Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/QjvIi0rRCiU9LKiTwmv0-Nhz_2c.roa
File: QjvIi0rRCiU9LKiTwmv0-Nhz_2c.roa (raw, json)
Hash identifier: OXT8M2OkH5fMRljLbgobhK0SR+YXPh8DUfj5X3Ci2pY=
Subject key identifier: 42:3B:C8:8B:4A:D1:0A:25:3D:2C:A8:93:C2:6B:F4:F8:D8:73:FF:67
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64AD3DAF67E853DDB55C03EC650359
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/QjvIi0rRCiU9LKiTwmv0-Nhz_2c.roa
Signing time: Thu 09 Jan 2025 09:28:19 +0000
ROA not before: Thu 09 Jan 2025 09:28:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42347
IP address blocks: 217.174.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:ad:3d:af:67:e8:53:dd:b5:5c:03:ec:65:03:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=423bc88b4ad10a253d2ca893c26bf4f8d873ff67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d6:51:b1:7d:a1:24:67:e5:a5:dd:04:d6:e3:
a8:ef:1c:c6:f4:dc:91:96:5e:dc:fc:d2:32:a6:1c:
2e:8d:1c:7b:3c:49:3b:d7:d7:86:fa:6c:46:04:71:
a4:2f:5e:9d:be:3f:32:75:bc:34:b3:fe:5e:74:b1:
d6:e9:10:c0:fc:31:73:9d:6a:a0:9a:60:fe:cb:14:
20:1d:dd:6a:b2:55:7c:57:53:ee:0d:95:af:1e:8c:
80:7b:8a:ae:02:81:37:7c:0a:52:eb:e5:2e:4b:6c:
8e:d0:1d:e3:81:c4:fb:f5:d2:93:af:4b:1e:e6:e1:
71:b0:3d:0e:0e:0e:7f:90:0f:54:76:70:41:7b:f9:
4c:72:7c:69:ff:a5:d7:fb:08:29:3d:3c:fa:f9:ee:
d9:e9:bc:c0:30:85:92:a9:7d:91:41:3d:e8:ca:88:
0e:a3:8f:dc:7a:98:f2:48:b9:07:e6:25:0c:a4:5c:
9c:8e:78:56:d1:2e:c1:8f:49:de:0f:ae:6d:12:cc:
bb:8e:05:c2:d7:2d:7e:c8:67:cb:0c:78:d6:70:d1:
54:3b:bf:df:cf:ea:a1:59:1f:ab:aa:92:7a:28:cb:
84:fc:fb:1a:66:0f:79:a2:3f:8a:80:9d:74:04:ae:
c7:c8:37:94:d6:4d:35:4a:eb:02:7f:37:46:96:3f:
fa:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3B:C8:8B:4A:D1:0A:25:3D:2C:A8:93:C2:6B:F4:F8:D8:73:FF:67
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/QjvIi0rRCiU9LKiTwmv0-Nhz_2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.174.144.0/24
Signature Algorithm: sha256WithRSAEncryption
55:65:a5:99:1e:39:2f:65:ae:ea:6c:51:6f:75:74:1c:2b:c8:
c4:33:02:54:52:7b:99:84:b4:2b:de:64:09:03:6e:b5:54:58:
56:65:b9:7c:25:db:8e:a6:6c:91:7b:b0:d2:69:35:4f:29:54:
b1:eb:e3:03:d3:24:17:aa:c0:45:40:ea:88:45:35:a2:3d:64:
03:05:89:19:f6:32:22:29:cb:bf:4f:66:11:18:91:df:31:76:
10:16:03:17:6a:32:56:fa:d6:91:0b:fc:11:43:a7:87:51:44:
1d:10:91:ac:78:4e:06:88:27:9c:f5:85:45:f5:c6:1c:24:c6:
7f:6f:4d:02:c0:e9:a2:50:ec:9d:60:85:35:fb:f3:4a:3c:8c:
dd:7f:b2:d7:b1:03:2d:a6:93:82:06:01:f4:a0:75:93:88:97:
57:35:5f:dd:e5:cf:0c:20:5c:1c:a0:cd:e7:2c:67:8d:7b:70:
15:44:ee:63:4f:42:59:34:20:36:9d:ca:6f:33:1a:cd:72:2a:
c9:a9:cf:c2:30:b6:f3:16:8d:ae:86:98:23:c9:f3:7d:19:d8:
e6:4f:8a:c4:fa:4c:aa:ca:a9:35:a8:dc:96:31:72:69:d2:1b:
40:b6:6b:ef:63:5c:a6:70:c4:e1:7f:0d:5f:ff:6c:f1:46:11:
bd:f7:43:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRKZK09r2foU921XAPsZQNZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNiYzg4YjRhZDEwYTI1M2QyY2E4OTNjMjZiZjRmOGQ4NzNmZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9ZRsX2hJGflpd0E1uOo7xzG9NyR
ll7c/NIyphwujRx7PEk719eG+mxGBHGkL16dvj8ydbw0s/5edLHW6RDA/DFznWqg
mmD+yxQgHd1qslV8V1PuDZWvHoyAe4quAoE3fApS6+UuS2yO0B3jgcT79dKTr0se
5uFxsD0ODg5/kA9UdnBBe/lMcnxp/6XX+wgpPTz6+e7Z6bzAMIWSqX2RQT3oyogO
o4/cepjySLkH5iUMpFycjnhW0S7Bj0neD65tEsy7jgXC1y1+yGfLDHjWcNFUO7/f
z+qhWR+rqpJ6KMuE/PsaZg95oj+KgJ10BK7HyDeU1k01SusCfzdGlj/6fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEI7yItK0QolPSyok8Jr9PjYc/9nMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvUWp2SWkwclJDaVU5TEtpVHdtdjAtTmh6XzJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2a6QMA0G
CSqGSIb3DQEBCwUAA4IBAQBVZaWZHjkvZa7qbFFvdXQcK8jEMwJUUnuZhLQr3mQJ
A261VFhWZbl8JduOpmyRe7DSaTVPKVSx6+MD0yQXqsBFQOqIRTWiPWQDBYkZ9jIi
Kcu/T2YRGJHfMXYQFgMXajJW+taRC/wRQ6eHUUQdEJGseE4GiCec9YVF9cYcJMZ/
b00CwOmiUOydYIU1+/NKPIzdf7LXsQMtppOCBgH0oHWTiJdXNV/d5c8MIFwcoM3n
LGeNe3AVRO5jT0JZNCA2ncpvMxrNcirJqc/CMLbzFo2uhpgjyfN9GdjmT4rE+kyq
yqk1qNyWMXJp0htAtmvvY1ymcMThfw1f/2zxRhG990OM
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:09:21 2025 by rpki-client