Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/d12bef-eaab-46f3-a320-f7a9f19bbd12/1/tqW5n7dXgv0MMkfKMp7y6aWSZ1Q.roa
File: tqW5n7dXgv0MMkfKMp7y6aWSZ1Q.roa (raw, json)
Hash identifier: dCK3Gs7Vw6UfmZ0djtebTUYEyec/ztoSLE+AA1RL6kA=
Subject key identifier: B6:A5:B9:9F:B7:57:82:FD:0C:32:47:CA:32:9E:F2:E9:A5:92:67:54
Certificate issuer: /CN=909825268602df4d8f9954ab92bb6a27f247c3ec
Certificate serial: 0185704BC78389F3FD6540EF27C5AF043BB7
Authority key identifier: 90:98:25:26:86:02:DF:4D:8F:99:54:AB:92:BB:6A:27:F2:47:C3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kJglJoYC302PmVSrkrtqJ_JHw-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/d12bef-eaab-46f3-a320-f7a9f19bbd12/1/tqW5n7dXgv0MMkfKMp7y6aWSZ1Q.roa
Signing time: Mon 02 Jan 2023 02:24:52 +0000
ROA not before: Mon 02 Jan 2023 02:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210116
IP address blocks: 217.147.0.0/24 maxlen: 24
217.147.0.0/22 maxlen: 22
217.147.3.0/24 maxlen: 24
217.147.1.0/24 maxlen: 24
217.147.2.0/24 maxlen: 24
2a0e:dcc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:c7:83:89:f3:fd:65:40:ef:27:c5:af:04:3b:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=909825268602df4d8f9954ab92bb6a27f247c3ec
Validity
Not Before: Jan 2 02:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6a5b99fb75782fd0c3247ca329ef2e9a5926754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:30:97:da:21:32:80:ac:fd:e2:a4:37:1c:68:
d7:21:be:90:a3:d1:38:96:55:74:25:1e:ee:88:76:
6b:93:2e:94:08:fe:7f:9d:7e:e4:37:95:4d:74:8b:
4e:17:3e:e6:b4:55:45:2d:13:a5:6c:63:84:15:9d:
02:a1:df:00:83:30:b6:34:0b:3b:27:50:a4:95:66:
10:ca:05:1c:70:02:08:22:52:a2:64:f4:70:e4:bb:
b3:45:1c:12:58:30:e5:01:3a:56:f7:48:56:59:57:
29:dd:c4:f9:4a:25:38:a1:ea:52:4f:c9:ff:10:e4:
b9:a2:25:57:bf:65:56:eb:1e:45:11:9f:87:2c:35:
36:cf:c7:2d:cf:94:3e:12:f2:ea:7d:a9:40:f8:a4:
85:5f:2b:a7:75:66:28:c8:2c:55:08:0c:f0:63:b2:
71:1b:cd:90:54:2a:dc:8d:80:97:c4:bb:9d:a9:01:
6e:cd:24:3e:6e:3f:95:de:4b:52:38:64:f8:50:d7:
a6:09:e0:e2:78:4b:14:70:a6:5b:85:94:b6:b2:f7:
0c:d8:de:40:e4:7c:e8:26:ed:f7:8b:e5:02:8f:d3:
db:ef:64:b5:10:3c:02:5a:70:c5:78:89:be:49:87:
21:dd:53:6b:c7:0e:4d:18:bd:d6:ce:ba:78:64:5b:
ee:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A5:B9:9F:B7:57:82:FD:0C:32:47:CA:32:9E:F2:E9:A5:92:67:54
X509v3 Authority Key Identifier:
keyid:90:98:25:26:86:02:DF:4D:8F:99:54:AB:92:BB:6A:27:F2:47:C3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kJglJoYC302PmVSrkrtqJ_JHw-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d12bef-eaab-46f3-a320-f7a9f19bbd12/1/tqW5n7dXgv0MMkfKMp7y6aWSZ1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d12bef-eaab-46f3-a320-f7a9f19bbd12/1/kJglJoYC302PmVSrkrtqJ_JHw-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.0.0/22
IPv6:
2a0e:dcc0::/48
Signature Algorithm: sha256WithRSAEncryption
40:5f:49:8c:55:46:52:75:35:29:eb:62:1b:3f:53:67:e8:80:
28:ac:7a:c2:8a:24:fe:bb:88:0b:ea:59:b4:54:e7:7e:75:75:
cd:8d:60:94:5b:54:6e:95:b7:29:72:75:9a:2a:80:5d:ba:a1:
01:99:c3:ed:68:bc:4d:bd:a4:67:12:a5:ca:72:b2:93:bc:90:
ba:e8:3c:d6:05:e6:2e:b8:84:60:29:5e:17:a5:f8:a0:e4:16:
36:e1:4f:65:c5:ca:11:70:64:e0:84:10:9f:80:60:24:bf:5f:
ed:17:f4:4f:cc:a1:31:48:09:ff:95:04:a5:54:7c:37:c2:94:
b4:8f:bc:0f:74:25:8b:4c:aa:4c:ac:e6:f0:a3:37:cf:4e:a5:
2b:63:48:8e:f9:66:96:0b:8e:3d:a5:d4:b9:e4:48:47:69:b3:
08:fc:98:b8:c9:1f:de:85:8d:49:f9:a1:a4:78:18:23:ab:d0:
fe:4c:a7:71:f3:fd:6b:c7:2e:7d:60:ea:59:f4:20:9d:1f:4d:
de:d3:27:6e:a6:f2:d0:5d:26:b5:06:34:5a:d7:f7:a0:79:6b:
a3:a8:a6:1e:35:ba:10:69:15:f9:16:15:e1:f0:ea:f3:97:6a:
c4:d5:e7:9f:bf:c3:29:b2:6c:57:2c:20:df:71:89:b5:27:55:
74:4c:5d:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwS8eDifP9ZUDvJ8WvBDu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwOTgyNTI2ODYwMmRmNGQ4Zjk5NTRhYjkyYmI2YTI3ZjI0
N2MzZWMwHhcNMjMwMTAyMDIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmE1Yjk5ZmI3NTc4MmZkMGMzMjQ3Y2EzMjllZjJlOWE1OTI2NzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zCX2iEygKz94qQ3HGjXIb6Qo9E4
llV0JR7uiHZrky6UCP5/nX7kN5VNdItOFz7mtFVFLROlbGOEFZ0Cod8AgzC2NAs7
J1CklWYQygUccAIIIlKiZPRw5LuzRRwSWDDlATpW90hWWVcp3cT5SiU4oepST8n/
EOS5oiVXv2VW6x5FEZ+HLDU2z8ctz5Q+EvLqfalA+KSFXyundWYoyCxVCAzwY7Jx
G82QVCrcjYCXxLudqQFuzSQ+bj+V3ktSOGT4UNemCeDieEsUcKZbhZS2svcM2N5A
5HzoJu33i+UCj9Pb72S1EDwCWnDFeIm+SYch3VNrxw5NGL3Wzrp4ZFvuqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLaluZ+3V4L9DDJHyjKe8umlkmdUMB8GA1UdIwQY
MBaAFJCYJSaGAt9Nj5lUq5K7aifyR8PsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0pnbEpvWUMzMDJQbVZTcmtydHFKX0pIdy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9kMTJiZWYtZWFhYi00NmYzLWEzMjAt
ZjdhOWYxOWJiZDEyLzEvdHFXNW43ZFhndjBNTWtmS01wN3k2YVdTWjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9kMTJiZWYtZWFhYi00NmYzLWEzMjAtZjdhOWYxOWJiZDEy
LzEva0pnbEpvWUMzMDJQbVZTcmtydHFKX0pIdy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQC2ZMAMA8E
AgACMAkDBwAqDtzAAAAwDQYJKoZIhvcNAQELBQADggEBAEBfSYxVRlJ1NSnrYhs/
U2fogCisesKKJP67iAvqWbRU5351dc2NYJRbVG6VtylydZoqgF26oQGZw+1ovE29
pGcSpcpyspO8kLroPNYF5i64hGApXhel+KDkFjbhT2XFyhFwZOCEEJ+AYCS/X+0X
9E/MoTFICf+VBKVUfDfClLSPvA90JYtMqkys5vCjN89OpStjSI75ZpYLjj2l1Lnk
SEdpswj8mLjJH96FjUn5oaR4GCOr0P5Mp3Hz/WvHLn1g6ln0IJ0fTd7TJ26m8tBd
JrUGNFrX96B5a6Ooph41uhBpFfkWFeHw6vOXasTV55+/wymybFcsIN9xibUnVXRM
XeU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:39 2024 by rpki-client on console-ams.rpki-client.org