Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/TyWL3xFpNven7KrNlaJ8v9k5JK8.roa
File: TyWL3xFpNven7KrNlaJ8v9k5JK8.roa (raw, json)
Hash identifier: E2+AhRY0pqwsVnmj4TP+MVDZiHT3sKt+kF6lunLkhqE=
Subject key identifier: 4F:25:8B:DF:11:69:36:F7:A7:EC:AA:CD:95:A2:7C:BF:D9:39:24:AF
Certificate issuer: /CN=9c21a5e4cf6e9e2e70338aeebfa0d1588d73b6ef
Certificate serial: 0194206831C4C77C36102E9299820E59131E
Authority key identifier: 9C:21:A5:E4:CF:6E:9E:2E:70:33:8A:EE:BF:A0:D1:58:8D:73:B6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCGl5M9uni5wM4ruv6DRWI1ztu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/TyWL3xFpNven7KrNlaJ8v9k5JK8.roa
Signing time: Wed 01 Jan 2025 05:48:06 +0000
ROA not before: Wed 01 Jan 2025 05:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41720
IP address blocks: 217.197.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:31:c4:c7:7c:36:10:2e:92:99:82:0e:59:13:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c21a5e4cf6e9e2e70338aeebfa0d1588d73b6ef
Validity
Not Before: Jan 1 05:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f258bdf116936f7a7ecaacd95a27cbfd93924af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f9:2a:01:de:09:06:d7:eb:1e:53:17:11:7d:
58:2d:c6:37:2e:fa:37:58:c0:5e:c6:76:25:ab:9b:
7c:e5:80:17:e2:5c:79:a8:b4:ca:6a:41:54:f5:c5:
89:d5:4c:a2:61:49:33:a2:6e:e4:6b:1b:b7:29:8b:
73:ee:d8:a9:fb:e6:78:36:fa:d5:c3:28:72:fe:f4:
71:e4:f3:3c:1e:45:26:c6:39:05:75:69:bf:e2:80:
f2:22:bf:e9:22:db:e3:a7:1a:41:ee:bc:59:48:d1:
21:3e:a8:af:6b:c4:c2:a3:14:f9:87:51:b6:d1:6c:
4b:8d:85:64:39:b7:e7:d3:0e:48:33:04:88:58:85:
86:04:d8:61:35:a9:8e:40:1c:31:a2:8a:ec:ca:0d:
14:f3:d2:21:63:76:ee:62:cb:43:4f:50:56:50:10:
c3:09:fb:90:6a:1a:3a:b8:20:cb:ea:77:0a:aa:a9:
68:49:b5:17:64:0d:d9:59:e9:4a:f7:90:30:42:c3:
89:76:ed:fe:07:b2:b5:b6:30:b7:90:96:6d:77:e0:
19:14:11:da:f0:84:e1:fa:9b:8b:83:aa:35:0d:d6:
fa:16:c5:11:02:5d:a0:56:cb:9f:86:77:e9:31:d7:
0e:2c:86:5b:cc:ab:04:b4:48:5b:83:23:07:bf:48:
e7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:25:8B:DF:11:69:36:F7:A7:EC:AA:CD:95:A2:7C:BF:D9:39:24:AF
X509v3 Authority Key Identifier:
keyid:9C:21:A5:E4:CF:6E:9E:2E:70:33:8A:EE:BF:A0:D1:58:8D:73:B6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCGl5M9uni5wM4ruv6DRWI1ztu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/TyWL3xFpNven7KrNlaJ8v9k5JK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/nCGl5M9uni5wM4ruv6DRWI1ztu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.100.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:b0:2d:d8:67:37:82:4f:d0:5f:c9:b1:08:fe:11:cc:f0:17:
b1:44:77:b6:e1:11:a3:67:6b:d8:2c:0e:64:41:16:49:89:37:
24:12:27:c5:95:6f:fd:12:8c:1d:38:f8:af:65:0d:e9:a8:21:
e3:5e:1d:0a:d8:5d:66:83:3d:d3:05:fd:ea:7b:02:ec:16:f4:
a8:ae:c5:d2:5f:48:ce:01:43:08:b3:b6:00:e1:84:d2:8e:3f:
90:38:30:0a:75:83:b5:cd:62:8c:1d:e3:76:2c:20:1c:27:5b:
90:6f:d6:4d:99:e5:52:8d:ff:31:98:ab:63:01:1d:23:3a:96:
af:ad:a5:f4:83:a3:a5:0f:50:6f:3f:86:ce:7f:d9:02:52:08:
ad:02:0c:17:30:5c:cb:71:20:6d:2a:b1:a7:92:6d:0c:51:70:
80:a9:dc:f9:38:bb:9a:b7:33:99:e6:4c:84:ed:9d:ec:2a:eb:
03:ed:16:a7:17:8b:30:4d:34:87:f0:8b:14:18:c3:e3:fa:3b:
19:0d:cf:74:74:f4:6a:9a:96:9e:7c:a1:a7:f2:83:dc:ae:b4:
55:bb:6c:bf:c3:0b:1f:97:99:97:83:6b:f2:69:3c:0c:b4:a7:
62:0e:57:bf:89:48:f0:ca:0c:7f:08:cc:c2:bf:f4:21:5f:73:
d7:ad:bb:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaDHEx3w2EC6SmYIOWRMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjFhNWU0Y2Y2ZTllMmU3MDMzOGFlZWJmYTBkMTU4OGQ3
M2I2ZWYwHhcNMjUwMTAxMDU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjI1OGJkZjExNjkzNmY3YTdlY2FhY2Q5NWEyN2NiZmQ5MzkyNGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvkqAd4JBtfrHlMXEX1YLcY3Lvo3
WMBexnYlq5t85YAX4lx5qLTKakFU9cWJ1UyiYUkzom7kaxu3KYtz7tip++Z4NvrV
wyhy/vRx5PM8HkUmxjkFdWm/4oDyIr/pItvjpxpB7rxZSNEhPqiva8TCoxT5h1G2
0WxLjYVkObfn0w5IMwSIWIWGBNhhNamOQBwxoorsyg0U89IhY3buYstDT1BWUBDD
CfuQaho6uCDL6ncKqqloSbUXZA3ZWelK95AwQsOJdu3+B7K1tjC3kJZtd+AZFBHa
8ITh+puLg6o1Ddb6FsURAl2gVsufhnfpMdcOLIZbzKsEtEhbgyMHv0jnPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE8li98RaTb3p+yqzZWifL/ZOSSvMB8GA1UdIwQY
MBaAFJwhpeTPbp4ucDOK7r+g0ViNc7bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNHbDVNOXVuaTV3TTRydXY2RFJXSTF6dHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi84Y2NlODYtYjBhZS00MTY2LTkwNDIt
NTI4ZWZmNTJmZWJkLzEvVHlXTDN4RnBOdmVuN0tyTmxhSjh2OWs1Sks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi84Y2NlODYtYjBhZS00MTY2LTkwNDItNTI4ZWZmNTJmZWJk
LzEvbkNHbDVNOXVuaTV3TTRydXY2RFJXSTF6dHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cVkMA0G
CSqGSIb3DQEBCwUAA4IBAQA9sC3YZzeCT9BfybEI/hHM8BexRHe24RGjZ2vYLA5k
QRZJiTckEifFlW/9EowdOPivZQ3pqCHjXh0K2F1mgz3TBf3qewLsFvSorsXSX0jO
AUMIs7YA4YTSjj+QODAKdYO1zWKMHeN2LCAcJ1uQb9ZNmeVSjf8xmKtjAR0jOpav
raX0g6OlD1BvP4bOf9kCUgitAgwXMFzLcSBtKrGnkm0MUXCAqdz5OLuatzOZ5kyE
7Z3sKusD7RanF4swTTSH8IsUGMPj+jsZDc90dPRqmpaefKGn8oPcrrRVu2y/wwsf
l5mXg2vyaTwMtKdiDle/iUjwygx/CMzCv/QhX3PXrbtt
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:29:44 2025 by rpki-client