Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/saPIMgCfPiAphQ7UJk6rwBr8nqc.roa
File: saPIMgCfPiAphQ7UJk6rwBr8nqc.roa (raw, json)
Hash identifier: rFSJoUCIJD8CFPMGSuL2MmLXcqtba7fbjG8KpcMIOyo=
Subject key identifier: B1:A3:C8:32:00:9F:3E:20:29:85:0E:D4:26:4E:AB:C0:1A:FC:9E:A7
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 01950D664B233F1AE68D976F24E2AA8DDC18
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/saPIMgCfPiAphQ7UJk6rwBr8nqc.roa
Signing time: Sun 16 Feb 2025 06:16:02 +0000
ROA not before: Sun 16 Feb 2025 06:16:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49972
IP address blocks: 217.114.46.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0d:66:4b:23:3f:1a:e6:8d:97:6f:24:e2:aa:8d:dc:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Feb 16 06:16:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1a3c832009f3e2029850ed4264eabc01afc9ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7f:77:1f:8c:b7:9f:a7:cf:1b:1a:fd:0a:4e:
7b:aa:79:19:3a:42:12:b1:1c:49:36:af:ec:41:74:
f8:42:11:87:73:9b:70:6d:f5:6d:d3:6a:a5:46:5b:
74:30:c5:36:c4:0f:76:1e:23:14:34:b2:8d:7e:9d:
05:ef:8e:99:5b:5a:63:16:12:fd:39:84:48:77:45:
fd:ee:e9:b8:68:64:0f:cc:3d:ef:d7:cf:22:38:b8:
f3:6b:a2:13:ca:cd:68:41:42:ce:38:60:33:73:9a:
85:78:54:47:65:47:f4:68:3f:01:b9:b4:b3:b7:57:
90:c5:c5:5d:b1:41:d1:00:78:a6:87:89:3e:14:1b:
98:a6:2f:be:6f:dd:0d:b4:72:a4:d8:cd:f1:ba:5b:
d4:05:65:a8:a4:95:65:c4:73:5c:8d:a1:f1:2e:20:
8c:69:e4:3a:e0:31:f4:7a:07:ee:ca:46:ed:29:06:
01:53:e1:51:91:24:d5:7d:56:9b:9f:44:7a:d6:d6:
97:3e:f0:b5:a3:00:8d:1e:9a:de:12:23:ec:f4:f3:
83:c6:aa:ff:e8:72:b6:37:fb:2e:c0:20:ed:47:07:
58:8f:6b:79:a6:72:0c:53:18:93:d2:82:ca:f8:ef:
f5:4e:79:a0:25:a7:44:1f:ff:52:7c:9f:ca:b7:9f:
11:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A3:C8:32:00:9F:3E:20:29:85:0E:D4:26:4E:AB:C0:1A:FC:9E:A7
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/saPIMgCfPiAphQ7UJk6rwBr8nqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.114.46.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:cd:53:c6:91:2f:49:8f:4d:b1:66:c5:a2:59:9c:1f:3b:c2:
67:0a:a6:a4:4b:f7:03:39:3a:8a:46:e1:bc:c5:ee:94:6d:46:
7d:6c:76:f8:4b:77:7a:c3:e0:ae:a3:b4:f4:5e:e4:fc:67:b2:
cd:02:0f:9e:3f:8b:96:04:b3:70:d1:e2:34:2d:c8:33:c8:29:
b4:ca:64:cf:61:30:1a:17:6c:f4:df:a9:bb:aa:f8:05:86:95:
63:be:d4:cc:39:4d:01:c7:63:f0:2d:85:dd:54:4a:d6:d4:22:
6e:3b:29:b3:d9:6a:28:08:d9:17:21:ef:f0:06:f0:b5:2a:67:
7c:e3:10:45:55:98:cb:2a:36:c1:f7:ab:61:8f:32:6d:a8:66:
f4:31:a7:c8:7a:d6:81:2a:f1:03:55:99:06:81:86:82:88:8e:
20:e2:22:45:bb:2e:55:42:70:d9:7b:ec:0b:8a:d4:a2:44:c5:
21:80:f4:95:a8:10:0d:1d:36:18:fe:77:e8:5a:6a:ac:c3:93:
59:d5:b4:69:dd:42:a5:d6:c6:47:f5:48:ff:bb:99:89:f2:19:
f9:b7:92:14:04:2a:c0:24:6e:4f:c9:a5:70:6b:1c:20:be:89:
11:f1:24:58:03:8b:4c:ad:00:44:fb:64:c1:1a:57:85:3f:1b:
d3:a3:0f:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUNZksjPxrmjZdvJOKqjdwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjUwMjE2MDYxNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWEzYzgzMjAwOWYzZTIwMjk4NTBlZDQyNjRlYWJjMDFhZmM5ZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtn93H4y3n6fPGxr9Ck57qnkZOkIS
sRxJNq/sQXT4QhGHc5twbfVt02qlRlt0MMU2xA92HiMUNLKNfp0F746ZW1pjFhL9
OYRId0X97um4aGQPzD3v188iOLjza6ITys1oQULOOGAzc5qFeFRHZUf0aD8BubSz
t1eQxcVdsUHRAHimh4k+FBuYpi++b90NtHKk2M3xulvUBWWopJVlxHNcjaHxLiCM
aeQ64DH0egfuykbtKQYBU+FRkSTVfVabn0R61taXPvC1owCNHpreEiPs9PODxqr/
6HK2N/suwCDtRwdYj2t5pnIMUxiT0oLK+O/1TnmgJadEH/9SfJ/Kt58R+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGjyDIAnz4gKYUO1CZOq8Aa/J6nMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvc2FQSU1nQ2ZQaUFwaFE3VUprNnJ3QnI4bnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XIuMA0G
CSqGSIb3DQEBCwUAA4IBAQBdzVPGkS9Jj02xZsWiWZwfO8JnCqakS/cDOTqKRuG8
xe6UbUZ9bHb4S3d6w+Cuo7T0XuT8Z7LNAg+eP4uWBLNw0eI0LcgzyCm0ymTPYTAa
F2z036m7qvgFhpVjvtTMOU0Bx2PwLYXdVErW1CJuOymz2WooCNkXIe/wBvC1Kmd8
4xBFVZjLKjbB96thjzJtqGb0MafIetaBKvEDVZkGgYaCiI4g4iJFuy5VQnDZe+wL
itSiRMUhgPSVqBANHTYY/nfoWmqsw5NZ1bRp3UKl1sZH9Uj/u5mJ8hn5t5IUBCrA
JG5PyaVwaxwgvokR8SRYA4tMrQBE+2TBGleFPxvTow9d
-----END CERTIFICATE-----
Generated at Tue Apr 1 23:54:18 2025 by rpki-client on console.sobornost.net