Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/bR8kj_c2TPqFFFMT255K3OTqBTI.roa
File: bR8kj_c2TPqFFFMT255K3OTqBTI.roa (raw, json)
Hash identifier: mIG3JTVdQTlKmcdrQlCtE5KtfNee8F1irJglkfAd6/0=
Subject key identifier: 6D:1F:24:8F:F7:36:4C:FA:85:14:53:13:DB:9E:4A:DC:E4:EA:05:32
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 01942445160E0B4DA1D3D170AC9CDA5B3854
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/bR8kj_c2TPqFFFMT255K3OTqBTI.roa
Signing time: Wed 01 Jan 2025 23:48:14 +0000
ROA not before: Wed 01 Jan 2025 23:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197732
IP address blocks: 217.119.180.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:16:0e:0b:4d:a1:d3:d1:70:ac:9c:da:5b:38:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jan 1 23:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d1f248ff7364cfa85145313db9e4adce4ea0532
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ed:35:5a:d0:f4:fd:b6:f3:4d:1d:cd:a4:21:
d4:56:b0:76:63:b9:a2:66:c8:a7:e1:ae:f0:36:be:
47:7f:93:5e:17:d7:ba:ff:fc:b9:07:38:aa:00:f0:
86:70:f5:54:ee:5d:8a:72:66:7d:99:3f:16:4d:68:
0a:7a:6a:1e:2a:fa:c3:a1:c5:3b:ff:bb:c3:b5:f9:
91:fa:d0:40:39:17:f0:55:13:04:a3:7d:35:16:73:
7a:85:97:fb:03:d0:cf:1d:6f:47:b4:31:19:d0:aa:
12:5e:a2:cb:a8:3c:42:2c:8c:52:dc:0a:09:f0:50:
d8:19:b5:76:f3:4b:00:08:13:67:a1:86:84:e8:88:
7c:47:e6:89:46:30:63:59:33:0c:3d:01:bd:b6:7f:
37:89:df:01:9a:1e:b3:41:bb:8b:20:70:18:7c:fa:
14:e3:47:87:5f:46:fe:17:f8:fa:34:ea:fc:58:4c:
af:97:ce:10:5f:fa:00:11:d8:79:70:f8:87:35:6b:
6d:c7:cb:9c:31:8e:6b:60:89:4a:8a:ed:cf:4f:4d:
e1:58:0e:05:6c:b2:f4:dd:6a:68:23:f5:a9:16:a4:
89:13:8c:52:cb:a0:89:0c:5d:4e:47:41:e0:a4:60:
30:67:5d:37:28:30:55:9d:76:7b:4f:28:19:8f:5c:
2b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1F:24:8F:F7:36:4C:FA:85:14:53:13:DB:9E:4A:DC:E4:EA:05:32
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/bR8kj_c2TPqFFFMT255K3OTqBTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.119.180.0/23
Signature Algorithm: sha256WithRSAEncryption
58:c8:5e:73:15:f9:d4:17:fc:72:d1:7d:4e:d2:79:07:7d:0e:
e4:49:df:76:30:8f:58:ae:14:e9:a3:33:26:5c:b6:89:52:63:
48:d8:d8:48:5d:22:cf:79:42:59:61:34:12:d1:bc:b6:24:12:
e6:b7:b5:1a:1c:37:96:82:cc:49:71:b7:d7:64:a1:03:df:8a:
86:f2:e0:6e:2a:9c:2a:29:99:e8:9a:78:3e:1d:11:5e:0c:da:
6e:be:0e:08:97:ae:f6:87:d0:8f:bf:15:9e:02:db:51:89:30:
c4:60:9b:aa:55:6f:7d:6e:94:58:2c:c3:3a:ff:ed:f8:b4:80:
23:24:a0:a5:4f:68:ff:58:70:f9:3e:35:e0:60:0a:8c:70:14:
e3:02:6a:c2:46:c2:56:25:22:83:34:32:d4:7c:92:86:65:bd:
a0:3d:da:09:0b:9c:87:5d:f3:0d:f5:3e:32:9c:c0:b3:55:25:
5f:81:cd:7a:e0:88:e5:71:30:db:04:ba:81:8c:ad:19:ba:17:
7f:6b:53:e3:03:71:cc:a7:a9:a8:bc:af:83:f8:a2:dd:df:12:
7f:82:93:68:ef:e5:90:5e:7e:31:5f:98:08:36:cc:63:58:0f:
3d:0a:9f:39:89:dc:ac:8d:79:60:c6:de:27:48:69:8b:cc:da:
17:66:93:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRRYOC02h09FwrJzaWzhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjUwMTAxMjM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDFmMjQ4ZmY3MzY0Y2ZhODUxNDUzMTNkYjllNGFkY2U0ZWEwNTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+01WtD0/bbzTR3NpCHUVrB2Y7mi
Zsin4a7wNr5Hf5NeF9e6//y5BziqAPCGcPVU7l2KcmZ9mT8WTWgKemoeKvrDocU7
/7vDtfmR+tBAORfwVRMEo301FnN6hZf7A9DPHW9HtDEZ0KoSXqLLqDxCLIxS3AoJ
8FDYGbV280sACBNnoYaE6Ih8R+aJRjBjWTMMPQG9tn83id8Bmh6zQbuLIHAYfPoU
40eHX0b+F/j6NOr8WEyvl84QX/oAEdh5cPiHNWttx8ucMY5rYIlKiu3PT03hWA4F
bLL03WpoI/WpFqSJE4xSy6CJDF1OR0HgpGAwZ103KDBVnXZ7TygZj1wr1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG0fJI/3Nkz6hRRTE9ueStzk6gUyMB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvYlI4a2pfYzJUUHFGRkZNVDI1NUszT1RxQlRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMtMWE1ZTVmMTkxYmZh
LzEvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2Xe0MA0G
CSqGSIb3DQEBCwUAA4IBAQBYyF5zFfnUF/xy0X1O0nkHfQ7kSd92MI9YrhTpozMm
XLaJUmNI2NhIXSLPeUJZYTQS0by2JBLmt7UaHDeWgsxJcbfXZKED34qG8uBuKpwq
KZnomng+HRFeDNpuvg4Il672h9CPvxWeAttRiTDEYJuqVW99bpRYLMM6/+34tIAj
JKClT2j/WHD5PjXgYAqMcBTjAmrCRsJWJSKDNDLUfJKGZb2gPdoJC5yHXfMN9T4y
nMCzVSVfgc164IjlcTDbBLqBjK0Zuhd/a1PjA3HMp6movK+D+KLd3xJ/gpNo7+WQ
Xn4xX5gINsxjWA89Cp85idysjXlgxt4nSGmLzNoXZpPC
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:01:39 2025 by rpki-client