Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/aBwn5NSBKL-q4BmHpmqJjnSKH2s.roa
File: aBwn5NSBKL-q4BmHpmqJjnSKH2s.roa (raw, json)
Hash identifier: Jk9m6ehdkRQFBuxDo7tqTBlm72Kp9uSt1ja+2z/+hdA=
Subject key identifier: 68:1C:27:E4:D4:81:28:BF:AA:E0:19:87:A6:6A:89:8E:74:8A:1F:6B
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64C1687C42BEE40D1A3C1454B3D1AB
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/aBwn5NSBKL-q4BmHpmqJjnSKH2s.roa
Signing time: Thu 09 Jan 2025 09:28:24 +0000
ROA not before: Thu 09 Jan 2025 09:28:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205128
IP address blocks: 217.174.158.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:c1:68:7c:42:be:e4:0d:1a:3c:14:54:b3:d1:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=681c27e4d48128bfaae01987a66a898e748a1f6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:2c:44:d6:d6:48:30:de:37:8f:b0:70:35:a6:
f5:b4:a4:fc:a4:b1:da:23:3b:6b:05:e7:80:4a:05:
9b:d0:56:1e:7c:8d:dd:ef:9e:b0:8f:4e:65:d1:c4:
e1:54:0e:1c:ab:20:4a:d1:21:04:f0:b1:eb:94:53:
ca:06:93:46:60:87:36:2d:99:99:1b:b7:b0:0f:e8:
ba:eb:2f:8e:a9:e5:a4:8e:e9:04:e1:37:5f:f2:20:
12:7a:8c:98:58:e4:29:53:60:33:27:b3:e8:d9:ff:
94:e3:69:a6:93:2d:63:5f:2f:bb:d9:de:71:96:a9:
c7:0e:5b:c9:80:54:74:47:cb:39:e4:4e:49:5c:c3:
db:a9:18:05:33:07:28:02:60:b3:11:d9:6c:a6:ef:
b9:9a:94:a0:e1:66:48:33:17:58:ff:c2:cc:f7:c3:
10:e1:c2:35:19:f7:19:9a:3f:92:85:77:95:8b:c5:
58:aa:b9:68:0a:e1:be:2b:81:0f:d8:38:dc:53:82:
ac:af:bc:c0:a0:d8:34:20:2b:93:9e:81:04:bc:74:
d0:bd:80:59:82:df:dd:a0:e5:26:b7:a4:0e:f5:2a:
d4:ae:cb:ae:d6:4a:b5:40:dd:a2:1a:77:d7:62:45:
95:d7:b0:7e:5f:87:6e:aa:0c:7b:fe:c3:45:7f:d8:
b6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:1C:27:E4:D4:81:28:BF:AA:E0:19:87:A6:6A:89:8E:74:8A:1F:6B
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/aBwn5NSBKL-q4BmHpmqJjnSKH2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.174.158.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:c5:2e:e3:92:82:d7:25:14:f1:28:94:62:c5:25:a1:63:86:
4e:8b:fd:03:39:d2:e1:b1:c8:46:dc:a0:83:ab:19:dd:a4:82:
b3:a1:6b:4b:15:50:d3:63:53:81:93:e9:af:9f:d0:01:21:7f:
89:e3:e8:f6:b2:be:ae:5e:f5:8f:61:ac:b5:4d:54:d7:6b:a4:
fd:e0:95:66:04:96:88:3c:b2:31:d8:c8:9e:3b:be:63:3c:ab:
6b:e0:4a:af:2b:40:35:15:84:9b:b8:9d:85:2d:11:cc:ea:f6:
95:fb:b6:fe:e9:ed:9f:74:d9:7b:08:4e:a7:43:e4:91:55:83:
c3:ce:4d:01:03:57:ab:1d:cb:b1:90:2f:00:9f:73:ce:93:42:
8b:cf:66:19:87:97:a4:b1:68:89:54:27:16:3e:ff:4b:be:a4:
c3:1f:4c:64:ac:cb:a6:2d:67:f4:f9:37:4e:c2:28:e8:06:6a:
31:9d:53:60:b6:71:e3:82:46:d9:12:0c:19:ee:f7:2c:06:71:
61:de:78:85:a2:a6:ea:17:0e:b2:1d:b4:f2:73:30:c2:98:7c:
98:df:17:25:3a:3a:da:17:45:d4:a2:f2:e7:e0:2f:6f:e2:c5:
35:67:39:19:9d:a7:62:1d:64:aa:c4:e7:14:ae:91:f5:06:6e:
ab:37:5c:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRKZMFofEK+5A0aPBRUs9GrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODFjMjdlNGQ0ODEyOGJmYWFlMDE5ODdhNjZhODk4ZTc0OGExZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6SxE1tZIMN43j7BwNab1tKT8pLHa
IztrBeeASgWb0FYefI3d756wj05l0cThVA4cqyBK0SEE8LHrlFPKBpNGYIc2LZmZ
G7ewD+i66y+OqeWkjukE4Tdf8iASeoyYWOQpU2AzJ7Po2f+U42mmky1jXy+72d5x
lqnHDlvJgFR0R8s55E5JXMPbqRgFMwcoAmCzEdlspu+5mpSg4WZIMxdY/8LM98MQ
4cI1GfcZmj+ShXeVi8VYqrloCuG+K4EP2DjcU4Ksr7zAoNg0ICuTnoEEvHTQvYBZ
gt/doOUmt6QO9SrUrsuu1kq1QN2iGnfXYkWV17B+X4duqgx7/sNFf9i2pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgcJ+TUgSi/quAZh6ZqiY50ih9rMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvYUJ3bjVOU0JLTC1xNEJtSHBtcUpqblNLSDJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2a6eMA0G
CSqGSIb3DQEBCwUAA4IBAQCexS7jkoLXJRTxKJRixSWhY4ZOi/0DOdLhschG3KCD
qxndpIKzoWtLFVDTY1OBk+mvn9ABIX+J4+j2sr6uXvWPYay1TVTXa6T94JVmBJaI
PLIx2MieO75jPKtr4EqvK0A1FYSbuJ2FLRHM6vaV+7b+6e2fdNl7CE6nQ+SRVYPD
zk0BA1erHcuxkC8An3POk0KLz2YZh5eksWiJVCcWPv9LvqTDH0xkrMumLWf0+TdO
wijoBmoxnVNgtnHjgkbZEgwZ7vcsBnFh3niFoqbqFw6yHbTyczDCmHyY3xclOjra
F0XUovLn4C9v4sU1ZzkZnadiHWSqxOcUrpH1Bm6rN1wk
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:08:26 2025 by rpki-client