Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4707b4-0032-4ac7-bcc7-40c1a72702ef/1/nJAiq-PWagml6U0XgPLvEMeetqY.roa
File: nJAiq-PWagml6U0XgPLvEMeetqY.roa (raw, json)
Hash identifier: slEmYICQOiKGbuOd4bkjw5nPBfad31ZvqqX336YhZsY=
Subject key identifier: 9C:90:22:AB:E3:D6:6A:09:A5:E9:4D:17:80:F2:EF:10:C7:9E:B6:A6
Certificate issuer: /CN=fa1e9b4e8dc49be3aba597425aefd8b3a5362ffc
Certificate serial: 019424457B13471AC1B342FC4FE2E7DE940C
Authority key identifier: FA:1E:9B:4E:8D:C4:9B:E3:AB:A5:97:42:5A:EF:D8:B3:A5:36:2F:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-h6bTo3Em-OrpZdCWu_Ys6U2L_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4707b4-0032-4ac7-bcc7-40c1a72702ef/1/nJAiq-PWagml6U0XgPLvEMeetqY.roa
Signing time: Wed 01 Jan 2025 23:48:40 +0000
ROA not before: Wed 01 Jan 2025 23:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42923
IP address blocks: 217.79.144.0/23 maxlen: 23
217.79.146.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:7b:13:47:1a:c1:b3:42:fc:4f:e2:e7:de:94:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa1e9b4e8dc49be3aba597425aefd8b3a5362ffc
Validity
Not Before: Jan 1 23:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c9022abe3d66a09a5e94d1780f2ef10c79eb6a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:be:45:4a:5e:f2:aa:a2:76:4f:38:31:8b:d0:
68:8e:a0:48:29:3f:bb:81:1d:35:a2:4f:3e:7f:99:
b3:a8:d9:1b:c4:16:be:6c:cf:23:65:e1:fc:1a:74:
a6:48:94:e7:8e:82:26:d4:b7:d5:04:a0:64:76:d0:
d8:c3:19:50:f7:7e:6b:98:1b:ea:06:76:b8:18:0c:
f1:ab:ec:00:37:75:cf:c8:06:2c:cc:51:79:33:75:
52:90:6c:2e:b8:a6:65:45:d1:2a:1f:c1:22:b9:27:
cf:d5:51:cf:fd:b6:b5:ea:bc:99:65:3f:cd:b4:c9:
c8:e1:70:5d:57:28:01:82:e9:14:19:bf:76:70:62:
f0:35:09:42:3b:31:1e:b4:86:42:0a:17:26:c0:af:
5b:97:1a:a5:30:3c:3b:ce:5f:99:12:ad:5e:6a:e7:
dc:ec:d5:f7:0f:36:a4:ff:76:f5:d4:82:d0:f0:eb:
52:ce:eb:bd:4f:94:d6:71:4c:48:71:89:49:d0:c9:
37:88:66:59:5c:eb:c2:ce:54:f5:7f:ad:a8:81:c3:
ce:b0:e7:da:6e:e3:60:6d:39:12:9f:0c:8d:29:1f:
01:50:58:a7:3b:fe:74:7d:d9:90:77:72:38:95:0f:
c3:50:a2:8a:aa:f7:17:6f:d3:c8:56:de:e7:58:49:
65:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:90:22:AB:E3:D6:6A:09:A5:E9:4D:17:80:F2:EF:10:C7:9E:B6:A6
X509v3 Authority Key Identifier:
keyid:FA:1E:9B:4E:8D:C4:9B:E3:AB:A5:97:42:5A:EF:D8:B3:A5:36:2F:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-h6bTo3Em-OrpZdCWu_Ys6U2L_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4707b4-0032-4ac7-bcc7-40c1a72702ef/1/nJAiq-PWagml6U0XgPLvEMeetqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4707b4-0032-4ac7-bcc7-40c1a72702ef/1/1-h6bTo3Em-OrpZdCWu_Ys6U2L_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.79.144.0/22
Signature Algorithm: sha256WithRSAEncryption
58:3a:8a:c4:f5:99:d4:58:64:78:1e:24:ca:e3:c8:d8:3c:f8:
2c:65:49:d5:5e:78:04:6e:ad:94:33:24:5f:f0:d0:65:c5:00:
65:e0:ba:59:09:e0:0a:4b:4d:ec:98:e1:4e:bf:c6:8d:77:e0:
75:38:fc:5d:18:da:72:d4:16:85:a1:b3:9b:96:87:24:95:a2:
e0:b0:76:b0:e7:99:b6:36:be:42:a7:e1:a5:dd:32:90:0f:f6:
f6:cc:b8:89:20:cb:47:76:ee:d2:38:e2:81:d3:6e:54:19:9e:
2b:6f:08:3d:8b:0d:b7:d0:58:b7:b2:ce:46:06:52:99:a0:ba:
02:34:e5:ce:03:22:5d:7e:db:bb:4a:16:e1:10:ae:54:61:78:
bf:30:15:98:92:71:7c:21:64:6b:d6:c3:7a:21:91:50:cf:de:
1e:df:4d:92:1b:42:45:3e:7a:4d:09:26:89:da:49:0f:27:c9:
f7:0a:58:a8:cf:7d:9a:63:42:44:bc:ac:aa:de:86:14:8a:55:
7f:6e:b1:92:48:69:37:77:25:68:ba:bf:3b:aa:ec:e0:b2:62:
08:af:0f:61:24:42:ec:c8:f8:a7:50:bd:fa:a4:e2:c5:8b:12:
d8:52:13:02:9e:0f:d9:f4:5d:ee:cd:86:fd:12:d5:77:d9:7f:
c1:cb:98:af
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQkRXsTRxrBs0L8T+Ln3pQMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMWU5YjRlOGRjNDliZTNhYmE1OTc0MjVhZWZkOGIzYTUz
NjJmZmMwHhcNMjUwMTAxMjM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzkwMjJhYmUzZDY2YTA5YTVlOTRkMTc4MGYyZWYxMGM3OWViNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL5FSl7yqqJ2Tzgxi9BojqBIKT+7
gR01ok8+f5mzqNkbxBa+bM8jZeH8GnSmSJTnjoIm1LfVBKBkdtDYwxlQ935rmBvq
Bna4GAzxq+wAN3XPyAYszFF5M3VSkGwuuKZlRdEqH8EiuSfP1VHP/ba16ryZZT/N
tMnI4XBdVygBgukUGb92cGLwNQlCOzEetIZCChcmwK9blxqlMDw7zl+ZEq1eaufc
7NX3Dzak/3b11ILQ8OtSzuu9T5TWcUxIcYlJ0Mk3iGZZXOvCzlT1f62ogcPOsOfa
buNgbTkSnwyNKR8BUFinO/50fdmQd3I4lQ/DUKKKqvcXb9PIVt7nWEllWwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJyQIqvj1moJpelNF4Dy7xDHnramMB8GA1UdIwQY
MBaAFPoem06NxJvjq6WXQlrv2LOlNi/8MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1oNmJUbzNFbS1PcnBaZENXdV9ZczZVMkxfdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUvNDcwN2I0LTAwMzItNGFjNy1iY2M3
LTQwYzFhNzI3MDJlZi8xL25KQWlxLVBXYWdtbDZVMFhnUEx2RU1lZXRxWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzUvNDcwN2I0LTAwMzItNGFjNy1iY2M3LTQwYzFhNzI3MDJl
Zi8xLzEtaDZiVG8zRW0tT3JwWmRDV3VfWXM2VTJMX3cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALZT5Aw
DQYJKoZIhvcNAQELBQADggEBAFg6isT1mdRYZHgeJMrjyNg8+CxlSdVeeARurZQz
JF/w0GXFAGXgulkJ4ApLTeyY4U6/xo134HU4/F0Y2nLUFoWhs5uWhySVouCwdrDn
mbY2vkKn4aXdMpAP9vbMuIkgy0d27tI44oHTblQZnitvCD2LDbfQWLeyzkYGUpmg
ugI05c4DIl1+27tKFuEQrlRheL8wFZiScXwhZGvWw3ohkVDP3h7fTZIbQkU+ek0J
JonaSQ8nyfcKWKjPfZpjQkS8rKrehhSKVX9usZJIaTd3JWi6vzuq7OCyYgivD2Ek
QuzI+KdQvfqk4sWLEthSEwKeD9n0Xe7Nhv0S1XfZf8HLmK8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:56 2025 by rpki-client