Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/Vj4iHrU7dsbeaslPJ_eVBTytqtY.roa
File: Vj4iHrU7dsbeaslPJ_eVBTytqtY.roa (raw, json)
Hash identifier: /zJF5mkUGTwYWXCySnUO52dFrGJdzfLiWoQaQ79ZacU=
Subject key identifier: 56:3E:22:1E:B5:3B:76:C6:DE:6A:C9:4F:27:F7:95:05:3C:AD:AA:D6
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 019425FC425D55B2DD62EFD6B491A3256EE2
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/Vj4iHrU7dsbeaslPJ_eVBTytqtY.roa
Signing time: Thu 02 Jan 2025 07:47:56 +0000
ROA not before: Thu 02 Jan 2025 07:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215976
IP address blocks: 217.147.169.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:42:5d:55:b2:dd:62:ef:d6:b4:91:a3:25:6e:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Jan 2 07:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=563e221eb53b76c6de6ac94f27f795053cadaad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7e:72:9e:86:7f:d9:4e:ff:32:39:9a:46:ea:
e1:c5:6c:c4:59:ad:a6:3d:cd:66:cf:03:b9:ed:3a:
5b:f2:06:9d:d9:ca:67:d4:ba:6f:c9:ec:1c:a4:fa:
b0:c1:b1:ac:62:4e:0d:b1:3a:06:67:cc:2b:26:3e:
bf:5d:c4:c3:4e:ec:f4:d8:82:ae:26:50:fc:f5:c5:
70:82:75:0c:73:7a:33:9b:5c:58:76:34:4c:0d:28:
9b:06:3f:f8:0b:ae:b0:ab:a8:b7:f9:e4:d3:e2:f1:
37:2d:8b:45:93:52:67:af:a1:16:36:66:bf:8a:93:
78:2f:b7:18:f7:51:82:be:68:0d:2e:a6:39:d5:92:
cf:7f:d4:10:be:7f:d5:1b:f3:d4:01:7c:98:0e:da:
6e:2c:3c:b6:99:17:83:6a:d9:16:6f:40:44:e4:25:
8b:18:ea:59:f1:9d:a0:95:04:de:a4:23:a2:85:1d:
02:a5:af:89:d6:f1:3f:84:64:7f:28:e1:e6:e1:ae:
8c:fe:34:bb:07:82:03:a4:2b:07:be:65:73:dc:b3:
8d:26:84:57:13:59:c0:08:ae:a9:6c:c8:a3:6f:d0:
ff:e1:a6:2e:c3:37:8b:79:ed:d9:a4:57:a0:8e:26:
84:d1:92:00:93:37:a6:6a:55:40:ca:44:62:49:c5:
09:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:3E:22:1E:B5:3B:76:C6:DE:6A:C9:4F:27:F7:95:05:3C:AD:AA:D6
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/Vj4iHrU7dsbeaslPJ_eVBTytqtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.169.0/24
Signature Algorithm: sha256WithRSAEncryption
94:26:d8:a4:59:ab:c5:44:03:ac:ef:20:94:db:60:90:50:e7:
fa:54:fc:ba:66:3e:39:4a:1c:8d:45:9d:bc:8f:38:da:15:df:
e2:55:51:38:2c:7b:0d:42:83:ba:8a:7b:0b:bd:76:8b:b6:f1:
4c:4a:d1:e0:87:22:19:55:f4:14:d2:45:6c:53:13:ee:cf:fa:
cc:3f:40:8a:7b:bd:7a:b1:b0:8d:96:34:38:ed:df:92:f7:c6:
b9:b6:18:38:64:77:1d:1d:98:53:da:50:e0:19:82:8b:d6:df:
8c:bb:76:9a:99:62:c3:dc:87:98:27:ae:c8:9f:bb:68:93:b1:
91:98:a0:f7:27:9d:7e:33:27:39:f2:e9:56:c4:5e:63:53:8e:
60:90:9d:d0:fb:f7:2b:2d:ef:85:bf:14:b9:c7:d6:46:06:e7:
5b:89:4e:81:d3:29:cc:61:4c:41:30:52:d7:a5:b0:2f:a4:4d:
b3:0f:cb:15:76:bd:f4:1d:12:81:67:26:6a:8c:3c:05:4a:bd:
8c:b6:48:15:7a:00:ea:22:d5:77:34:c4:6c:55:49:0e:9f:ae:
92:a1:67:ad:c0:64:ad:9f:78:00:5d:e6:79:bd:a2:7d:67:87:
f9:67:d7:41:77:21:03:53:bf:dd:57:88:7a:16:41:45:4e:6e:
d3:7d:13:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/EJdVbLdYu/WtJGjJW7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjUwMTAyMDc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjNlMjIxZWI1M2I3NmM2ZGU2YWM5NGYyN2Y3OTUwNTNjYWRhYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw35ynoZ/2U7/MjmaRurhxWzEWa2m
Pc1mzwO57Tpb8gad2cpn1LpvyewcpPqwwbGsYk4NsToGZ8wrJj6/XcTDTuz02IKu
JlD89cVwgnUMc3ozm1xYdjRMDSibBj/4C66wq6i3+eTT4vE3LYtFk1Jnr6EWNma/
ipN4L7cY91GCvmgNLqY51ZLPf9QQvn/VG/PUAXyYDtpuLDy2mReDatkWb0BE5CWL
GOpZ8Z2glQTepCOihR0Cpa+J1vE/hGR/KOHm4a6M/jS7B4IDpCsHvmVz3LONJoRX
E1nACK6pbMijb9D/4aYuwzeLee3ZpFegjiaE0ZIAkzemalVAykRiScUJMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFY+Ih61O3bG3mrJTyf3lQU8rarWMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvVmo0aUhyVTdkc2JlYXNsUEpfZVZCVHl0cXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZOpMA0G
CSqGSIb3DQEBCwUAA4IBAQCUJtikWavFRAOs7yCU22CQUOf6VPy6Zj45ShyNRZ28
jzjaFd/iVVE4LHsNQoO6insLvXaLtvFMStHghyIZVfQU0kVsUxPuz/rMP0CKe716
sbCNljQ47d+S98a5thg4ZHcdHZhT2lDgGYKL1t+Mu3aamWLD3IeYJ67In7tok7GR
mKD3J51+Myc58ulWxF5jU45gkJ3Q+/crLe+FvxS5x9ZGBudbiU6B0ynMYUxBMFLX
pbAvpE2zD8sVdr30HRKBZyZqjDwFSr2MtkgVegDqItV3NMRsVUkOn66SoWetwGSt
n3gAXeZ5vaJ9Z4f5Z9dBdyEDU7/dV4h6FkFFTm7TfRPO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:12 2025 by rpki-client