Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/VPA2VkuPWIU0Q5fKmacWQJ18xkg.roa
File: VPA2VkuPWIU0Q5fKmacWQJ18xkg.roa (raw, json)
Hash identifier: Wsj8IHuBNolBQXtXdVqKz/O/NToMO08VQONhY3AhQsc=
Subject key identifier: 54:F0:36:56:4B:8F:58:85:34:43:97:CA:99:A7:16:40:9D:7C:C6:48
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 018F24ABC162ACA35F852338FCD7C70F0D3D
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/VPA2VkuPWIU0Q5fKmacWQJ18xkg.roa
Signing time: Sun 28 Apr 2024 12:26:26 +0000
ROA not before: Sun 28 Apr 2024 12:26:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 217.147.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:24:ab:c1:62:ac:a3:5f:85:23:38:fc:d7:c7:0f:0d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Apr 28 12:26:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54f036564b8f5885344397ca99a716409d7cc648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0d:58:a7:42:76:55:b4:53:d4:08:e8:11:8f:
4e:07:a0:87:c3:68:56:bd:ec:ff:3d:55:89:b9:3e:
ed:74:6d:ae:6b:24:60:82:9f:03:d8:75:da:53:9a:
0e:85:11:1d:a1:b1:82:a1:6f:fc:73:3b:8a:d5:e8:
f8:6b:f1:72:2c:25:a7:0e:1a:74:df:8a:2a:c3:e9:
bb:64:65:2d:92:c4:c8:b3:3d:d0:24:cf:39:c9:32:
22:69:0b:fb:2a:40:3e:b9:77:89:00:5a:f9:d6:21:
f5:e5:66:8b:14:8f:0d:81:c8:29:68:00:98:0d:b1:
eb:14:63:9d:09:bc:ba:7b:73:e4:29:9f:d1:6d:04:
06:64:3d:34:7e:82:31:20:39:c4:cb:ed:2a:b7:93:
39:8c:5e:03:fc:be:e4:17:94:18:46:15:43:20:32:
91:95:d5:25:ec:d4:0f:24:6d:d3:47:e9:13:e6:40:
61:10:8e:e8:e4:4b:00:55:47:53:06:84:9a:2d:27:
33:38:c3:da:9f:bb:46:47:fe:30:02:95:cb:4b:35:
6a:bf:70:c9:dc:07:5f:5c:1a:d3:17:7f:dd:62:17:
3a:39:2b:9e:ef:1c:4b:5b:55:00:7a:ca:06:ce:8c:
1f:19:2d:cb:de:24:d1:6b:73:7d:d5:cb:33:12:b5:
59:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F0:36:56:4B:8F:58:85:34:43:97:CA:99:A7:16:40:9D:7C:C6:48
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/VPA2VkuPWIU0Q5fKmacWQJ18xkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.167.0/24
Signature Algorithm: sha256WithRSAEncryption
60:88:ab:43:16:b8:a1:d9:7d:76:fe:2c:6d:b1:c4:08:5b:90:
e5:8c:65:06:74:89:36:89:0c:8c:32:59:36:41:f6:22:42:13:
f8:69:c2:67:76:e4:1d:d8:67:26:09:5b:0c:54:98:21:6e:11:
34:44:f4:e0:05:fc:fc:5a:e3:a3:3f:6d:2e:6c:cf:fd:1c:95:
a4:6d:ba:dd:7d:21:45:26:9e:4c:68:df:61:0b:88:d8:eb:34:
24:e8:8c:42:d5:c4:41:1c:ee:f5:75:96:ce:c6:d1:fb:5f:f5:
71:d0:b9:00:5f:27:e4:d3:b4:06:f7:2f:19:0a:cb:2f:06:15:
b8:71:f0:fa:ad:bb:8c:c6:47:c5:07:78:c8:60:1a:d8:73:1b:
9d:29:1b:aa:67:f0:0a:f8:d0:a3:f1:a1:dd:4f:4c:50:1e:33:
fb:60:73:6d:a4:be:91:48:74:34:0e:f4:a8:2f:22:e2:d9:7b:
07:06:17:f2:e2:ec:bc:8f:20:ce:ac:79:6f:71:3b:f3:b0:41:
93:23:a1:28:a0:10:11:d4:b2:a9:14:8d:a9:fa:c5:5c:c0:29:
84:f7:4a:92:91:45:5a:80:e3:e0:e7:78:93:b9:50:69:6f:ce:
cd:69:d6:0a:29:88:84:67:35:e6:37:a6:86:4a:29:87:08:f4:
01:5e:3f:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8kq8FirKNfhSM4/NfHDw09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjQwNDI4MTIyNjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGYwMzY1NjRiOGY1ODg1MzQ0Mzk3Y2E5OWE3MTY0MDlkN2NjNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3g1Yp0J2VbRT1AjoEY9OB6CHw2hW
vez/PVWJuT7tdG2uayRggp8D2HXaU5oOhREdobGCoW/8czuK1ej4a/FyLCWnDhp0
34oqw+m7ZGUtksTIsz3QJM85yTIiaQv7KkA+uXeJAFr51iH15WaLFI8NgcgpaACY
DbHrFGOdCby6e3PkKZ/RbQQGZD00foIxIDnEy+0qt5M5jF4D/L7kF5QYRhVDIDKR
ldUl7NQPJG3TR+kT5kBhEI7o5EsAVUdTBoSaLSczOMPan7tGR/4wApXLSzVqv3DJ
3AdfXBrTF3/dYhc6OSue7xxLW1UAesoGzowfGS3L3iTRa3N91cszErVZoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFTwNlZLj1iFNEOXypmnFkCdfMZIMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvVlBBMlZrdVBXSVUwUTVmS21hY1dRSjE4eGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZOnMA0G
CSqGSIb3DQEBCwUAA4IBAQBgiKtDFrih2X12/ixtscQIW5DljGUGdIk2iQyMMlk2
QfYiQhP4acJnduQd2GcmCVsMVJghbhE0RPTgBfz8WuOjP20ubM/9HJWkbbrdfSFF
Jp5MaN9hC4jY6zQk6IxC1cRBHO71dZbOxtH7X/Vx0LkAXyfk07QG9y8ZCssvBhW4
cfD6rbuMxkfFB3jIYBrYcxudKRuqZ/AK+NCj8aHdT0xQHjP7YHNtpL6RSHQ0DvSo
LyLi2XsHBhfy4uy8jyDOrHlvcTvzsEGTI6EooBAR1LKpFI2p+sVcwCmE90qSkUVa
gOPg53iTuVBpb87NadYKKYiEZzXmN6aGSimHCPQBXj+5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:31 2025 by rpki-client