Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/ilNe5KDmG0o6LZVjHMLtOGd-0DQ.roa
File: ilNe5KDmG0o6LZVjHMLtOGd-0DQ.roa (raw, json)
Hash identifier: JkEgQ36ayeHC4m0mo3MRV7E4gABrbKLeaaxVJdDM2eE=
Subject key identifier: 8A:53:5E:E4:A0:E6:1B:4A:3A:2D:95:63:1C:C2:ED:38:67:7E:D0:34
Certificate issuer: /CN=4ca509b35011ed71663952ba0e0c3c38457f9d07
Certificate serial: 01942067BCBCA054CEAF27EDCD697588E783
Authority key identifier: 4C:A5:09:B3:50:11:ED:71:66:39:52:BA:0E:0C:3C:38:45:7F:9D:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/ilNe5KDmG0o6LZVjHMLtOGd-0DQ.roa
Signing time: Wed 01 Jan 2025 05:47:36 +0000
ROA not before: Wed 01 Jan 2025 05:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137
IP address blocks: 150.217.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:bc:bc:a0:54:ce:af:27:ed:cd:69:75:88:e7:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca509b35011ed71663952ba0e0c3c38457f9d07
Validity
Not Before: Jan 1 05:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a535ee4a0e61b4a3a2d95631cc2ed38677ed034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:85:ef:04:ad:85:63:1f:b9:a5:38:6c:bb:d3:
5e:41:c9:9b:ae:19:8c:b7:d6:fe:9c:89:49:d2:76:
c5:c5:ca:eb:76:7e:11:37:55:5a:55:ba:9c:cd:18:
28:21:b5:6e:da:d7:37:b2:ea:24:03:40:63:cf:6e:
be:23:82:d0:00:5e:87:90:46:16:f5:17:47:0e:ae:
27:ef:b4:0e:0c:f1:db:8d:4f:cc:c9:24:03:6a:4a:
92:36:28:9e:60:44:cd:b3:1a:22:ba:6c:fc:3e:4c:
b7:2d:71:d9:da:1b:64:93:dd:83:44:00:3a:18:99:
7d:a7:b2:eb:3f:0d:78:13:09:8c:e6:ac:ed:36:bc:
30:9b:11:68:6b:7d:41:ec:72:67:24:30:09:00:81:
a9:10:12:55:95:30:79:de:7f:83:b5:33:c9:b9:15:
36:d0:76:b9:f1:eb:b3:65:70:4c:d2:ba:ce:d2:1b:
c8:9d:ca:22:74:f7:29:28:c8:4e:ea:00:f7:1b:09:
3f:41:55:25:9f:ba:8a:39:28:95:e8:14:4e:d4:62:
16:8a:1d:5d:63:6d:10:d7:a7:2c:b9:26:6b:9d:9a:
b7:cd:0a:1b:c1:00:a2:fa:63:76:86:59:39:d2:5e:
1f:08:d9:b9:ea:9b:c4:67:de:6c:fa:91:4a:d1:20:
e2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:53:5E:E4:A0:E6:1B:4A:3A:2D:95:63:1C:C2:ED:38:67:7E:D0:34
X509v3 Authority Key Identifier:
keyid:4C:A5:09:B3:50:11:ED:71:66:39:52:BA:0E:0C:3C:38:45:7F:9D:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/ilNe5KDmG0o6LZVjHMLtOGd-0DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.217.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:a4:72:e8:2d:64:08:35:e0:71:8f:ff:97:10:81:8c:41:cb:
e9:d4:2e:0e:bd:62:be:b4:ea:d6:80:0b:8c:63:a7:73:33:00:
14:cb:19:ff:82:01:9d:7e:9d:5a:8a:98:f7:76:b6:c5:06:b5:
a7:84:fc:f1:ca:59:ba:2c:e1:6f:17:cb:9d:75:09:85:81:9d:
5c:f6:94:50:17:c8:89:b4:f2:e2:fd:60:bd:33:c7:a9:22:56:
85:b3:54:f4:2a:55:3e:9c:d4:32:b7:4f:47:eb:d7:d9:d8:03:
76:ff:5e:56:e8:72:01:e4:8e:28:3b:d8:a5:d3:9e:27:cc:5a:
28:f5:2d:29:4d:b1:2d:5c:be:09:18:97:e4:4d:f9:a2:15:32:
a9:db:de:37:b7:81:68:c5:59:af:bb:30:d5:e3:6d:b5:82:9e:
a4:8c:e8:f5:ba:9d:0b:f1:ee:c5:cb:96:b2:2b:c7:4a:e1:53:
ae:2b:96:22:6d:6f:17:ac:05:ee:aa:8b:3b:f0:52:1d:0c:8e:
fe:57:9c:0f:2b:96:88:a9:3e:3c:f4:bf:9f:b3:40:9f:3f:ef:
5d:6f:b4:20:85:8c:a1:f0:58:6c:e6:d0:5d:18:9a:00:52:1b:
66:73:ac:67:aa:2e:7f:c5:65:6d:46:1a:ce:e7:17:8f:ac:c0:
5b:34:46:56
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQgZ7y8oFTOryftzWl1iOeDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTUwOWIzNTAxMWVkNzE2NjM5NTJiYTBlMGMzYzM4NDU3
ZjlkMDcwHhcNMjUwMTAxMDU0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTUzNWVlNGEwZTYxYjRhM2EyZDk1NjMxY2MyZWQzODY3N2VkMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIXvBK2FYx+5pThsu9NeQcmbrhmM
t9b+nIlJ0nbFxcrrdn4RN1VaVbqczRgoIbVu2tc3suokA0Bjz26+I4LQAF6HkEYW
9RdHDq4n77QODPHbjU/MySQDakqSNiieYETNsxoiumz8Pky3LXHZ2htkk92DRAA6
GJl9p7LrPw14EwmM5qztNrwwmxFoa31B7HJnJDAJAIGpEBJVlTB53n+DtTPJuRU2
0Ha58euzZXBM0rrO0hvIncoidPcpKMhO6gD3Gwk/QVUln7qKOSiV6BRO1GIWih1d
Y20Q16csuSZrnZq3zQobwQCi+mN2hlk50l4fCNm56pvEZ95s+pFK0SDi0QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFIpTXuSg5htKOi2VYxzC7ThnftA0MB8GA1UdIwQY
MBaAFEylCbNQEe1xZjlSug4MPDhFf50HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtVSnMxQVI3WEZtT1ZLNkRndzhPRVZfblFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wYTEzMWUtMzdjNi00NWNiLTk2ODIt
MGIwYzEyYjIyYmY5LzEvaWxOZTVLRG1HMG82TFpWakhNTHRPR2QtMERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wYTEzMWUtMzdjNi00NWNiLTk2ODItMGIwYzEyYjIyYmY5
LzEvVEtVSnMxQVI3WEZtT1ZLNkRndzhPRVZfblFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAltkwDQYJ
KoZIhvcNAQELBQADggEBACykcugtZAg14HGP/5cQgYxBy+nULg69Yr606taAC4xj
p3MzABTLGf+CAZ1+nVqKmPd2tsUGtaeE/PHKWbos4W8Xy511CYWBnVz2lFAXyIm0
8uL9YL0zx6kiVoWzVPQqVT6c1DK3T0fr19nYA3b/XlbocgHkjig72KXTnifMWij1
LSlNsS1cvgkYl+RN+aIVMqnb3je3gWjFWa+7MNXjbbWCnqSM6PW6nQvx7sXLlrIr
x0rhU64rliJtbxesBe6qizvwUh0Mjv5XnA8rloipPjz0v5+zQJ8/711vtCCFjKHw
WGzm0F0YmgBSG2ZzrGeqLn/FZW1GGs7nF4+swFs0RlY=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:07:44 2025 by rpki-client