Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/tm_pmfIeLM_Qxl5aaCURVjqmnAE.roa
File: tm_pmfIeLM_Qxl5aaCURVjqmnAE.roa (raw, json)
Hash identifier: maj9Pyl3T0tPwxnx6ZZ0qeDJgZXX4YzzZ/kCy8pjALQ=
Subject key identifier: B6:6F:E9:99:F2:1E:2C:CF:D0:C6:5E:5A:68:25:11:56:3A:A6:9C:01
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 0188FA6A169BCD9016CED3AA891712F5FCE6
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/tm_pmfIeLM_Qxl5aaCURVjqmnAE.roa
Signing time: Tue 27 Jun 2023 01:13:56 +0000
ROA not before: Tue 27 Jun 2023 01:13:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212849
IP address blocks: 217.150.215.0/24 maxlen: 24
217.150.216.0/22 maxlen: 24
217.150.220.0/24 maxlen: 24
217.150.222.0/24 maxlen: 24
217.150.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fa:6a:16:9b:cd:90:16:ce:d3:aa:89:17:12:f5:fc:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jun 27 01:13:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b66fe999f21e2ccfd0c65e5a682511563aa69c01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6e:28:9e:38:e5:bb:87:e6:84:19:8b:ef:67:
24:fb:35:a5:4d:59:d7:2a:ae:05:a5:07:d6:cb:76:
c4:b8:09:fb:a9:4d:e5:8f:38:3d:57:28:75:d7:20:
34:93:73:aa:27:d5:8f:88:4f:83:3c:f1:87:42:ed:
1f:eb:05:73:f2:ee:de:5b:53:27:33:3d:c3:bd:8c:
20:40:85:50:03:e4:bb:53:55:40:4e:e8:c4:25:0e:
8a:4c:df:bd:e6:bb:2c:77:67:f6:57:a5:9b:93:80:
f5:01:10:c9:9c:9b:30:6d:c8:b9:74:59:db:49:db:
da:6d:f0:07:af:be:3e:41:9d:ee:59:12:46:70:fa:
e8:5c:05:17:a5:88:dd:74:7d:09:e5:24:b3:65:25:
19:f0:94:66:45:63:5d:ff:33:de:41:d3:b7:5a:69:
f1:2a:4c:63:4c:af:76:de:fd:76:02:19:50:d3:34:
94:8c:2c:91:33:c6:31:0c:ba:e2:cb:aa:b3:a3:40:
46:b7:ba:73:4f:57:a7:58:c5:c3:c0:e0:21:8b:33:
e2:5c:7c:eb:68:5d:2f:13:de:d7:37:f9:cd:f9:d2:
c0:70:d2:f9:ce:8a:b0:95:bf:f8:cc:fa:73:fb:e4:
f6:0b:b3:0a:aa:64:4c:9a:7f:20:a6:ca:0d:4f:b4:
e0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6F:E9:99:F2:1E:2C:CF:D0:C6:5E:5A:68:25:11:56:3A:A6:9C:01
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/tm_pmfIeLM_Qxl5aaCURVjqmnAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.215.0-217.150.220.255
217.150.222.0/23
Signature Algorithm: sha256WithRSAEncryption
38:1c:2c:2d:84:6b:9b:e1:66:e9:01:65:70:21:49:c4:55:fc:
61:ef:93:0c:33:f5:98:fd:f0:3d:5f:e1:0f:ee:76:8a:68:15:
ef:a6:b5:1e:9f:e7:94:0f:77:73:f2:59:06:94:5c:28:79:b5:
1f:b8:35:15:d1:c4:6f:bc:7f:97:ae:12:bb:a0:28:a6:d3:4b:
76:86:18:ae:52:f7:b5:7f:b5:36:e3:cc:f8:4f:1b:91:48:86:
b9:2c:80:07:c6:d9:0d:30:1d:4b:68:b1:c0:65:62:f5:a3:c7:
55:fe:fd:17:a8:3d:e5:24:bf:70:8c:9c:fe:73:ee:9e:16:17:
30:41:e9:e5:0a:f9:3a:2f:cf:cf:06:6f:34:55:97:b8:80:56:
3b:12:68:d9:ae:f6:c0:a6:a4:d3:96:64:10:97:bc:a7:6c:bf:
41:ec:d8:a1:98:30:4c:cc:75:f3:5d:62:a1:26:bf:e3:89:73:
d5:4f:6c:0f:26:bb:cb:a9:93:f4:54:5f:dd:8c:6a:30:2d:0f:
2c:49:5e:e4:1c:88:89:0a:65:9e:e7:81:aa:d6:06:0c:66:ff:
b8:8e:af:d1:7d:d7:a7:f7:dc:8d:ab:da:82:1f:76:27:90:e8:
c7:8a:7b:31:7f:26:14:49:bc:37:6c:a4:c4:bf:12:cb:89:65:
17:8e:96:18
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYj6ahabzZAWztOqiRcS9fzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjMwNjI3MDExMzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZmZTk5OWYyMWUyY2NmZDBjNjVlNWE2ODI1MTE1NjNhYTY5YzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkW4onjjlu4fmhBmL72ck+zWlTVnX
Kq4FpQfWy3bEuAn7qU3ljzg9Vyh11yA0k3OqJ9WPiE+DPPGHQu0f6wVz8u7eW1Mn
Mz3DvYwgQIVQA+S7U1VATujEJQ6KTN+95rssd2f2V6Wbk4D1ARDJnJswbci5dFnb
SdvabfAHr74+QZ3uWRJGcProXAUXpYjddH0J5SSzZSUZ8JRmRWNd/zPeQdO3Wmnx
KkxjTK923v12AhlQ0zSUjCyRM8YxDLriy6qzo0BGt7pzT1enWMXDwOAhizPiXHzr
aF0vE97XN/nN+dLAcNL5zoqwlb/4zPpz++T2C7MKqmRMmn8gpsoNT7Tg+QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLZv6ZnyHizP0MZeWmglEVY6ppwBMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvdG1fcG1mSWVMTV9ReGw1YWFDVVJWanFtbkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADZltcD
BADZltwDBAHZlt4wDQYJKoZIhvcNAQELBQADggEBADgcLC2Ea5vhZukBZXAhScRV
/GHvkwwz9Zj98D1f4Q/udopoFe+mtR6f55QPd3PyWQaUXCh5tR+4NRXRxG+8f5eu
ErugKKbTS3aGGK5S97V/tTbjzPhPG5FIhrksgAfG2Q0wHUtoscBlYvWjx1X+/Reo
PeUkv3CMnP5z7p4WFzBB6eUK+Tovz88GbzRVl7iAVjsSaNmu9sCmpNOWZBCXvKds
v0Hs2KGYMEzMdfNdYqEmv+OJc9VPbA8mu8upk/RUX92MajAtDyxJXuQciIkKZZ7n
garWBgxm/7iOr9F916f33I2r2oIfdieQ6MeKezF/JhRJvDdspMS/EsuJZReOlhg=
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:07:20 2025 by rpki-client