Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/aaQ7VuJYObIieBRsPYSHopeZ2mc.roa
File: aaQ7VuJYObIieBRsPYSHopeZ2mc.roa (raw, json)
Hash identifier: 7h1RyQ59mtrB8ELQo/F3MVO1G8eQ3r2ZDW4bgNkM6iI=
Subject key identifier: 69:A4:3B:56:E2:58:39:B2:22:78:14:6C:3D:84:87:A2:97:99:DA:67
Certificate issuer: /CN=d4ddb0e63eddf07369f493ec7d310135adfed94f
Certificate serial: 01856CC142A4E36389833CDCB8197BA444C7
Authority key identifier: D4:DD:B0:E6:3E:DD:F0:73:69:F4:93:EC:7D:31:01:35:AD:FE:D9:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1N2w5j7d8HNp9JPsfTEBNa3-2U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/aaQ7VuJYObIieBRsPYSHopeZ2mc.roa
Signing time: Sun 01 Jan 2023 09:54:42 +0000
ROA not before: Sun 01 Jan 2023 09:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196695
IP address blocks: 217.28.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:42:a4:e3:63:89:83:3c:dc:b8:19:7b:a4:44:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ddb0e63eddf07369f493ec7d310135adfed94f
Validity
Not Before: Jan 1 09:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69a43b56e25839b22278146c3d8487a29799da67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:02:39:70:57:d7:ee:29:18:93:69:1b:13:ad:
f1:78:48:47:d4:de:49:fb:24:42:eb:b4:90:ee:78:
b8:46:23:f5:2c:74:7b:55:f6:7b:5d:82:28:c2:ea:
e6:68:52:38:8e:cd:29:f9:f5:47:80:84:1c:d4:97:
e4:68:b2:c7:29:47:b3:5e:53:e1:e0:e6:66:de:94:
61:f4:a8:4e:9e:09:97:a3:99:00:fa:e1:22:8e:5c:
f1:73:a1:46:c3:63:e9:88:4f:ec:00:24:7c:ca:00:
95:17:91:24:a5:32:67:00:13:fb:9b:43:f2:84:87:
c4:16:3a:7a:68:d2:46:23:c5:56:3a:a4:3d:6b:52:
ae:dc:fb:dc:ba:4e:88:ce:8d:d3:13:5e:ce:99:f9:
9a:dd:72:fe:d9:0c:93:74:ef:f4:c9:bc:6a:54:5a:
8a:af:2f:92:95:f3:af:d3:9c:cd:cd:c0:38:be:ee:
70:a9:2e:b9:2e:a0:f9:04:fd:5a:ae:f5:c2:06:67:
79:0f:ec:97:ce:2c:58:00:a4:70:18:d0:9d:2b:fd:
31:90:84:a4:76:18:96:6d:09:bb:80:19:89:c4:32:
35:be:e5:08:9a:f0:2d:76:14:e3:f6:2f:01:88:87:
60:8e:72:e8:7e:d3:26:d4:09:38:cb:6f:d8:93:a6:
c2:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A4:3B:56:E2:58:39:B2:22:78:14:6C:3D:84:87:A2:97:99:DA:67
X509v3 Authority Key Identifier:
keyid:D4:DD:B0:E6:3E:DD:F0:73:69:F4:93:EC:7D:31:01:35:AD:FE:D9:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1N2w5j7d8HNp9JPsfTEBNa3-2U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/aaQ7VuJYObIieBRsPYSHopeZ2mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/29accb-9c66-4eaf-8396-6dac96c16bf6/1/1N2w5j7d8HNp9JPsfTEBNa3-2U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.132.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:a3:64:56:4a:20:93:b2:7e:d5:9d:aa:60:52:79:09:12:3d:
22:cd:4e:34:35:8e:fb:18:f5:69:ab:4b:6c:fb:ba:22:b5:5d:
bf:24:90:4a:5d:7f:12:b9:23:02:7d:6d:6d:6f:1b:3e:33:8d:
ba:03:26:fb:3e:f2:84:1c:c9:e5:e1:79:6a:36:34:71:87:a1:
3e:fa:25:05:79:61:5b:7c:12:d7:e6:07:77:df:dd:07:2c:d1:
54:6c:a8:80:cc:39:37:9b:77:a8:ec:b1:6e:93:ca:c2:8d:67:
10:11:61:94:e3:a0:1f:83:0d:a9:b6:70:ec:e2:e9:7e:15:9d:
96:fb:a4:75:9e:29:65:03:bd:82:4f:0e:05:f7:15:b5:25:ab:
7d:00:a4:79:23:e5:ac:67:77:e0:29:4b:4f:0f:e5:e1:a2:73:
35:54:82:db:6d:5e:d7:ec:cd:03:49:57:93:21:1c:3b:00:04:
c8:d3:e2:05:57:91:3d:d4:d9:63:7a:94:64:79:c8:ee:ef:a6:
da:0e:fa:8b:e6:f3:e1:63:80:7d:a6:01:80:58:89:d3:cd:8c:
27:c8:52:39:af:1c:b7:e5:ee:14:9a:5d:15:f6:af:0f:7c:dc:
26:d4:c6:db:fb:eb:58:0b:e1:aa:36:d9:e8:21:b3:07:3e:0b:
9a:86:0c:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVswUKk42OJgzzcuBl7pETHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZGRiMGU2M2VkZGYwNzM2OWY0OTNlYzdkMzEwMTM1YWRm
ZWQ5NGYwHhcNMjMwMTAxMDk1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWE0M2I1NmUyNTgzOWIyMjI3ODE0NmMzZDg0ODdhMjk3OTlkYTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAI5cFfX7ikYk2kbE63xeEhH1N5J
+yRC67SQ7ni4RiP1LHR7VfZ7XYIowurmaFI4js0p+fVHgIQc1JfkaLLHKUezXlPh
4OZm3pRh9KhOngmXo5kA+uEijlzxc6FGw2PpiE/sACR8ygCVF5EkpTJnABP7m0Py
hIfEFjp6aNJGI8VWOqQ9a1Ku3Pvcuk6Izo3TE17Omfma3XL+2QyTdO/0ybxqVFqK
ry+SlfOv05zNzcA4vu5wqS65LqD5BP1arvXCBmd5D+yXzixYAKRwGNCdK/0xkISk
dhiWbQm7gBmJxDI1vuUImvAtdhTj9i8BiIdgjnLoftMm1Ak4y2/Yk6bCCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmkO1biWDmyIngUbD2Eh6KXmdpnMB8GA1UdIwQY
MBaAFNTdsOY+3fBzafST7H0xATWt/tlPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU4ydzVqN2Q4SE5wOUpQc2ZURUJOYTMtMlU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yOWFjY2ItOWM2Ni00ZWFmLTgzOTYt
NmRhYzk2YzE2YmY2LzEvYWFRN1Z1SllPYklpZUJSc1BZU0hvcGVaMm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yOWFjY2ItOWM2Ni00ZWFmLTgzOTYtNmRhYzk2YzE2YmY2
LzEvMU4ydzVqN2Q4SE5wOUpQc2ZURUJOYTMtMlU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyEMA0G
CSqGSIb3DQEBCwUAA4IBAQB/o2RWSiCTsn7VnapgUnkJEj0izU40NY77GPVpq0ts
+7oitV2/JJBKXX8SuSMCfW1tbxs+M426Ayb7PvKEHMnl4XlqNjRxh6E++iUFeWFb
fBLX5gd3390HLNFUbKiAzDk3m3eo7LFuk8rCjWcQEWGU46Afgw2ptnDs4ul+FZ2W
+6R1nillA72CTw4F9xW1Jat9AKR5I+WsZ3fgKUtPD+XhonM1VILbbV7X7M0DSVeT
IRw7AATI0+IFV5E91NljepRkecju76baDvqL5vPhY4B9pgGAWInTzYwnyFI5rxy3
5e4Uml0V9q8PfNwm1Mbb++tYC+GqNtnoIbMHPguahgwR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:03 2025 by rpki-client