VrRBxuEM9gIitWA-MTYGiH6k.roa
File: 1a8VrRBxuEM9gIitWA-MTYGiH6k.roa (raw, json)
Hash identifier: o75BqB590sV6r1bb5EcguY1B6QE3rDYfVkZNGdgh7Sw=
Subject key identifier: D5:AF:15:AD:10:71:B8:43:3D:80:88:AD:58:0F:8C:4D:81:A2:1F:A9
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 01942444A656A549EDEEE10DA4BD50A3329E
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/1a8VrRBxuEM9gIitWA-MTYGiH6k.roa
Signing time: Wed 01 Jan 2025 23:47:46 +0000
ROA not before: Wed 01 Jan 2025 23:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212849
IP address blocks: 217.150.215.0/24 maxlen: 24
217.150.216.0/22 maxlen: 24
217.150.217.0/24 maxlen: 24
217.150.218.0/24 maxlen: 24
217.150.219.0/24 maxlen: 24
217.150.220.0/24 maxlen: 24
217.150.222.0/24 maxlen: 24
217.150.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:a6:56:a5:49:ed:ee:e1:0d:a4:bd:50:a3:32:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jan 1 23:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5af15ad1071b8433d8088ad580f8c4d81a21fa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:41:d1:bb:4a:86:f4:3e:9e:77:58:98:28:84:
cc:26:6e:49:83:f6:bd:6a:eb:16:b1:74:09:f1:5c:
f1:89:f8:ac:90:c8:84:08:88:8e:67:25:d4:23:95:
ca:f6:26:28:cb:1a:33:c0:4c:84:7f:e9:c7:32:e4:
5a:f2:d8:69:03:0e:0c:83:e0:d4:26:d5:e3:4f:58:
50:03:17:d8:02:63:d0:4a:b7:58:30:f4:07:ec:bc:
28:74:21:ab:fb:08:f0:81:d8:4b:35:a0:5a:e8:e6:
f8:97:85:39:76:7e:e1:a3:c0:de:84:57:19:cf:b4:
4e:2b:83:19:64:91:3f:03:4f:57:92:33:6f:b3:6e:
d8:cc:6b:e8:9c:07:95:23:5d:a2:d4:79:32:d4:f7:
b7:b9:f3:ef:b4:08:4d:16:0a:c0:f2:3d:4f:70:af:
85:cb:d9:41:5d:de:96:30:a7:2e:32:db:cc:cc:24:
79:9e:a6:8a:0c:04:3f:95:19:d8:e2:d6:68:9f:ef:
ce:ab:d5:be:4b:d4:03:5a:3a:58:db:c1:6f:21:4c:
b9:60:36:13:a4:d8:ca:4d:b0:c8:20:d3:40:68:c6:
98:0d:e7:8a:07:e2:b3:6e:22:29:40:95:e3:d3:31:
1c:f8:ee:8a:02:ea:c8:4b:12:58:ec:5b:a5:4c:ab:
99:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:AF:15:AD:10:71:B8:43:3D:80:88:AD:58:0F:8C:4D:81:A2:1F:A9
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/1a8VrRBxuEM9gIitWA-MTYGiH6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.215.0-217.150.220.255
217.150.222.0/23
Signature Algorithm: sha256WithRSAEncryption
91:37:f7:fd:ed:45:cd:2c:3e:93:ce:48:d1:fb:de:e3:84:ea:
94:63:5e:eb:5b:24:33:ed:1f:27:b3:6c:6f:78:43:0f:0b:e6:
e7:16:da:2a:7d:57:61:a3:7f:ce:54:8e:33:31:00:29:d0:67:
73:f5:43:87:1d:49:2b:2d:9c:31:51:25:bb:63:ff:e0:c1:97:
61:44:5f:80:2f:c7:0e:ac:5a:d4:28:1a:96:dd:62:0f:73:54:
ba:9a:92:22:02:d0:a7:d0:c7:97:84:5d:4a:70:eb:9d:6e:4c:
c7:1d:ea:c8:29:77:70:22:50:64:1c:20:59:f0:31:0a:ca:fb:
93:d6:0b:c1:6d:a5:eb:e7:6f:32:ae:de:8e:38:95:13:4e:d1:
35:bc:00:93:45:46:2f:5f:a2:1f:af:aa:87:fc:46:e3:37:ae:
c2:9d:19:26:7e:d2:a7:5a:42:07:8c:bb:40:f4:e3:86:f7:11:
15:08:74:cc:3d:90:53:83:3e:3d:46:da:21:94:82:c9:87:5c:
92:23:6a:8e:7d:bc:48:8b:c9:f0:cc:a2:29:4b:9f:b0:90:16:
1c:3e:ca:10:27:bf:01:e2:d8:b9:0a:0c:b4:c9:bc:6c:25:2b:
37:ef:15:89:96:63:2d:d7:05:6f:76:7f:8d:0d:98:51:c1:33:
29:0c:9d:d9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQkRKZWpUnt7uENpL1QozKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjUwMTAxMjM0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWFmMTVhZDEwNzFiODQzM2Q4MDg4YWQ1ODBmOGM0ZDgxYTIxZmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkHRu0qG9D6ed1iYKITMJm5Jg/a9
ausWsXQJ8VzxifiskMiECIiOZyXUI5XK9iYoyxozwEyEf+nHMuRa8thpAw4Mg+DU
JtXjT1hQAxfYAmPQSrdYMPQH7LwodCGr+wjwgdhLNaBa6Ob4l4U5dn7ho8DehFcZ
z7ROK4MZZJE/A09XkjNvs27YzGvonAeVI12i1Hky1Pe3ufPvtAhNFgrA8j1PcK+F
y9lBXd6WMKcuMtvMzCR5nqaKDAQ/lRnY4tZon+/Oq9W+S9QDWjpY28FvIUy5YDYT
pNjKTbDIINNAaMaYDeeKB+KzbiIpQJXj0zEc+O6KAurISxJY7FulTKuZtQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNWvFa0QcbhDPYCIrVgPjE2Boh+pMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvMWE4VnJSQnh1RU05Z0lpdFdBLU1UWUdpSDZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADZltcD
BADZltwDBAHZlt4wDQYJKoZIhvcNAQELBQADggEBAJE39/3tRc0sPpPOSNH73uOE
6pRjXutbJDPtHyezbG94Qw8L5ucW2ip9V2Gjf85UjjMxACnQZ3P1Q4cdSSstnDFR
Jbtj/+DBl2FEX4Avxw6sWtQoGpbdYg9zVLqakiIC0KfQx5eEXUpw651uTMcd6sgp
d3AiUGQcIFnwMQrK+5PWC8FtpevnbzKu3o44lRNO0TW8AJNFRi9foh+vqof8RuM3
rsKdGSZ+0qdaQgeMu0D044b3ERUIdMw9kFODPj1G2iGUgsmHXJIjao59vEiLyfDM
oilLn7CQFhw+yhAnvwHi2LkKDLTJvGwlKzfvFYmWYy3XBW92f40NmFHBMykMndk=
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:02:01 2025 by rpki-client