Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/d12bef-eaab-46f3-a320-f7a9f19bbd12/1/cJxyTRI6DP12IOB9jfzkZS_QRUA.roa
File: cJxyTRI6DP12IOB9jfzkZS_QRUA.roa (raw, json)
Hash identifier: vUEQrlVOJGRp98VT96WYQ3hXBl/tflmn/agxxNfMvw0=
Subject key identifier: 70:9C:72:4D:12:3A:0C:FD:76:20:E0:7D:8D:FC:E4:65:2F:D0:45:40
Certificate issuer: /CN=909825268602df4d8f9954ab92bb6a27f247c3ec
Certificate serial: 0759394D
Authority key identifier: 90:98:25:26:86:02:DF:4D:8F:99:54:AB:92:BB:6A:27:F2:47:C3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kJglJoYC302PmVSrkrtqJ_JHw-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/d12bef-eaab-46f3-a320-f7a9f19bbd12/1/cJxyTRI6DP12IOB9jfzkZS_QRUA.roa
Signing time: Sat 01 Jan 2022 07:03:35 +0000
ROA not before: Sat 01 Jan 2022 07:03:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210116
IP address blocks: 217.147.0.0/24 maxlen: 24
217.147.0.0/22 maxlen: 22
217.147.3.0/24 maxlen: 24
217.147.1.0/24 maxlen: 24
217.147.2.0/24 maxlen: 24
2a0e:dcc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123287885 (0x759394d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=909825268602df4d8f9954ab92bb6a27f247c3ec
Validity
Not Before: Jan 1 07:03:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=709c724d123a0cfd7620e07d8dfce4652fd04540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:67:d8:65:08:35:c3:2a:3b:a2:95:a6:03:66:
98:a8:f8:a7:a8:33:e1:1b:3d:43:84:66:05:f0:a3:
c9:dc:30:a5:d8:c5:24:df:e8:e3:39:a3:86:ef:b2:
a2:a5:73:c6:40:a6:ae:4c:31:ce:0d:f8:27:e4:96:
67:64:5a:31:6c:c7:34:60:8a:86:0b:6c:de:12:f8:
c2:3f:52:ff:a9:f5:09:a2:75:c7:1a:82:bb:51:5e:
8b:51:b5:de:21:ec:a0:e9:8b:b8:63:81:c3:de:b0:
3e:8b:9c:c6:aa:dc:a3:36:47:9d:d5:8d:ee:79:b7:
d3:86:09:4f:25:0b:17:34:96:e4:8a:b8:15:7a:c1:
7b:b4:51:e9:e8:27:e8:42:5a:33:2c:ef:79:f1:49:
f7:02:f2:53:2b:b7:9d:97:07:56:71:5e:7a:28:8a:
d1:5a:80:e9:03:f2:6b:9e:e7:10:ba:05:34:55:f0:
7c:72:9b:93:f6:bf:b2:3b:22:55:41:2e:2a:ff:b9:
32:22:08:89:ea:1f:b5:89:a7:cf:15:ed:b7:9d:17:
50:1c:88:38:79:c6:1b:e7:e2:c2:fd:1a:54:50:fc:
ac:40:79:f7:df:80:bd:6b:3c:1e:0b:a1:4c:ae:63:
78:9a:17:00:9d:bb:60:93:9a:5e:36:54:21:dc:15:
58:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:9C:72:4D:12:3A:0C:FD:76:20:E0:7D:8D:FC:E4:65:2F:D0:45:40
X509v3 Authority Key Identifier:
keyid:90:98:25:26:86:02:DF:4D:8F:99:54:AB:92:BB:6A:27:F2:47:C3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kJglJoYC302PmVSrkrtqJ_JHw-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d12bef-eaab-46f3-a320-f7a9f19bbd12/1/cJxyTRI6DP12IOB9jfzkZS_QRUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d12bef-eaab-46f3-a320-f7a9f19bbd12/1/kJglJoYC302PmVSrkrtqJ_JHw-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.0.0/22
IPv6:
2a0e:dcc0::/48
Signature Algorithm: sha256WithRSAEncryption
9d:72:b4:30:0e:bb:98:91:e8:82:08:8d:3c:f0:d2:74:88:ad:
52:17:ef:86:34:6c:b1:3e:0d:4a:0e:7c:63:2f:22:6a:a9:42:
d9:b1:97:6e:b0:5e:be:25:f8:cd:05:ac:3f:a4:5a:d5:ac:c6:
39:47:3d:0d:ff:16:17:4a:29:ba:83:9a:9d:7a:e1:f1:bd:f8:
58:b9:72:4e:9f:cb:45:fc:a0:46:03:db:8c:11:62:d4:67:6e:
aa:51:b1:c5:74:24:b0:00:0b:8c:75:69:ef:9f:4c:50:70:d1:
a3:29:0e:52:34:bd:12:14:00:19:7e:21:05:e5:7a:cf:99:02:
ac:88:86:5e:11:d9:35:6c:7a:44:71:e7:87:5e:c4:3a:73:c6:
30:bc:36:14:41:aa:81:37:3f:eb:90:77:6e:15:40:47:0e:88:
76:f3:81:d6:8a:62:ac:5d:5a:cd:16:fe:21:b1:d0:fd:b3:92:
54:bb:49:94:ad:02:62:03:a8:f1:b4:fd:dd:0e:05:97:34:7d:
78:a1:a3:e7:59:28:3d:06:f0:65:73:84:fc:6a:14:fa:74:b7:
ae:8a:8a:fd:82:61:3e:41:18:b7:3e:bb:dd:09:c0:66:1d:e7:
fd:1b:1b:72:ac:6a:1d:ce:81:4a:78:6a:0c:5d:f5:cf:46:d5:
2b:1e:b1:e4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEB1k5TTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDk4MjUyNjg2MDJkZjRkOGY5OTU0YWI5MmJiNmEyN2YyNDdjM2VjMB4XDTIyMDEw
MTA3MDMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA5YzcyNGQxMjNh
MGNmZDc2MjBlMDdkOGRmY2U0NjUyZmQwNDU0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9n2GUINcMqO6KVpgNmmKj4p6gz4Rs9Q4RmBfCjydwwpdjF
JN/o4zmjhu+yoqVzxkCmrkwxzg34J+SWZ2RaMWzHNGCKhgts3hL4wj9S/6n1CaJ1
xxqCu1Fei1G13iHsoOmLuGOBw96wPoucxqrcozZHndWN7nm304YJTyULFzSW5Iq4
FXrBe7RR6egn6EJaMyzvefFJ9wLyUyu3nZcHVnFeeiiK0VqA6QPya57nELoFNFXw
fHKbk/a/sjsiVUEuKv+5MiIIieoftYmnzxXtt50XUByIOHnGG+fiwv0aVFD8rEB5
99+AvWs8HguhTK5jeJoXAJ27YJOaXjZUIdwVWFkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRwnHJNEjoM/XYg4H2N/ORlL9BFQDAfBgNVHSMEGDAWgBSQmCUmhgLfTY+Z
VKuSu2on8kfD7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tKZ2xKb1lDMzAyUG1WU3JrcnRxSl9KSHctdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTUvZDEyYmVmLWVhYWItNDZmMy1hMzIwLWY3YTlmMTliYmQxMi8x
L2NKeHlUUkk2RFAxMklPQjlqZnprWlNfUVJVQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUv
ZDEyYmVmLWVhYWItNDZmMy1hMzIwLWY3YTlmMTliYmQxMi8xL2tKZ2xKb1lDMzAy
UG1WU3JrcnRxSl9KSHctdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAtmTADAPBAIAAjAJAwcAKg7cwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCdcrQwDruYkeiCCI088NJ0iK1SF++GNGyxPg1K
DnxjLyJqqULZsZdusF6+JfjNBaw/pFrVrMY5Rz0N/xYXSim6g5qdeuHxvfhYuXJO
n8tF/KBGA9uMEWLUZ26qUbHFdCSwAAuMdWnvn0xQcNGjKQ5SNL0SFAAZfiEF5XrP
mQKsiIZeEdk1bHpEceeHXsQ6c8YwvDYUQaqBNz/rkHduFUBHDoh284HWimKsXVrN
Fv4hsdD9s5JUu0mUrQJiA6jxtP3dDgWXNH14oaPnWSg9BvBlc4T8ahT6dLeuior9
gmE+QRi3PrvdCcBmHef9GxtyrGodzoFKeGoMXfXPRtUrHrHk
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:41 2025 by rpki-client