Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/271c6b-19d0-40b5-b58d-0de393171622/1/0o191MVnVBt85ryZHFYu6Q0NdiQ.roa
File: 0o191MVnVBt85ryZHFYu6Q0NdiQ.roa (raw, json)
Hash identifier: IwSJaL44ZZs3lm3EFPqzbVAdqz8rmKe1xwMIKuV8lJc=
Subject key identifier: D2:8D:7D:D4:C5:67:54:1B:7C:E6:BC:99:1C:56:2E:E9:0D:0D:76:24
Certificate issuer: /CN=a6831d0ef5a59e34d621d613b68f9bffb5298fcd
Certificate serial: 018CC4254718CFE6DDC70E2F0745862A7D29
Authority key identifier: A6:83:1D:0E:F5:A5:9E:34:D6:21:D6:13:B6:8F:9B:FF:B5:29:8F:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/poMdDvWlnjTWIdYTto-b_7Upj80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/271c6b-19d0-40b5-b58d-0de393171622/1/0o191MVnVBt85ryZHFYu6Q0NdiQ.roa
Signing time: Mon 01 Jan 2024 08:30:26 +0000
ROA not before: Mon 01 Jan 2024 08:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 217.198.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:47:18:cf:e6:dd:c7:0e:2f:07:45:86:2a:7d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6831d0ef5a59e34d621d613b68f9bffb5298fcd
Validity
Not Before: Jan 1 08:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d28d7dd4c567541b7ce6bc991c562ee90d0d7624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f1:f6:c9:6c:62:1b:2e:ed:30:54:81:6a:cb:
e6:10:56:fe:7a:be:51:e0:b5:28:35:10:7e:5a:28:
5f:4f:71:13:7a:f3:62:d2:04:de:2e:62:98:18:7c:
24:02:35:78:ae:84:2e:a5:e6:aa:1d:bd:3c:9b:cf:
24:91:dc:5f:99:7c:2d:2d:43:0a:6b:c2:ed:b1:3e:
1d:50:47:0e:03:31:5c:d1:21:a5:b4:03:1f:9f:bd:
79:8f:69:1b:d1:49:ea:be:af:79:ee:f7:5b:ab:b0:
e5:62:aa:84:5c:60:b8:7b:5d:1f:e9:90:9d:d2:fb:
ad:4d:3b:82:31:a0:7e:2d:66:2c:7e:c4:f4:32:5c:
23:59:21:d3:75:b1:3f:e4:50:17:ea:af:b6:61:6e:
81:97:1a:f4:f4:b9:b4:df:01:1e:66:48:e9:66:c5:
cc:7b:6b:95:59:26:44:ae:39:a8:87:64:41:94:e4:
59:70:ef:1f:3a:1b:24:26:5d:98:c4:e3:7b:1c:87:
ac:50:58:15:4e:af:5a:68:42:a0:70:24:ba:96:eb:
8f:82:9f:ab:b3:fd:41:e4:a8:40:26:83:0f:21:3f:
00:9a:4a:37:6e:c9:bb:58:9f:84:ac:96:ee:58:cf:
71:cc:f0:f5:8f:5f:6c:01:fb:1c:3e:e5:d3:d7:db:
5a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:8D:7D:D4:C5:67:54:1B:7C:E6:BC:99:1C:56:2E:E9:0D:0D:76:24
X509v3 Authority Key Identifier:
keyid:A6:83:1D:0E:F5:A5:9E:34:D6:21:D6:13:B6:8F:9B:FF:B5:29:8F:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/poMdDvWlnjTWIdYTto-b_7Upj80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/271c6b-19d0-40b5-b58d-0de393171622/1/0o191MVnVBt85ryZHFYu6Q0NdiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/271c6b-19d0-40b5-b58d-0de393171622/1/poMdDvWlnjTWIdYTto-b_7Upj80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.198.179.0/24
Signature Algorithm: sha256WithRSAEncryption
90:82:14:c5:f7:b2:ef:a5:b9:07:42:97:ba:83:9b:d1:94:2f:
c1:63:3b:79:e0:38:76:cd:cb:1c:15:df:0e:3f:1e:2c:d2:82:
77:55:d7:c6:18:70:a8:5a:18:22:b6:3f:34:41:d5:ab:35:6a:
a5:58:6f:e8:46:11:89:22:50:ab:da:fd:08:e7:3e:4b:c4:6a:
06:85:49:0d:10:49:fc:aa:01:50:d9:58:b7:52:29:ff:eb:ef:
c2:cd:98:0a:c7:57:de:36:4b:ba:91:b5:10:f0:6e:c5:d6:a3:
77:a3:cb:f8:02:03:36:05:38:80:97:b3:a0:4b:65:d7:b5:a5:
5f:47:18:bc:49:55:a2:a2:7c:42:a8:ba:7f:27:70:1d:2e:8a:
1f:8b:68:08:d3:42:c5:bd:91:5d:d9:03:a0:0a:08:7b:51:0e:
35:a6:a3:ec:f6:de:17:ab:41:c0:ac:2a:26:08:0a:bc:84:d6:
3b:f8:2b:02:28:c4:89:5d:42:c7:29:71:6a:1c:02:a5:8d:bf:
af:69:8b:5d:cf:78:be:a6:7c:a9:09:f8:90:fc:c3:1b:23:ba:
8f:81:97:92:29:4d:bc:aa:39:f1:cb:43:e4:04:ca:f2:73:23:
bf:a7:ad:43:da:b6:09:46:f0:ae:aa:d3:a2:00:8d:f4:07:c5:
1f:4b:f9:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJUcYz+bdxw4vB0WGKn0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ODMxZDBlZjVhNTllMzRkNjIxZDYxM2I2OGY5YmZmYjUy
OThmY2QwHhcNMjQwMTAxMDgzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjhkN2RkNGM1Njc1NDFiN2NlNmJjOTkxYzU2MmVlOTBkMGQ3NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfH2yWxiGy7tMFSBasvmEFb+er5R
4LUoNRB+WihfT3ETevNi0gTeLmKYGHwkAjV4roQupeaqHb08m88kkdxfmXwtLUMK
a8LtsT4dUEcOAzFc0SGltAMfn715j2kb0Unqvq957vdbq7DlYqqEXGC4e10f6ZCd
0vutTTuCMaB+LWYsfsT0MlwjWSHTdbE/5FAX6q+2YW6Blxr09Lm03wEeZkjpZsXM
e2uVWSZErjmoh2RBlORZcO8fOhskJl2YxON7HIesUFgVTq9aaEKgcCS6luuPgp+r
s/1B5KhAJoMPIT8Amko3bsm7WJ+ErJbuWM9xzPD1j19sAfscPuXT19tagQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKNfdTFZ1QbfOa8mRxWLukNDXYkMB8GA1UdIwQY
MBaAFKaDHQ71pZ401iHWE7aPm/+1KY/NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG9NZER2V2xualRXSWRZVHRvLWJfN1VwajgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8yNzFjNmItMTlkMC00MGI1LWI1OGQt
MGRlMzkzMTcxNjIyLzEvMG8xOTFNVm5WQnQ4NXJ5WkhGWXU2UTBOZGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8yNzFjNmItMTlkMC00MGI1LWI1OGQtMGRlMzkzMTcxNjIy
LzEvcG9NZER2V2xualRXSWRZVHRvLWJfN1VwajgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cazMA0G
CSqGSIb3DQEBCwUAA4IBAQCQghTF97LvpbkHQpe6g5vRlC/BYzt54Dh2zcscFd8O
Px4s0oJ3VdfGGHCoWhgitj80QdWrNWqlWG/oRhGJIlCr2v0I5z5LxGoGhUkNEEn8
qgFQ2Vi3Uin/6+/CzZgKx1feNku6kbUQ8G7F1qN3o8v4AgM2BTiAl7OgS2XXtaVf
Rxi8SVWionxCqLp/J3AdLoofi2gI00LFvZFd2QOgCgh7UQ41pqPs9t4Xq0HArCom
CAq8hNY7+CsCKMSJXULHKXFqHAKljb+vaYtdz3i+pnypCfiQ/MMbI7qPgZeSKU28
qjnxy0PkBMrycyO/p61D2rYJRvCuqtOiAI30B8UfS/n7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:02 2025 by rpki-client