Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/Mqsj_mYBdYcPJ5l_74z5bHNTr1k.roa
File: Mqsj_mYBdYcPJ5l_74z5bHNTr1k.roa (raw, json)
Hash identifier: +l1/GGdu0QqetRbkoCyavDfKTfdB+pfAVXCWByI+XBM=
Subject key identifier: 32:AB:23:FE:66:01:75:87:0F:27:99:7F:EF:8C:F9:6C:73:53:AF:59
Certificate issuer: /CN=f79c7c1a1baed3260d950d4cfce9a897cc97fa30
Certificate serial: 019421B21AC5EDB541CC5D15FEE85F7DA59F
Authority key identifier: F7:9C:7C:1A:1B:AE:D3:26:0D:95:0D:4C:FC:E9:A8:97:CC:97:FA:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/95x8Ghuu0yYNlQ1M_Omol8yX-jA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/Mqsj_mYBdYcPJ5l_74z5bHNTr1k.roa
Signing time: Wed 01 Jan 2025 11:48:27 +0000
ROA not before: Wed 01 Jan 2025 11:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203587
IP address blocks: 217.20.255.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:1a:c5:ed:b5:41:cc:5d:15:fe:e8:5f:7d:a5:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f79c7c1a1baed3260d950d4cfce9a897cc97fa30
Validity
Not Before: Jan 1 11:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32ab23fe660175870f27997fef8cf96c7353af59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:10:79:18:d7:36:07:90:f3:a7:88:26:64:
25:10:33:b4:f8:49:9f:77:78:4b:87:ba:86:48:70:
ad:14:5e:54:17:3b:5a:ed:42:5c:ea:d8:ff:7f:ed:
da:7c:4e:78:66:d1:e7:b0:9d:a7:ff:69:ea:07:9e:
8c:af:2d:c9:a3:21:27:f6:2c:23:ab:90:66:70:24:
9c:6c:90:17:4d:ea:fa:a4:38:36:95:5d:80:a3:85:
aa:4a:9c:7f:4f:88:12:1c:9a:90:92:6a:7d:59:69:
fa:71:30:48:a8:c9:ec:12:75:ee:d5:64:27:98:1d:
da:10:ee:30:31:57:b7:b8:4b:d7:13:92:89:65:fd:
ea:bd:bf:53:56:48:9c:ae:bf:aa:32:47:13:e6:3f:
a1:a4:df:86:59:0c:43:9d:88:43:e0:9f:c3:a7:db:
39:23:d2:a0:3d:d5:92:42:07:25:56:62:88:a5:51:
2b:0a:e8:9d:64:26:0a:9b:bb:78:32:a5:bd:ef:9b:
dd:61:f8:0e:1d:f8:3f:7f:50:05:30:e2:9d:aa:33:
3a:03:84:86:4d:e8:37:58:86:ed:64:1e:af:0f:e6:
a1:5b:a3:30:3c:1f:10:af:0c:13:9a:ae:28:a5:e5:
cf:d2:64:65:df:57:78:e3:f0:3a:2a:b6:7c:8a:91:
ec:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AB:23:FE:66:01:75:87:0F:27:99:7F:EF:8C:F9:6C:73:53:AF:59
X509v3 Authority Key Identifier:
keyid:F7:9C:7C:1A:1B:AE:D3:26:0D:95:0D:4C:FC:E9:A8:97:CC:97:FA:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/95x8Ghuu0yYNlQ1M_Omol8yX-jA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/Mqsj_mYBdYcPJ5l_74z5bHNTr1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2dd03b-589b-451c-b9ed-d12b58ccb87c/1/95x8Ghuu0yYNlQ1M_Omol8yX-jA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.20.255.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:9c:a9:49:fe:f7:21:0c:15:a0:ae:54:ef:72:f0:c9:d7:c4:
9f:fa:cd:49:49:9b:7d:5f:d3:88:b2:03:35:90:64:14:d2:45:
19:9f:7e:8a:69:90:c5:9d:d5:0f:d5:80:44:28:b8:6c:7a:31:
33:f7:3a:f9:1c:91:7f:c4:ba:d0:52:36:f9:8b:3a:59:0f:53:
e8:51:27:1e:79:e9:71:8e:3d:d1:01:fa:9b:58:7c:b9:b0:f1:
6d:68:9c:f4:15:89:0e:96:c2:30:d8:32:cc:82:8f:e2:87:df:
7b:cf:aa:97:8c:7c:66:10:e6:21:06:68:27:6b:7c:65:a0:e2:
e6:99:d0:2a:c9:1a:13:12:0c:db:34:b2:ec:55:20:82:b0:e3:
f8:c5:43:04:e2:1a:57:79:f2:1c:ac:de:fc:4d:b5:0c:10:9b:
b1:4a:10:d5:f9:b5:38:3e:f3:87:7a:26:a9:a3:30:7b:20:dd:
e6:2e:d0:2f:17:0c:d5:81:18:5d:dd:f4:bd:2b:8b:61:e0:d5:
1a:ad:97:25:58:5b:46:7c:b7:b1:d1:5e:95:ff:56:7f:57:b8:
e2:3f:fc:1b:a4:0b:c8:37:7d:e3:13:eb:b6:eb:e9:53:72:0a:
5c:3d:6f:2e:b2:42:92:43:eb:a0:d3:ea:4a:ca:cb:85:c6:9b:
86:4b:72:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhshrF7bVBzF0V/uhffaWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3OWM3YzFhMWJhZWQzMjYwZDk1MGQ0Y2ZjZTlhODk3Y2M5
N2ZhMzAwHhcNMjUwMTAxMTE0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmFiMjNmZTY2MDE3NTg3MGYyNzk5N2ZlZjhjZjk2YzczNTNhZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAwQeRjXNgeQ86eIJmQlEDO0+Emf
d3hLh7qGSHCtFF5UFzta7UJc6tj/f+3afE54ZtHnsJ2n/2nqB56Mry3JoyEn9iwj
q5BmcCScbJAXTer6pDg2lV2Ao4WqSpx/T4gSHJqQkmp9WWn6cTBIqMnsEnXu1WQn
mB3aEO4wMVe3uEvXE5KJZf3qvb9TVkicrr+qMkcT5j+hpN+GWQxDnYhD4J/Dp9s5
I9KgPdWSQgclVmKIpVErCuidZCYKm7t4MqW975vdYfgOHfg/f1AFMOKdqjM6A4SG
Teg3WIbtZB6vD+ahW6MwPB8QrwwTmq4opeXP0mRl31d44/A6KrZ8ipHsowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKrI/5mAXWHDyeZf++M+WxzU69ZMB8GA1UdIwQY
MBaAFPecfBobrtMmDZUNTPzpqJfMl/owMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTV4OEdodXUweVlObFExTV9PbW9sOHlYLWpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yZGQwM2ItNTg5Yi00NTFjLWI5ZWQt
ZDEyYjU4Y2NiODdjLzEvTXFzal9tWUJkWWNQSjVsXzc0ejViSE5UcjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yZGQwM2ItNTg5Yi00NTFjLWI5ZWQtZDEyYjU4Y2NiODdj
LzEvOTV4OEdodXUweVlObFExTV9PbW9sOHlYLWpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RT/MA0G
CSqGSIb3DQEBCwUAA4IBAQCwnKlJ/vchDBWgrlTvcvDJ18Sf+s1JSZt9X9OIsgM1
kGQU0kUZn36KaZDFndUP1YBEKLhsejEz9zr5HJF/xLrQUjb5izpZD1PoUSceeelx
jj3RAfqbWHy5sPFtaJz0FYkOlsIw2DLMgo/ih997z6qXjHxmEOYhBmgna3xloOLm
mdAqyRoTEgzbNLLsVSCCsOP4xUME4hpXefIcrN78TbUMEJuxShDV+bU4PvOHeiap
ozB7IN3mLtAvFwzVgRhd3fS9K4th4NUarZclWFtGfLex0V6V/1Z/V7jiP/wbpAvI
N33jE+u26+lTcgpcPW8uskKSQ+ug0+pKysuFxpuGS3Jm
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:15:15 2025 by rpki-client