Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/LUrkh66XkZKwVNjUYmI-WKVrIfI.roa
File: LUrkh66XkZKwVNjUYmI-WKVrIfI.roa (raw, json)
Hash identifier: 5Ng6MZdkPvVN1KuSdt18zrAjGiSQ9er9QPXtD6HBMwQ=
Subject key identifier: 2D:4A:E4:87:AE:97:91:92:B0:54:D8:D4:62:62:3E:58:A5:6B:21:F2
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 019425FC408E1C4973C7D6AFAC7FB4258D4A
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/LUrkh66XkZKwVNjUYmI-WKVrIfI.roa
Signing time: Thu 02 Jan 2025 07:47:55 +0000
ROA not before: Thu 02 Jan 2025 07:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198227
IP address blocks: 217.147.170.0/24 maxlen: 24
217.147.173.0/24 maxlen: 24
217.147.174.0/24 maxlen: 24
217.147.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:40:8e:1c:49:73:c7:d6:af:ac:7f:b4:25:8d:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Jan 2 07:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d4ae487ae979192b054d8d462623e58a56b21f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a5:56:10:f0:dd:ba:b1:8b:56:bc:36:3d:e0:
58:fa:fa:77:d3:df:c4:e4:b5:a4:1d:44:65:7d:35:
81:d8:05:eb:45:16:7d:20:fd:74:45:79:ca:11:6b:
c9:e1:04:51:cb:3b:65:ef:0d:40:e1:a7:be:24:13:
23:03:d7:6b:11:56:27:10:1b:95:fe:2b:ac:49:03:
30:c9:f4:31:e9:d8:4c:51:a5:1a:6a:bb:2a:bd:a0:
b0:65:14:bb:83:8d:cc:b7:cc:1a:95:83:4b:4d:cb:
bc:07:d7:4e:3f:51:6a:de:68:82:ee:cd:a3:8d:b2:
93:d5:1b:9f:4d:7f:c6:ca:ea:11:b2:dc:bd:39:a8:
ac:c2:38:4f:a0:62:40:ec:b5:7d:bb:1b:83:b2:5a:
45:39:f3:f5:e0:20:11:ea:80:79:b2:24:be:4e:2f:
d5:4e:05:b1:5f:91:88:84:14:18:eb:d6:bb:f7:6f:
e1:1e:b0:27:41:17:89:d7:8a:ec:a6:01:21:c2:fe:
7e:f8:e7:b9:0b:be:5c:4f:07:d7:d9:ac:5b:06:06:
27:9d:f8:b9:8f:bc:44:cd:c0:85:cd:fd:47:cf:46:
94:c6:f6:df:57:63:db:ff:e4:25:04:c2:cb:7c:70:
f8:36:97:98:f0:b3:4f:04:f8:8c:cc:7f:59:b6:88:
4d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:4A:E4:87:AE:97:91:92:B0:54:D8:D4:62:62:3E:58:A5:6B:21:F2
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/LUrkh66XkZKwVNjUYmI-WKVrIfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.170.0/24
217.147.173.0-217.147.175.255
Signature Algorithm: sha256WithRSAEncryption
ba:7b:1e:a5:fd:88:26:c1:62:de:06:35:13:f6:c0:e8:d0:59:
7f:b4:9f:bb:9d:fc:88:e5:2b:d7:a4:b9:bc:05:2f:95:42:e6:
44:d0:77:91:a6:05:7e:a9:3a:06:ce:d2:15:e9:f8:cc:88:f8:
3e:16:f9:5d:7f:18:b1:c1:6a:39:a4:97:f8:94:47:a0:8d:0f:
57:19:0c:fe:e6:be:b9:e9:19:63:5f:f3:f3:4d:2e:f0:69:74:
e1:cb:90:cd:18:fb:9c:1d:14:15:ba:d4:b3:22:7a:bb:b0:98:
d9:7b:f8:50:80:bc:1f:1c:5a:00:86:c7:65:39:22:57:d3:2e:
ff:19:d6:8d:87:87:71:29:a5:f3:05:d1:e4:59:69:56:eb:4e:
2e:44:fa:90:0c:02:fa:2a:25:60:a7:d1:d8:8e:04:33:e6:82:
3d:f7:34:6b:4b:7b:b2:1c:fe:09:7f:9d:7e:32:ce:16:01:d4:
23:55:90:61:46:ad:bd:fe:98:e5:f8:74:c0:08:67:11:f8:51:
61:3f:2e:77:e0:25:ad:d8:cd:19:eb:f7:19:7f:a9:27:d2:64:
b1:30:fc:c7:79:a5:e0:38:05:42:d2:c7:56:7f:83:73:aa:74:
98:fb:26:ef:e2:55:cb:49:be:01:6a:01:9a:f6:62:d3:50:98:
31:0e:0c:f8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQl/ECOHElzx9avrH+0JY1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjUwMTAyMDc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDRhZTQ4N2FlOTc5MTkyYjA1NGQ4ZDQ2MjYyM2U1OGE1NmIyMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qVWEPDdurGLVrw2PeBY+vp309/E
5LWkHURlfTWB2AXrRRZ9IP10RXnKEWvJ4QRRyztl7w1A4ae+JBMjA9drEVYnEBuV
/iusSQMwyfQx6dhMUaUaarsqvaCwZRS7g43Mt8walYNLTcu8B9dOP1Fq3miC7s2j
jbKT1RufTX/GyuoRsty9OaiswjhPoGJA7LV9uxuDslpFOfP14CAR6oB5siS+Ti/V
TgWxX5GIhBQY69a792/hHrAnQReJ14rspgEhwv5++Oe5C75cTwfX2axbBgYnnfi5
j7xEzcCFzf1Hz0aUxvbfV2Pb/+QlBMLLfHD4NpeY8LNPBPiMzH9ZtohN9wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFC1K5Ieul5GSsFTY1GJiPlilayHyMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvTFVya2g2NlhrWkt3Vk5qVVltSS1XS1ZySWZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA2ZOqMAwD
BADZk60DBATZk6AwDQYJKoZIhvcNAQELBQADggEBALp7HqX9iCbBYt4GNRP2wOjQ
WX+0n7ud/IjlK9ekubwFL5VC5kTQd5GmBX6pOgbO0hXp+MyI+D4W+V1/GLHBajmk
l/iUR6CND1cZDP7mvrnpGWNf8/NNLvBpdOHLkM0Y+5wdFBW61LMieruwmNl7+FCA
vB8cWgCGx2U5IlfTLv8Z1o2Hh3EppfMF0eRZaVbrTi5E+pAMAvoqJWCn0diOBDPm
gj33NGtLe7Ic/gl/nX4yzhYB1CNVkGFGrb3+mOX4dMAIZxH4UWE/LnfgJa3YzRnr
9xl/qSfSZLEw/Md5peA4BULSx1Z/g3OqdJj7Ju/iVctJvgFqAZr2YtNQmDEODPg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:57 2025 by rpki-client