Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/cXr5KoO5Rjj3ggcl3gn2gjDOr-w.roa
File: cXr5KoO5Rjj3ggcl3gn2gjDOr-w.roa (raw, json)
Hash identifier: qIghIGCWh0i4erJrqfjDlzvRwt887IHkQwzRsxaPluU=
Subject key identifier: 71:7A:F9:2A:83:B9:46:38:F7:82:07:25:DE:09:F6:82:30:CE:AF:EC
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 0193AAE520635281F9B8516F8F8473387D01
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/cXr5KoO5Rjj3ggcl3gn2gjDOr-w.roa
Signing time: Mon 09 Dec 2024 10:09:22 +0000
ROA not before: Mon 09 Dec 2024 10:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 217.147.168.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:aa:e5:20:63:52:81:f9:b8:51:6f:8f:84:73:38:7d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Dec 9 10:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=717af92a83b94638f7820725de09f68230ceafec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1d:a4:00:44:2c:fc:87:5f:ed:b3:30:a5:e9:
ec:bc:01:8f:7b:8b:7b:a9:7e:a0:75:0e:cc:1d:0e:
b1:e3:70:5b:3b:fb:30:9b:53:9f:91:a0:52:12:c6:
99:23:da:6b:b3:a0:b1:ae:06:ee:38:f7:f2:d9:d0:
9e:ea:68:e4:0f:0f:72:f1:41:07:0e:0b:8d:ef:41:
0e:d5:33:87:4d:f2:9e:26:0e:b0:6e:19:05:b3:a1:
86:c2:e4:cd:43:0f:71:89:46:bb:ba:18:e1:99:9a:
b7:32:f3:1b:ad:6a:79:41:4b:52:6a:40:4b:f1:18:
d4:b2:03:f6:de:9c:2c:f3:63:24:ee:0f:fc:d4:a7:
1b:b5:0d:e1:99:be:85:43:5d:42:af:6f:de:63:0c:
ac:1d:84:f8:e4:95:9c:d3:f2:85:2e:e7:4a:7c:0c:
a1:89:5d:05:69:96:34:70:34:7a:bd:ab:da:73:a0:
bb:ae:6c:ae:c8:1e:35:6a:ba:b9:28:fd:b8:c5:ad:
d2:f4:c2:c0:b4:a6:f1:c3:99:29:ce:ec:9f:83:5b:
61:7a:69:0d:f3:6b:0c:8d:c8:05:8f:46:5d:b6:b5:
01:08:3a:f9:b9:e9:0c:c0:e3:b3:0e:d1:97:67:44:
7b:fd:b5:96:39:a6:17:1c:02:a9:4f:e2:74:ce:43:
85:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7A:F9:2A:83:B9:46:38:F7:82:07:25:DE:09:F6:82:30:CE:AF:EC
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/cXr5KoO5Rjj3ggcl3gn2gjDOr-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.168.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:88:dd:b0:09:0e:91:9c:52:1f:21:6e:a2:0d:0c:ba:6d:48:
5e:1d:39:1e:97:2b:d7:25:da:02:6d:c1:9f:d4:ec:f4:f3:f1:
51:4e:3b:af:10:76:7d:40:78:63:33:bd:09:93:d0:c9:1b:71:
71:49:da:7e:48:3a:4a:e6:64:01:9b:b6:e7:ab:72:71:3a:04:
09:be:56:2f:7d:98:29:27:ae:8f:31:f9:1a:a5:ff:e9:0c:22:
7e:22:79:99:cd:32:d7:b3:a7:55:38:09:31:29:b4:c3:e8:29:
0a:e2:63:0a:b2:ba:f4:af:4b:79:cb:23:0b:97:c5:bb:70:cf:
c5:7e:19:e0:10:6c:51:60:d6:3f:ef:5b:ae:51:dd:4c:90:64:
c3:c9:44:3d:77:0e:e6:92:72:87:71:d5:70:28:0d:e5:a0:05:
bd:8a:56:9d:8d:66:dd:4a:79:11:f9:5c:09:a7:20:e2:ad:f6:
10:d7:a4:84:31:6e:93:eb:70:e8:c5:5c:22:5a:ae:93:69:7c:
a2:a2:14:36:fe:a9:ea:d0:44:a2:d8:8c:dc:ff:62:a2:6e:de:
a9:5b:86:8e:c7:9f:ff:01:7e:d0:d0:de:7d:a5:e5:a3:0c:78:
b1:ba:f2:81:78:ca:8c:97:24:a1:3f:6a:ae:9c:da:09:37:6c:
7d:44:0f:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOq5SBjUoH5uFFvj4RzOH0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjQxMjA5MTAwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTdhZjkyYTgzYjk0NjM4Zjc4MjA3MjVkZTA5ZjY4MjMwY2VhZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh2kAEQs/Idf7bMwpensvAGPe4t7
qX6gdQ7MHQ6x43BbO/swm1OfkaBSEsaZI9prs6CxrgbuOPfy2dCe6mjkDw9y8UEH
DguN70EO1TOHTfKeJg6wbhkFs6GGwuTNQw9xiUa7uhjhmZq3MvMbrWp5QUtSakBL
8RjUsgP23pws82Mk7g/81KcbtQ3hmb6FQ11Cr2/eYwysHYT45JWc0/KFLudKfAyh
iV0FaZY0cDR6vavac6C7rmyuyB41arq5KP24xa3S9MLAtKbxw5kpzuyfg1themkN
82sMjcgFj0ZdtrUBCDr5uekMwOOzDtGXZ0R7/bWWOaYXHAKpT+J0zkOFeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHF6+SqDuUY494IHJd4J9oIwzq/sMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvY1hyNUtvTzVSamozZ2djbDNnbjJnakRPci13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZOoMA0G
CSqGSIb3DQEBCwUAA4IBAQB+iN2wCQ6RnFIfIW6iDQy6bUheHTkelyvXJdoCbcGf
1Oz08/FRTjuvEHZ9QHhjM70Jk9DJG3FxSdp+SDpK5mQBm7bnq3JxOgQJvlYvfZgp
J66PMfkapf/pDCJ+InmZzTLXs6dVOAkxKbTD6CkK4mMKsrr0r0t5yyMLl8W7cM/F
fhngEGxRYNY/71uuUd1MkGTDyUQ9dw7mknKHcdVwKA3loAW9iladjWbdSnkR+VwJ
pyDirfYQ16SEMW6T63DoxVwiWq6TaXyiohQ2/qnq0ESi2Izc/2Kibt6pW4aOx5//
AX7Q0N59peWjDHixuvKBeMqMlyShP2qunNoJN2x9RA/G
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:48 2025 by rpki-client