Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/wZN2zVnEQ0_FLW7b76a7kR82eQk.roa
File: wZN2zVnEQ0_FLW7b76a7kR82eQk.roa (raw, json)
Hash identifier: m90ZVcsE3itJBfTlg1GdW6NfGMoJlfLlZfJDFmB0pyw=
Subject key identifier: C1:93:76:CD:59:C4:43:4F:C5:2D:6E:DB:EF:A6:BB:91:1F:36:79:09
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 018CC793FF27761E76975D92BD56B594580F
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/wZN2zVnEQ0_FLW7b76a7kR82eQk.roa
Signing time: Tue 02 Jan 2024 00:30:14 +0000
ROA not before: Tue 02 Jan 2024 00:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21379
IP address blocks: 217.147.160.0/24 maxlen: 24
217.147.161.0/24 maxlen: 24
217.147.162.0/24 maxlen: 24
217.147.163.0/24 maxlen: 24
217.147.164.0/24 maxlen: 24
217.147.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:ff:27:76:1e:76:97:5d:92:bd:56:b5:94:58:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Jan 2 00:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c19376cd59c4434fc52d6edbefa6bb911f367909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e1:b7:53:14:d8:22:2f:73:1f:a8:71:54:59:
36:6d:d7:0e:44:b6:50:29:36:67:6f:b1:73:86:7f:
ff:95:ca:20:61:0b:4a:0f:e8:e9:3a:ad:25:9b:0a:
a7:a1:10:ef:00:33:d9:77:e0:26:2c:76:37:04:94:
e2:b0:cf:84:04:5d:5a:22:cd:25:04:57:18:83:bb:
02:53:fa:ff:42:05:42:c1:55:51:43:40:58:4d:2a:
c6:9d:18:f7:72:47:7b:23:c8:63:b8:01:6b:d2:6d:
2f:09:47:4b:a4:56:39:58:e3:38:0d:e9:63:31:fd:
20:3f:65:bb:1c:f1:6a:d5:5d:e7:08:21:6f:fe:7a:
27:69:2a:34:c0:18:f5:df:56:37:74:43:75:03:c4:
39:22:13:1e:8a:ce:58:2b:d2:f0:40:51:10:e6:94:
24:c1:a4:12:ed:c2:78:19:f3:4e:b4:49:97:2b:e1:
cd:d1:ad:5b:db:1c:e8:67:50:9e:e6:ce:ce:03:2e:
1b:98:d2:fd:c8:40:6f:41:dd:ea:a4:22:0b:b3:a5:
d5:bd:9e:a7:0d:f3:f6:c5:d3:30:63:87:90:3f:a0:
d0:65:92:a0:b8:e2:56:6b:46:f5:e0:9d:8d:6f:f9:
52:4e:67:ef:3d:95:99:b9:ee:8b:f9:24:81:55:29:
09:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:93:76:CD:59:C4:43:4F:C5:2D:6E:DB:EF:A6:BB:91:1F:36:79:09
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/wZN2zVnEQ0_FLW7b76a7kR82eQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.160.0-217.147.165.255
Signature Algorithm: sha256WithRSAEncryption
d6:d4:a8:4a:04:f8:02:e2:3c:6a:04:15:53:5d:30:4e:03:6b:
98:35:f0:44:82:3d:44:f2:e7:c2:30:a4:4a:ed:8f:ad:5e:8f:
4a:64:99:77:83:32:6f:53:cd:20:83:bd:a6:07:6c:98:ea:48:
07:7d:cd:8b:05:48:48:d2:55:32:8f:b5:fa:10:42:11:8a:8b:
e7:32:21:25:bc:7f:48:76:7a:b0:64:13:e1:63:e9:14:cf:d7:
5c:32:8a:3e:f6:04:bc:5b:19:fb:33:1b:26:3c:84:13:ee:19:
31:1a:26:8e:23:bb:ce:47:6a:ad:96:61:f4:52:a3:ac:31:56:
14:55:c0:75:6e:c6:7e:a0:e1:d2:e8:b1:b0:63:75:8b:65:a9:
73:31:3d:c9:a9:43:69:da:71:07:a3:60:79:71:14:98:9c:0f:
87:ac:a4:0d:9b:ac:d2:6c:39:9c:ef:d7:03:1c:b5:9c:06:eb:
b9:92:38:8c:e7:f9:cb:2f:61:fd:9f:92:0d:77:1e:9d:c9:db:
16:03:ab:cb:d8:e8:61:50:e6:b8:d6:28:d1:70:7d:59:dc:df:
95:dc:bc:c1:4a:df:38:b5:3f:52:16:41:e3:50:dc:98:06:7c:
2e:94:da:f2:94:84:65:b9:89:c1:1b:9f:df:23:d2:b9:60:aa:
bc:6d:26:a3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHk/8ndh52l12SvVa1lFgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjQwMTAyMDAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTkzNzZjZDU5YzQ0MzRmYzUyZDZlZGJlZmE2YmI5MTFmMzY3OTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuG3UxTYIi9zH6hxVFk2bdcORLZQ
KTZnb7Fzhn//lcogYQtKD+jpOq0lmwqnoRDvADPZd+AmLHY3BJTisM+EBF1aIs0l
BFcYg7sCU/r/QgVCwVVRQ0BYTSrGnRj3ckd7I8hjuAFr0m0vCUdLpFY5WOM4Delj
Mf0gP2W7HPFq1V3nCCFv/nonaSo0wBj131Y3dEN1A8Q5IhMeis5YK9LwQFEQ5pQk
waQS7cJ4GfNOtEmXK+HN0a1b2xzoZ1Ce5s7OAy4bmNL9yEBvQd3qpCILs6XVvZ6n
DfP2xdMwY4eQP6DQZZKguOJWa0b14J2Nb/lSTmfvPZWZue6L+SSBVSkJ5QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMGTds1ZxENPxS1u2++mu5EfNnkJMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvd1pOMnpWbkVRMF9GTFc3Yjc2YTdrUjgyZVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXZk6AD
BAHZk6QwDQYJKoZIhvcNAQELBQADggEBANbUqEoE+ALiPGoEFVNdME4Da5g18ESC
PUTy58IwpErtj61ej0pkmXeDMm9TzSCDvaYHbJjqSAd9zYsFSEjSVTKPtfoQQhGK
i+cyISW8f0h2erBkE+Fj6RTP11wyij72BLxbGfszGyY8hBPuGTEaJo4ju85Haq2W
YfRSo6wxVhRVwHVuxn6g4dLosbBjdYtlqXMxPcmpQ2nacQejYHlxFJicD4espA2b
rNJsOZzv1wMctZwG67mSOIzn+csvYf2fkg13Hp3J2xYDq8vY6GFQ5rjWKNFwfVnc
35XcvMFK3zi1P1IWQeNQ3JgGfC6U2vKUhGW5icEbn98j0rlgqrxtJqM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:43 2025 by rpki-client