Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/rQIqx2DMPN6bSwaHOzgkZ_qEsQE.roa
File: rQIqx2DMPN6bSwaHOzgkZ_qEsQE.roa (raw, json)
Hash identifier: Swuw4n85YJ/hs+bpmj8GLz668D6BJf6uL+FQMZ1q+FY=
Subject key identifier: AD:02:2A:C7:60:CC:3C:DE:9B:4B:06:87:3B:38:24:67:FA:84:B1:01
Certificate issuer: /CN=9c21a5e4cf6e9e2e70338aeebfa0d1588d73b6ef
Certificate serial: 01942068321221DB08165D72AB15224779CD
Authority key identifier: 9C:21:A5:E4:CF:6E:9E:2E:70:33:8A:EE:BF:A0:D1:58:8D:73:B6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCGl5M9uni5wM4ruv6DRWI1ztu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/rQIqx2DMPN6bSwaHOzgkZ_qEsQE.roa
Signing time: Wed 01 Jan 2025 05:48:06 +0000
ROA not before: Wed 01 Jan 2025 05:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205219
IP address blocks: 217.197.100.0/24 maxlen: 24
2a09:b7c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:32:12:21:db:08:16:5d:72:ab:15:22:47:79:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c21a5e4cf6e9e2e70338aeebfa0d1588d73b6ef
Validity
Not Before: Jan 1 05:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad022ac760cc3cde9b4b06873b382467fa84b101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:51:09:08:0a:d1:43:fd:6f:e6:97:70:ce:07:
42:f5:f8:c6:bc:2d:8b:ae:a9:63:95:c8:7d:0c:6d:
cd:74:62:4c:23:9a:a9:d0:4e:8f:c8:af:91:11:fa:
2d:94:dc:24:62:16:9e:ca:99:18:60:21:57:d7:48:
16:6d:f7:79:8c:3b:b4:c6:44:11:42:ce:c3:d0:08:
0c:b8:cd:3e:a8:e0:24:29:79:8d:ec:40:02:bb:f2:
6a:1f:08:ca:e3:d2:18:9a:e3:f7:2f:4a:9f:b7:39:
75:6d:eb:d7:00:6a:aa:bd:9f:05:06:2a:83:25:49:
13:8b:91:ad:1b:86:0b:93:80:98:3a:eb:5b:72:04:
dc:a2:36:b4:a3:40:0e:91:e3:35:78:0f:54:6c:1c:
25:be:72:8b:9c:ce:ca:98:7b:64:31:6e:31:82:01:
13:13:65:17:a3:9e:e7:5f:43:4d:ef:6f:81:e1:0e:
f0:16:21:62:48:18:4f:aa:f3:60:c2:81:ce:2c:50:
29:56:57:c9:6b:5e:a2:4d:33:a3:1b:71:c6:9b:7f:
75:a8:c1:98:42:bf:f7:fd:6a:b0:b4:9c:09:05:37:
7d:65:62:13:0f:f4:ff:f2:a3:ba:15:92:c7:7b:f0:
71:d4:5c:b4:8b:9c:68:52:74:f9:57:dd:b6:0a:3c:
a6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:02:2A:C7:60:CC:3C:DE:9B:4B:06:87:3B:38:24:67:FA:84:B1:01
X509v3 Authority Key Identifier:
keyid:9C:21:A5:E4:CF:6E:9E:2E:70:33:8A:EE:BF:A0:D1:58:8D:73:B6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCGl5M9uni5wM4ruv6DRWI1ztu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/rQIqx2DMPN6bSwaHOzgkZ_qEsQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/nCGl5M9uni5wM4ruv6DRWI1ztu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.100.0/24
IPv6:
2a09:b7c0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:71:af:0b:60:11:71:7f:55:78:ec:f3:f2:0e:b0:5e:f6:d8:
1c:c7:5f:62:2d:c6:7f:7f:bd:3b:1f:7f:34:47:5e:24:d6:53:
da:24:3a:00:5f:b7:0e:8b:05:9c:61:ed:ea:43:47:7e:b6:29:
7e:32:81:7a:9f:51:01:58:5a:71:db:2f:cd:33:a9:09:3b:fb:
fa:17:1b:13:ee:f6:d2:42:39:2a:cf:64:11:dc:84:be:22:ad:
66:b8:d0:95:73:32:af:9b:a1:1d:45:b6:82:9a:ca:8d:93:d2:
3a:c1:9c:04:a4:97:49:02:bc:78:4f:b3:08:44:7b:31:9f:2e:
93:41:b3:1c:f9:ff:52:88:c4:7c:93:8e:1a:4d:29:9c:55:02:
27:3d:59:26:76:1d:61:e3:38:64:ef:d6:8a:0a:0f:75:28:44:
6b:9f:29:b9:de:66:51:00:90:6c:fc:96:ff:6e:af:bb:81:96:
92:73:18:c1:f0:a6:bf:67:05:84:ab:2c:6d:05:4e:ae:fb:47:
7b:4c:53:8b:ff:00:91:b5:33:17:db:5d:2e:7c:a4:4e:88:22:
8d:b9:10:6b:87:4e:f8:d3:45:86:3b:93:11:3c:af:28:26:a9:
9c:3c:ec:9a:26:b0:31:b4:ff:07:f9:2e:5a:d7:76:fc:21:00:
46:f9:c0:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQgaDISIdsIFl1yqxUiR3nNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjFhNWU0Y2Y2ZTllMmU3MDMzOGFlZWJmYTBkMTU4OGQ3
M2I2ZWYwHhcNMjUwMTAxMDU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDAyMmFjNzYwY2MzY2RlOWI0YjA2ODczYjM4MjQ2N2ZhODRiMTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VEJCArRQ/1v5pdwzgdC9fjGvC2L
rqljlch9DG3NdGJMI5qp0E6PyK+REfotlNwkYhaeypkYYCFX10gWbfd5jDu0xkQR
Qs7D0AgMuM0+qOAkKXmN7EACu/JqHwjK49IYmuP3L0qftzl1bevXAGqqvZ8FBiqD
JUkTi5GtG4YLk4CYOutbcgTcoja0o0AOkeM1eA9UbBwlvnKLnM7KmHtkMW4xggET
E2UXo57nX0NN72+B4Q7wFiFiSBhPqvNgwoHOLFApVlfJa16iTTOjG3HGm391qMGY
Qr/3/WqwtJwJBTd9ZWITD/T/8qO6FZLHe/Bx1Fy0i5xoUnT5V922CjymkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK0CKsdgzDzem0sGhzs4JGf6hLEBMB8GA1UdIwQY
MBaAFJwhpeTPbp4ucDOK7r+g0ViNc7bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNHbDVNOXVuaTV3TTRydXY2RFJXSTF6dHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi84Y2NlODYtYjBhZS00MTY2LTkwNDIt
NTI4ZWZmNTJmZWJkLzEvclFJcXgyRE1QTjZiU3dhSE96Z2taX3FFc1FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi84Y2NlODYtYjBhZS00MTY2LTkwNDItNTI4ZWZmNTJmZWJk
LzEvbkNHbDVNOXVuaTV3TTRydXY2RFJXSTF6dHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2cVkMA0E
AgACMAcDBQMqCbfAMA0GCSqGSIb3DQEBCwUAA4IBAQBLca8LYBFxf1V47PPyDrBe
9tgcx19iLcZ/f707H380R14k1lPaJDoAX7cOiwWcYe3qQ0d+til+MoF6n1EBWFpx
2y/NM6kJO/v6FxsT7vbSQjkqz2QR3IS+Iq1muNCVczKvm6EdRbaCmsqNk9I6wZwE
pJdJArx4T7MIRHsxny6TQbMc+f9SiMR8k44aTSmcVQInPVkmdh1h4zhk79aKCg91
KERrnym53mZRAJBs/Jb/bq+7gZaScxjB8Ka/ZwWEqyxtBU6u+0d7TFOL/wCRtTMX
210ufKROiCKNuRBrh07400WGO5MRPK8oJqmcPOyaJrAxtP8H+S5a13b8IQBG+cA2
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:20:01 2025 by rpki-client