Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/vSaLbfEbApfQwSUohFXA7paczMY.roa
File: vSaLbfEbApfQwSUohFXA7paczMY.roa (raw, json)
Hash identifier: 1phk5wsnD7/lsIM6QuU4BZyv+ZrNbjMYokrICpNHlKo=
Subject key identifier: BD:26:8B:6D:F1:1B:02:97:D0:C1:25:28:84:55:C0:EE:96:9C:CC:C6
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 0189990D85F8D091B0C393F060C87ED8265F
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/vSaLbfEbApfQwSUohFXA7paczMY.roa
Signing time: Thu 27 Jul 2023 20:32:27 +0000
ROA not before: Thu 27 Jul 2023 20:32:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208528
IP address blocks: 217.150.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:99:0d:85:f8:d0:91:b0:c3:93:f0:60:c8:7e:d8:26:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jul 27 20:32:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd268b6df11b0297d0c125288455c0ee969cccc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:92:a7:c5:e4:4a:81:f5:4b:ac:f1:61:ef:ba:
21:69:86:b9:54:08:2c:68:1b:58:7b:0e:bb:67:6b:
63:06:c9:15:89:f8:a6:3b:78:30:51:d9:fe:3b:c5:
0e:53:69:7b:8a:51:a7:ec:91:a5:c8:f2:68:7d:8c:
03:2e:87:1c:90:4b:a2:bb:6a:c3:c2:cf:81:78:89:
8b:3c:86:fe:99:4e:df:8c:4a:2b:b6:f7:3d:03:60:
c7:8d:80:f4:41:59:10:e0:c5:3d:b3:39:1f:a3:a1:
82:4d:a4:0d:a5:9c:0b:f0:69:66:56:20:18:d4:59:
6c:61:8a:83:a6:19:54:41:aa:7f:ef:54:72:46:26:
03:9b:ee:b5:15:73:73:cf:56:53:e3:b0:b2:4e:3b:
77:e6:fe:08:95:94:95:9f:8e:68:45:3f:0a:62:6e:
c6:06:32:43:69:6d:64:42:07:3f:50:e9:aa:39:f9:
0a:93:3e:ef:31:40:a8:4d:b1:9a:19:cc:1f:f3:87:
d9:5a:81:a8:5d:2f:7c:40:1c:d2:cc:c4:37:3a:33:
56:13:4b:37:65:74:b1:b2:5e:f1:67:5c:d8:11:db:
a8:55:aa:50:d3:2f:0a:17:c7:ba:1a:af:18:d8:e6:
98:f9:70:52:3a:4f:a7:3c:79:fe:1a:05:4d:1d:1a:
14:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:26:8B:6D:F1:1B:02:97:D0:C1:25:28:84:55:C0:EE:96:9C:CC:C6
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/vSaLbfEbApfQwSUohFXA7paczMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.223.0/24
Signature Algorithm: sha256WithRSAEncryption
25:63:e9:32:0d:96:3f:a3:69:36:cf:83:eb:75:a9:bf:6e:18:
8a:60:c0:f5:0f:36:72:31:ab:96:a0:ba:a6:07:ec:50:f8:60:
16:3d:ba:d9:dc:42:c0:25:52:aa:30:50:ed:ec:69:20:2d:a3:
c0:ba:7c:e6:29:24:2c:e5:15:d3:09:96:eb:ca:63:04:59:7b:
01:72:3c:60:8c:de:34:49:74:13:71:94:bd:74:b2:09:39:2a:
57:48:0e:03:b5:70:33:c2:ab:eb:5f:ec:80:2a:73:20:79:96:
54:12:db:85:a9:e4:93:87:10:65:a5:88:d7:24:fd:45:42:3b:
c3:fe:0b:bd:36:3a:62:82:04:a0:ad:5b:01:d8:b1:03:c9:d4:
42:f3:1e:5c:88:63:14:89:f8:c9:33:a0:03:4d:23:f0:10:60:
bf:86:fd:2d:52:9b:4c:be:fb:98:28:55:68:5f:66:e8:ae:0b:
c1:09:f8:b3:11:34:f2:c4:b1:bf:b8:44:67:bb:9d:44:65:73:
b1:b8:24:8d:bb:e3:21:71:8f:bf:4d:b9:92:f6:32:a9:49:77:
4d:b5:19:6e:9f:12:48:75:40:d8:e3:e2:09:0e:f1:4e:9f:1e:
e4:f6:3f:5f:27:7a:d1:8e:bd:ac:cf:90:41:ca:7f:97:77:88:
ea:40:c4:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmZDYX40JGww5PwYMh+2CZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjMwNzI3MjAzMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDI2OGI2ZGYxMWIwMjk3ZDBjMTI1Mjg4NDU1YzBlZTk2OWNjY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJKnxeRKgfVLrPFh77ohaYa5VAgs
aBtYew67Z2tjBskVifimO3gwUdn+O8UOU2l7ilGn7JGlyPJofYwDLocckEuiu2rD
ws+BeImLPIb+mU7fjEortvc9A2DHjYD0QVkQ4MU9szkfo6GCTaQNpZwL8GlmViAY
1FlsYYqDphlUQap/71RyRiYDm+61FXNzz1ZT47CyTjt35v4IlZSVn45oRT8KYm7G
BjJDaW1kQgc/UOmqOfkKkz7vMUCoTbGaGcwf84fZWoGoXS98QBzSzMQ3OjNWE0s3
ZXSxsl7xZ1zYEduoVapQ0y8KF8e6Gq8Y2OaY+XBSOk+nPHn+GgVNHRoUfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL0mi23xGwKX0MElKIRVwO6WnMzGMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvdlNhTGJmRWJBcGZRd1NVb2hGWEE3cGFjek1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZbfMA0G
CSqGSIb3DQEBCwUAA4IBAQAlY+kyDZY/o2k2z4Prdam/bhiKYMD1DzZyMauWoLqm
B+xQ+GAWPbrZ3ELAJVKqMFDt7GkgLaPAunzmKSQs5RXTCZbrymMEWXsBcjxgjN40
SXQTcZS9dLIJOSpXSA4DtXAzwqvrX+yAKnMgeZZUEtuFqeSThxBlpYjXJP1FQjvD
/gu9NjpiggSgrVsB2LEDydRC8x5ciGMUifjJM6ADTSPwEGC/hv0tUptMvvuYKFVo
X2borgvBCfizETTyxLG/uERnu51EZXOxuCSNu+MhcY+/TbmS9jKpSXdNtRlunxJI
dUDY4+IJDvFOnx7k9j9fJ3rRjr2sz5BByn+Xd4jqQMRv
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:12:43 2025 by rpki-client