Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/wNlngMkXPAo5ge24oPNEH7R4BjU.roa
File: wNlngMkXPAo5ge24oPNEH7R4BjU.roa (raw, json)
Hash identifier: BQ1wZvgOoq4b7JD2/JD8F0i9dHc0x2sFZgpgbCaJ8VU=
Subject key identifier: C0:D9:67:80:C9:17:3C:0A:39:81:ED:B8:A0:F3:44:1F:B4:78:06:35
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 019425FC4151AEA6F80CA147C8AA3CFB7339
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/wNlngMkXPAo5ge24oPNEH7R4BjU.roa
Signing time: Thu 02 Jan 2025 07:47:56 +0000
ROA not before: Thu 02 Jan 2025 07:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207305
IP address blocks: 217.147.171.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:41:51:ae:a6:f8:0c:a1:47:c8:aa:3c:fb:73:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Jan 2 07:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0d96780c9173c0a3981edb8a0f3441fb4780635
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a0:32:2a:ad:f7:92:c4:3d:df:08:4b:69:a4:
37:6c:67:06:75:8e:18:af:dd:c4:3d:c0:9a:2c:94:
68:db:e3:8e:1d:68:d2:b7:3a:35:0c:6d:17:20:ee:
ed:41:90:c9:96:2f:b7:7e:ea:86:b9:3c:23:dc:82:
76:17:e2:f7:4a:eb:47:80:4c:92:fb:10:86:bd:b4:
13:6a:d8:16:44:c0:75:75:7e:c0:f6:95:38:b4:17:
fc:94:dc:78:f7:78:93:ce:ba:04:aa:d5:8b:49:b2:
a0:1a:c5:c4:c3:51:43:d1:7f:bc:47:56:21:e9:a9:
1e:88:15:c1:31:f2:05:ba:1c:a5:c6:48:0f:4c:4f:
d3:78:ce:80:bf:af:31:18:8d:28:c9:1a:d4:4c:d1:
4c:1c:d1:1e:1b:2e:28:3b:0c:a5:a1:e1:8e:1e:87:
cb:ac:1a:fb:e4:b5:3a:6c:32:e9:bc:e3:cd:9c:6a:
32:07:76:ba:e7:47:c1:db:95:fc:37:0b:6f:a3:ee:
84:ac:41:37:32:b4:ba:74:68:5e:90:64:00:bb:a9:
bb:97:7d:92:b8:2f:7d:7b:51:72:e9:16:87:ea:52:
cc:18:ae:83:08:dd:ef:26:ee:ea:29:d6:14:40:f0:
52:e3:97:9d:03:7f:3a:7a:62:a4:f6:40:9d:7c:4a:
ea:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D9:67:80:C9:17:3C:0A:39:81:ED:B8:A0:F3:44:1F:B4:78:06:35
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/wNlngMkXPAo5ge24oPNEH7R4BjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.171.0/24
Signature Algorithm: sha256WithRSAEncryption
dc:a3:46:38:9b:97:60:84:67:93:32:7c:83:d3:c2:04:a0:96:
9c:65:d7:cb:4e:d2:ef:6d:f1:21:ef:e0:6b:c0:16:5f:e1:58:
5e:5e:63:ba:33:5a:f2:05:a7:32:74:a2:b5:52:d1:75:d3:8b:
88:76:e4:74:23:ad:bc:ea:f0:66:51:b9:b4:fd:ba:72:e7:18:
4f:82:d6:35:d3:91:51:9c:f3:18:14:78:6c:52:8a:40:e3:bb:
22:90:3a:3a:46:a3:de:33:f7:0d:ca:5e:0f:06:e4:14:c5:d4:
82:4a:73:37:cf:30:17:ed:9a:7e:35:da:13:6f:7b:e1:4b:88:
ab:ce:1a:e4:7d:28:b5:4a:02:24:d3:fb:b3:b0:6a:04:b2:0b:
71:2f:0d:0c:df:a3:d4:02:6d:d4:46:80:b3:74:e7:40:9c:35:
24:a4:a0:51:49:1a:b5:5c:10:d7:d8:b5:34:98:11:77:be:72:
31:ab:0e:10:ef:cf:db:0f:95:f3:2d:28:58:e1:80:9a:da:a2:
d2:75:fe:08:61:9d:41:44:99:05:95:ed:67:a9:be:67:54:fb:
6d:89:0f:af:5c:98:61:3e:1f:a9:90:1d:fb:3d:3e:92:64:85:
c9:49:7b:c3:33:54:38:e3:ea:d2:18:84:b2:dc:35:2c:1a:5b:
31:9a:34:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/EFRrqb4DKFHyKo8+3M5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjUwMTAyMDc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQ5Njc4MGM5MTczYzBhMzk4MWVkYjhhMGYzNDQxZmI0NzgwNjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6AyKq33ksQ93whLaaQ3bGcGdY4Y
r93EPcCaLJRo2+OOHWjStzo1DG0XIO7tQZDJli+3fuqGuTwj3IJ2F+L3SutHgEyS
+xCGvbQTatgWRMB1dX7A9pU4tBf8lNx493iTzroEqtWLSbKgGsXEw1FD0X+8R1Yh
6akeiBXBMfIFuhylxkgPTE/TeM6Av68xGI0oyRrUTNFMHNEeGy4oOwyloeGOHofL
rBr75LU6bDLpvOPNnGoyB3a650fB25X8Nwtvo+6ErEE3MrS6dGhekGQAu6m7l32S
uC99e1Fy6RaH6lLMGK6DCN3vJu7qKdYUQPBS45edA386emKk9kCdfErqRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMDZZ4DJFzwKOYHtuKDzRB+0eAY1MB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvd05sbmdNa1hQQW81Z2UyNG9QTkVIN1I0QmpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZOrMA0G
CSqGSIb3DQEBCwUAA4IBAQDco0Y4m5dghGeTMnyD08IEoJacZdfLTtLvbfEh7+Br
wBZf4VheXmO6M1ryBacydKK1UtF104uIduR0I6286vBmUbm0/bpy5xhPgtY105FR
nPMYFHhsUopA47sikDo6RqPeM/cNyl4PBuQUxdSCSnM3zzAX7Zp+NdoTb3vhS4ir
zhrkfSi1SgIk0/uzsGoEsgtxLw0M36PUAm3URoCzdOdAnDUkpKBRSRq1XBDX2LU0
mBF3vnIxqw4Q78/bD5XzLShY4YCa2qLSdf4IYZ1BRJkFle1nqb5nVPttiQ+vXJhh
Ph+pkB37PT6SZIXJSXvDM1Q44+rSGISy3DUsGlsxmjQv
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:43 2025 by rpki-client