Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/a6ef94-6fa7-4af8-aeec-c97449bebadf/1/psAFRZFa01-Qtidbw610OBj8l0M.roa
File: psAFRZFa01-Qtidbw610OBj8l0M.roa (raw, json)
Hash identifier: 41k+fUDhmn2LEpfcih9Z7gBQKAgRdZraj00tpnE4Pig=
Subject key identifier: A6:C0:05:45:91:5A:D3:5F:90:B6:27:5B:C3:AD:74:38:18:FC:97:43
Certificate issuer: /CN=45c1607381e1c92d7531af73a07f0b9f038c23a2
Certificate serial: 040E25E1
Authority key identifier: 45:C1:60:73:81:E1:C9:2D:75:31:AF:73:A0:7F:0B:9F:03:8C:23:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RcFgc4HhyS11Ma9zoH8LnwOMI6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/a6ef94-6fa7-4af8-aeec-c97449bebadf/1/psAFRZFa01-Qtidbw610OBj8l0M.roa
Signing time: Sat 01 Jan 2022 04:02:12 +0000
ROA not before: Sat 01 Jan 2022 04:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15577
IP address blocks: 217.20.244.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68036065 (0x40e25e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45c1607381e1c92d7531af73a07f0b9f038c23a2
Validity
Not Before: Jan 1 04:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6c00545915ad35f90b6275bc3ad743818fc9743
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b0:8e:a6:2e:7b:09:a8:33:9a:27:3d:18:d3:
6a:51:76:fe:ff:c0:34:00:09:12:f5:b5:3c:1b:72:
4a:eb:6b:d6:b4:ab:92:2c:39:25:49:42:f9:1b:28:
d8:11:38:93:67:b4:d8:a3:25:1f:f1:97:9a:f1:c6:
51:2b:bb:94:2e:87:b9:99:9c:f5:78:ad:15:25:ae:
65:bb:ba:78:01:ac:b2:87:72:5a:e8:a2:fd:fc:61:
24:ec:92:21:ab:48:50:98:ce:ca:78:0d:14:21:db:
4f:d2:65:f4:bc:a3:d3:9b:3c:72:e3:0a:bd:55:60:
52:12:b7:23:01:cc:3a:92:04:0b:5c:69:59:61:59:
f8:d1:59:49:6e:27:21:42:bd:e8:1d:d2:7a:c7:29:
2f:f5:89:00:d1:1c:36:3a:ac:95:20:6f:b8:25:4c:
8f:12:03:13:8f:fa:51:c0:9d:58:41:63:aa:f6:64:
be:6a:48:23:85:61:e4:7b:d4:81:02:dc:26:bb:1a:
e2:1d:28:59:1f:f1:06:dd:f1:d8:5a:69:b2:26:ef:
48:dc:31:26:63:61:76:60:7e:d6:33:36:b5:b3:ab:
b4:72:bf:46:ae:36:79:66:f9:47:00:1f:bf:87:75:
b9:ff:36:d9:bd:3a:4e:d2:27:3b:b8:4f:06:e4:a9:
59:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C0:05:45:91:5A:D3:5F:90:B6:27:5B:C3:AD:74:38:18:FC:97:43
X509v3 Authority Key Identifier:
keyid:45:C1:60:73:81:E1:C9:2D:75:31:AF:73:A0:7F:0B:9F:03:8C:23:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RcFgc4HhyS11Ma9zoH8LnwOMI6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a6ef94-6fa7-4af8-aeec-c97449bebadf/1/psAFRZFa01-Qtidbw610OBj8l0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/a6ef94-6fa7-4af8-aeec-c97449bebadf/1/RcFgc4HhyS11Ma9zoH8LnwOMI6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.20.244.0/22
Signature Algorithm: sha256WithRSAEncryption
07:b8:b3:68:22:1c:22:29:24:f0:31:38:e5:a6:cd:0e:65:26:
d4:4d:04:24:25:66:67:26:65:08:32:a9:75:4e:a1:7c:0e:d6:
b7:6e:29:55:d5:38:82:d9:de:54:58:a2:fd:45:32:1b:c8:90:
e2:01:23:9f:93:bb:78:3a:0c:0a:12:60:e3:00:37:cc:a2:b9:
db:67:cc:c3:c6:ff:27:d7:aa:b2:97:fe:fa:5b:b9:d2:57:c6:
14:6d:5b:23:26:fe:61:bb:82:eb:44:a8:cd:5a:9e:ad:c2:f6:
e7:8e:8c:fb:41:91:8e:85:bd:d0:27:52:90:ae:4f:37:2b:b6:
73:bb:d0:40:33:46:2a:7e:f2:4f:58:68:51:9a:c0:cd:15:1d:
91:13:24:ab:64:3e:d8:13:fc:31:f8:db:0c:cb:1f:61:e4:72:
f1:55:c9:d6:4d:b3:47:32:ed:5e:b7:c3:a1:eb:0e:a4:bc:d5:
3e:ce:39:9a:f4:39:11:72:9d:91:8b:bd:87:d8:f0:ee:30:07:
d4:46:6a:c1:2f:1e:17:a4:ac:95:0f:68:61:15:94:aa:5e:82:
50:9b:a9:61:c1:6a:3f:58:87:11:3a:18:08:d6:86:59:33:01:
0b:08:ea:a8:7e:95:70:fe:95:aa:45:31:70:51:96:5b:1d:df:
20:3c:28:05
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBA4l4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NWMxNjA3MzgxZTFjOTJkNzUzMWFmNzNhMDdmMGI5ZjAzOGMyM2EyMB4XDTIyMDEw
MTA0MDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZjMDA1NDU5MTVh
ZDM1ZjkwYjYyNzViYzNhZDc0MzgxOGZjOTc0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+wjqYuewmoM5onPRjTalF2/v/ANAAJEvW1PBtySutr1rSr
kiw5JUlC+Rso2BE4k2e02KMlH/GXmvHGUSu7lC6HuZmc9XitFSWuZbu6eAGssody
Wuii/fxhJOySIatIUJjOyngNFCHbT9Jl9Lyj05s8cuMKvVVgUhK3IwHMOpIEC1xp
WWFZ+NFZSW4nIUK96B3SescpL/WJANEcNjqslSBvuCVMjxIDE4/6UcCdWEFjqvZk
vmpII4Vh5HvUgQLcJrsa4h0oWR/xBt3x2FppsibvSNwxJmNhdmB+1jM2tbOrtHK/
Rq42eWb5RwAfv4d1uf822b06TtInO7hPBuSpWbUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSmwAVFkVrTX5C2J1vDrXQ4GPyXQzAfBgNVHSMEGDAWgBRFwWBzgeHJLXUx
r3OgfwufA4wjojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JjRmdjNEhoeVMxMU1hOXpvSDhMbndPTUk2SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYTZlZjk0LTZmYTctNGFmOC1hZWVjLWM5NzQ0OWJlYmFkZi8x
L3BzQUZSWkZhMDEtUXRpZGJ3NjEwT0JqOGwwTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YTZlZjk0LTZmYTctNGFmOC1hZWVjLWM5NzQ0OWJlYmFkZi8xL1JjRmdjNEhoeVMx
MU1hOXpvSDhMbndPTUk2SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtkU9DANBgkqhkiG9w0BAQsFAAOC
AQEAB7izaCIcIikk8DE45abNDmUm1E0EJCVmZyZlCDKpdU6hfA7Wt24pVdU4gtne
VFii/UUyG8iQ4gEjn5O7eDoMChJg4wA3zKK522fMw8b/J9eqspf++lu50lfGFG1b
Iyb+YbuC60SozVqercL2546M+0GRjoW90CdSkK5PNyu2c7vQQDNGKn7yT1hoUZrA
zRUdkRMkq2Q+2BP8MfjbDMsfYeRy8VXJ1k2zRzLtXrfDoesOpLzVPs45mvQ5EXKd
kYu9h9jw7jAH1EZqwS8eF6SslQ9oYRWUql6CUJupYcFqP1iHEToYCNaGWTMBCwjq
qH6VcP6VqkUxcFGWWx3fIDwoBQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:57 2025 by rpki-client