Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/MEvVsJR4StkhNiZQ0L7AFYSv_YQ.roa
File: MEvVsJR4StkhNiZQ0L7AFYSv_YQ.roa (raw, json)
Hash identifier: odumgyNcTg72QW+CIKkYPpjgCG7nYELxUkxpOPq3Mlk=
Subject key identifier: 30:4B:D5:B0:94:78:4A:D9:21:36:26:50:D0:BE:C0:15:84:AF:FD:84
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01942144087A4AFF2BDBF51DBC58926A46EE
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/MEvVsJR4StkhNiZQ0L7AFYSv_YQ.roa
Signing time: Wed 01 Jan 2025 09:48:14 +0000
ROA not before: Wed 01 Jan 2025 09:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57884
IP address blocks: 146.19.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:08:7a:4a:ff:2b:db:f5:1d:bc:58:92:6a:46:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=304bd5b094784ad921362650d0bec01584affd84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:80:98:15:fe:81:f7:4e:28:b3:1c:6e:97:19:
32:86:4d:8f:95:7b:19:f6:bb:ea:a8:40:59:e2:62:
82:98:34:0d:d1:05:91:3f:37:be:27:52:d6:2c:12:
7b:7f:51:1a:14:df:6f:03:a3:a9:47:cd:6d:a7:77:
06:32:cd:9e:8a:e2:2a:49:44:70:d8:1e:1d:74:fc:
27:3a:8a:3c:38:9c:8d:d7:6d:38:75:23:0e:60:8a:
29:94:3b:c8:30:3b:f2:a1:9f:36:aa:d5:3e:7e:fe:
00:f4:e3:00:34:20:4a:ff:bb:96:b8:39:3c:ab:14:
d5:fb:2b:74:b5:89:a7:95:60:76:00:bc:a2:62:0d:
4a:38:b8:ab:73:3d:4a:1c:d4:b3:e1:e0:ec:ad:fa:
9f:9b:29:ab:a6:fd:e7:89:33:fb:9b:3f:a2:fa:cd:
6c:cb:02:4b:f6:cf:95:e4:15:69:c8:6f:0b:b9:f1:
90:ad:27:6f:60:34:64:17:5f:0e:f5:85:d9:fe:9b:
c9:d1:77:02:44:94:4c:fd:d3:af:53:ea:35:42:28:
3b:33:23:d7:45:aa:5e:fb:47:39:fe:3c:7a:46:f4:
de:18:68:bc:e2:7e:b9:a3:9d:b7:d9:91:84:78:20:
4a:e4:79:4c:0f:db:17:4a:52:b5:58:61:93:5f:da:
f4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:4B:D5:B0:94:78:4A:D9:21:36:26:50:D0:BE:C0:15:84:AF:FD:84
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/MEvVsJR4StkhNiZQ0L7AFYSv_YQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.218.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:c3:1a:e4:1d:e1:d6:2c:77:64:48:cc:5d:f9:e8:1b:9a:44:
d2:c8:e1:c9:35:79:4a:9a:0e:84:23:7f:fb:25:7b:11:37:9d:
28:96:6e:41:f5:fa:03:fb:f9:95:bf:68:85:3c:4f:b5:f8:78:
01:82:63:d4:bc:51:cc:14:ca:d6:c5:64:3f:8e:fa:d0:8c:95:
05:1f:44:a4:32:b6:f1:c4:42:36:6b:3a:e0:17:f6:c2:b5:36:
1b:82:03:0f:18:3d:a6:c4:52:04:0d:d9:de:8d:97:e7:32:cf:
3a:5c:cd:70:e7:fa:05:16:db:c3:91:04:24:7d:7c:ae:02:df:
30:46:5b:d1:bf:61:ed:73:e5:62:69:86:ae:e5:4c:ed:78:bc:
82:0b:fe:0c:c9:14:52:67:d3:0e:c4:3b:ba:d0:ae:71:c5:c1:
9e:c3:ae:2b:db:39:0a:cf:34:bb:70:c8:c1:a3:ea:41:ac:90:
99:6a:8f:ca:f6:41:13:4d:4c:fc:d3:9e:c3:8e:7f:02:be:db:
f7:45:a1:ce:f6:12:54:60:89:96:36:df:38:3a:54:79:e6:8a:
b0:69:2b:b7:66:41:31:3b:80:52:45:51:cc:bb:b3:82:24:e8:
38:58:a2:04:47:e9:02:b2:68:e0:a6:8c:5b:a8:b9:23:fd:f3:
23:6a:1d:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRAh6Sv8r2/UdvFiSakbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDRiZDViMDk0Nzg0YWQ5MjEzNjI2NTBkMGJlYzAxNTg0YWZmZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4CYFf6B904osxxulxkyhk2PlXsZ
9rvqqEBZ4mKCmDQN0QWRPze+J1LWLBJ7f1EaFN9vA6OpR81tp3cGMs2eiuIqSURw
2B4ddPwnOoo8OJyN1204dSMOYIoplDvIMDvyoZ82qtU+fv4A9OMANCBK/7uWuDk8
qxTV+yt0tYmnlWB2ALyiYg1KOLircz1KHNSz4eDsrfqfmymrpv3niTP7mz+i+s1s
ywJL9s+V5BVpyG8LufGQrSdvYDRkF18O9YXZ/pvJ0XcCRJRM/dOvU+o1Qig7MyPX
Rape+0c5/jx6RvTeGGi84n65o5232ZGEeCBK5HlMD9sXSlK1WGGTX9r0rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBL1bCUeErZITYmUNC+wBWEr/2EMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvTUV2VnNKUjRTdGtoTmlaUTBMN0FGWVN2X1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPaMA0G
CSqGSIb3DQEBCwUAA4IBAQB/wxrkHeHWLHdkSMxd+egbmkTSyOHJNXlKmg6EI3/7
JXsRN50olm5B9foD+/mVv2iFPE+1+HgBgmPUvFHMFMrWxWQ/jvrQjJUFH0SkMrbx
xEI2azrgF/bCtTYbggMPGD2mxFIEDdnejZfnMs86XM1w5/oFFtvDkQQkfXyuAt8w
RlvRv2Htc+ViaYau5UzteLyCC/4MyRRSZ9MOxDu60K5xxcGew64r2zkKzzS7cMjB
o+pBrJCZao/K9kETTUz8057Djn8Cvtv3RaHO9hJUYImWNt84OlR55oqwaSu3ZkEx
O4BSRVHMu7OCJOg4WKIER+kCsmjgpoxbqLkj/fMjah1Y
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:34 2025 by rpki-client