Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/Chb74JL8JJmMbGzdCWsV1I9XTHM.roa
File: Chb74JL8JJmMbGzdCWsV1I9XTHM.roa (raw, json)
Hash identifier: uqlIkNtybKQGK6oYFgs8Gcl/3LifaWUOWXgUOaIWjq4=
Subject key identifier: 0A:16:FB:E0:92:FC:24:99:8C:6C:6C:DD:09:6B:15:D4:8F:57:4C:73
Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial: 0194236A10F9C62B6680C1D9E26925C3E092
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/Chb74JL8JJmMbGzdCWsV1I9XTHM.roa
Signing time: Wed 01 Jan 2025 19:49:01 +0000
ROA not before: Wed 01 Jan 2025 19:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216022
IP address blocks: 217.119.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:10:f9:c6:2b:66:80:c1:d9:e2:69:25:c3:e0:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Validity
Not Before: Jan 1 19:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a16fbe092fc24998c6c6cdd096b15d48f574c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:26:9e:49:4c:a2:63:74:99:6c:be:12:b5:ee:
5c:90:b4:53:b5:67:18:90:e0:9c:50:16:09:09:20:
e8:f5:42:2a:46:4a:89:02:2c:9a:44:27:50:15:a5:
ae:e1:69:1f:50:bd:29:d6:c7:df:f2:4f:2e:bc:61:
d3:ab:75:93:8e:d0:ca:ce:be:ff:bc:9b:7b:fc:70:
59:2e:0c:d7:23:c3:9d:9b:f0:05:92:b0:c7:b5:44:
0e:47:93:e1:01:65:48:be:25:1e:d2:16:4f:9e:60:
8f:6d:03:64:e7:1e:25:6c:d9:2e:e4:ed:4c:30:38:
87:5b:2f:cc:dd:7a:f9:0a:29:37:98:cd:ed:14:58:
48:42:d4:36:c5:cd:12:35:ee:4e:98:24:1f:e1:b7:
29:c2:e8:c0:ac:52:d9:52:77:b5:13:3d:e4:37:26:
e2:cf:02:98:8c:5b:7d:20:a7:33:1b:b6:3f:08:a0:
a4:68:48:36:ed:b2:4e:99:34:44:18:cd:93:ec:ee:
e8:95:d3:63:71:39:b8:6b:54:9a:f3:b3:44:7e:06:
09:8b:02:a5:1e:92:46:40:24:0a:e9:e2:07:e2:af:
91:74:9f:64:69:2f:85:ae:77:f9:f6:4b:e6:aa:05:
9e:9a:9b:16:74:6c:48:d7:9d:97:84:8a:25:d2:a8:
3e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:16:FB:E0:92:FC:24:99:8C:6C:6C:DD:09:6B:15:D4:8F:57:4C:73
X509v3 Authority Key Identifier:
keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/Chb74JL8JJmMbGzdCWsV1I9XTHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.119.143.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:38:56:36:2c:67:bb:4b:ec:de:af:1d:9f:f9:16:d0:31:95:
d1:8e:8e:9b:1c:5c:7a:8c:fd:f7:8b:a7:6f:2b:4b:e3:3b:55:
65:5a:43:67:9c:7a:7d:1d:43:b6:55:93:81:d0:ea:4a:cd:ba:
7b:04:3f:02:3e:7e:6d:ad:cf:c9:b8:67:2c:33:ef:b4:80:82:
e4:e0:75:e6:f7:24:2f:99:a1:67:ad:c0:15:0c:ac:c2:d4:72:
ac:a1:0e:6f:e9:37:70:9a:38:19:e1:98:57:7a:de:c6:74:d6:
96:85:c4:51:43:36:be:54:f6:4b:a3:f7:11:3a:13:7c:79:66:
94:c4:0f:f4:11:7b:71:b3:c0:03:a1:99:52:a2:bc:fc:bc:ef:
df:0a:55:3e:76:fd:37:b4:c2:f0:15:48:6b:87:da:7e:c4:be:
49:03:e5:03:83:f8:72:17:ea:80:70:26:93:97:54:70:c1:2d:
83:07:4b:dc:79:33:17:83:60:0b:a4:c0:ac:65:1a:74:8f:ab:
4c:01:0f:bc:ef:b2:23:d2:1e:96:c2:a5:c5:aa:b7:41:86:0f:
dd:85:82:2a:d3:aa:54:08:28:56:c9:eb:74:6a:fc:5a:2b:02:
27:d1:eb:48:79:eb:74:19:80:40:9e:68:d5:68:91:cf:7d:94:
e6:1d:9f:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjahD5xitmgMHZ4mklw+CSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjUwMTAxMTk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE2ZmJlMDkyZmMyNDk5OGM2YzZjZGQwOTZiMTVkNDhmNTc0YzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iaeSUyiY3SZbL4Ste5ckLRTtWcY
kOCcUBYJCSDo9UIqRkqJAiyaRCdQFaWu4WkfUL0p1sff8k8uvGHTq3WTjtDKzr7/
vJt7/HBZLgzXI8Odm/AFkrDHtUQOR5PhAWVIviUe0hZPnmCPbQNk5x4lbNku5O1M
MDiHWy/M3Xr5Cik3mM3tFFhIQtQ2xc0SNe5OmCQf4bcpwujArFLZUne1Ez3kNybi
zwKYjFt9IKczG7Y/CKCkaEg27bJOmTREGM2T7O7oldNjcTm4a1Sa87NEfgYJiwKl
HpJGQCQK6eIH4q+RdJ9kaS+Frnf59kvmqgWempsWdGxI152XhIol0qg+bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAoW++CS/CSZjGxs3QlrFdSPV0xzMB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvQ2hiNzRKTDhKSm1NYkd6ZENXc1YxSTlYVEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XePMA0G
CSqGSIb3DQEBCwUAA4IBAQCwOFY2LGe7S+zerx2f+RbQMZXRjo6bHFx6jP33i6dv
K0vjO1VlWkNnnHp9HUO2VZOB0OpKzbp7BD8CPn5trc/JuGcsM++0gILk4HXm9yQv
maFnrcAVDKzC1HKsoQ5v6TdwmjgZ4ZhXet7GdNaWhcRRQza+VPZLo/cROhN8eWaU
xA/0EXtxs8ADoZlSorz8vO/fClU+dv03tMLwFUhrh9p+xL5JA+UDg/hyF+qAcCaT
l1RwwS2DB0vceTMXg2ALpMCsZRp0j6tMAQ+877Ij0h6WwqXFqrdBhg/dhYIq06pU
CChWyet0avxaKwIn0etIeet0GYBAnmjVaJHPfZTmHZ9M
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:51:58 2025 by rpki-client