Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/89b5e2-5c38-4f79-a03e-f193b9a36b5a/1/1TWndWv0NxnjMWQvGQJjN5NrSrI.roa
File: 1TWndWv0NxnjMWQvGQJjN5NrSrI.roa (raw, json)
Hash identifier: ijpsPpbQJNc2ZH/4rVXA+18X3Ta0zPcIEPgtSv4fGjA=
Subject key identifier: D5:35:A7:75:6B:F4:37:19:E3:31:64:2F:19:02:63:37:93:6B:4A:B2
Certificate issuer: /CN=1549f1c4a86ed90caf8195dd84d040eac8a19b88
Certificate serial: 63B883
Authority key identifier: 15:49:F1:C4:A8:6E:D9:0C:AF:81:95:DD:84:D0:40:EA:C8:A1:9B:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FUnxxKhu2QyvgZXdhNBA6sihm4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/89b5e2-5c38-4f79-a03e-f193b9a36b5a/1/1TWndWv0NxnjMWQvGQJjN5NrSrI.roa
Signing time: Sat 01 Jan 2022 03:52:47 +0000
ROA not before: Sat 01 Jan 2022 03:52:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 146.19.232.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6535299 (0x63b883)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1549f1c4a86ed90caf8195dd84d040eac8a19b88
Validity
Not Before: Jan 1 03:52:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d535a7756bf43719e331642f19026337936b4ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4c:1a:56:ff:ef:0e:db:7c:8c:2d:05:ac:36:
53:6c:6f:b5:35:bf:be:4e:c0:12:9c:e7:25:c4:eb:
96:ef:74:7e:65:e8:f8:fc:21:e3:fe:3e:b1:6d:1a:
f6:28:05:90:05:1b:03:a5:d0:b5:11:ea:30:27:47:
28:a3:8a:da:37:db:e9:27:ef:0b:0a:1f:16:8d:e3:
1d:d0:e0:4c:a8:8c:f9:eb:dd:2d:39:23:03:04:dd:
8b:1b:c9:c8:31:de:b0:90:3d:4c:f9:d8:05:89:1f:
d8:a1:8c:03:a3:2e:70:b8:97:e6:bb:43:c8:3b:b9:
dc:f2:8c:e8:b0:16:1f:a4:0d:29:97:7b:75:8c:26:
32:53:dc:ff:e6:ab:2f:bd:76:45:4b:14:1f:02:5e:
e9:5b:23:dc:85:ea:03:7a:e9:85:43:e9:66:6b:97:
4b:79:bc:8a:60:25:27:9c:79:ea:fd:3a:a9:6c:d7:
a4:79:b9:95:98:40:0d:85:f6:b7:1a:75:eb:34:d0:
eb:6e:78:59:a5:6d:a9:5d:10:66:74:b0:84:f5:6a:
46:cd:ea:8b:63:25:c3:28:4e:c0:a0:3e:dd:90:e5:
ff:c7:92:ef:ad:90:95:6e:61:c5:89:a1:31:18:3d:
4d:e0:d6:0c:50:fb:b1:fb:53:2d:77:ae:2e:68:b3:
f1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:35:A7:75:6B:F4:37:19:E3:31:64:2F:19:02:63:37:93:6B:4A:B2
X509v3 Authority Key Identifier:
keyid:15:49:F1:C4:A8:6E:D9:0C:AF:81:95:DD:84:D0:40:EA:C8:A1:9B:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FUnxxKhu2QyvgZXdhNBA6sihm4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/89b5e2-5c38-4f79-a03e-f193b9a36b5a/1/1TWndWv0NxnjMWQvGQJjN5NrSrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/89b5e2-5c38-4f79-a03e-f193b9a36b5a/1/FUnxxKhu2QyvgZXdhNBA6sihm4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.232.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:6d:76:5a:dd:b5:69:5e:b1:60:a2:0f:a3:52:b3:83:9c:c8:
d3:ab:60:9d:83:63:d6:cf:43:a7:57:2a:5e:1f:2a:b5:56:ec:
86:a3:32:f9:23:74:e9:53:19:9c:d3:09:d2:10:ce:a6:41:86:
54:4f:49:a1:a9:c8:67:de:f6:69:23:9d:82:bd:f7:33:e4:1d:
5e:b0:cf:64:b8:f5:23:2e:86:98:09:d0:66:e1:cf:92:ba:fe:
5d:45:f5:bc:dd:04:7e:d2:58:46:f6:44:26:65:4b:54:6d:93:
6b:ec:b3:01:fa:5f:dd:f4:cd:96:30:a4:52:bb:6c:1d:f3:1f:
15:bb:f9:96:f7:74:12:bd:fc:d1:f5:2b:a6:11:91:e5:e8:71:
f6:72:7e:4b:19:5b:48:5f:cc:e0:d5:7f:81:0c:58:c3:cb:d2:
c1:ed:2e:33:4a:5a:3d:86:dd:8e:3e:f8:a4:41:bd:20:bb:9a:
60:80:1e:74:e1:ce:91:9e:1a:76:57:fb:8c:0e:e7:55:e4:7a:
75:72:83:24:08:9e:fc:ed:1e:06:b7:78:04:d3:f7:71:18:f2:
36:d7:3b:ae:16:b0:a5:19:c8:f2:08:50:45:dd:7c:13:49:48:
33:87:8e:8d:83:bc:c9:2d:b8:da:e0:52:0f:97:da:dd:64:b3:
0d:fe:8e:19
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDY7iDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDE1
NDlmMWM0YTg2ZWQ5MGNhZjgxOTVkZDg0ZDA0MGVhYzhhMTliODgwHhcNMjIwMTAx
MDM1MjQ3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkNTM1YTc3NTZiZjQz
NzE5ZTMzMTY0MmYxOTAyNjMzNzkzNmI0YWIyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzEwaVv/vDtt8jC0FrDZTbG+1Nb++TsASnOclxOuW73R+Zej4
/CHj/j6xbRr2KAWQBRsDpdC1EeowJ0coo4raN9vpJ+8LCh8WjeMd0OBMqIz5690t
OSMDBN2LG8nIMd6wkD1M+dgFiR/YoYwDoy5wuJfmu0PIO7nc8ozosBYfpA0pl3t1
jCYyU9z/5qsvvXZFSxQfAl7pWyPcheoDeumFQ+lma5dLebyKYCUnnHnq/TqpbNek
ebmVmEANhfa3GnXrNNDrbnhZpW2pXRBmdLCE9WpGzeqLYyXDKE7AoD7dkOX/x5Lv
rZCVbmHFiaExGD1N4NYMUPux+1Mtd64uaLPxHwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFNU1p3Vr9DcZ4zFkLxkCYzeTa0qyMB8GA1UdIwQYMBaAFBVJ8cSobtkMr4GV
3YTQQOrIoZuIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RlVueHhLaHUyUXl2Z1pYZGhOQkE2c2lobTRnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wMi84OWI1ZTItNWMzOC00Zjc5LWEwM2UtZjE5M2I5YTM2YjVhLzEv
MVRXbmRXdjBOeG5qTVdRdkdRSmpONU5yU3JJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi84
OWI1ZTItNWMzOC00Zjc5LWEwM2UtZjE5M2I5YTM2YjVhLzEvRlVueHhLaHUyUXl2
Z1pYZGhOQkE2c2lobTRnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPoMA0GCSqGSIb3DQEBCwUAA4IB
AQAbbXZa3bVpXrFgog+jUrODnMjTq2Cdg2PWz0OnVypeHyq1VuyGozL5I3TpUxmc
0wnSEM6mQYZUT0mhqchn3vZpI52Cvfcz5B1esM9kuPUjLoaYCdBm4c+Suv5dRfW8
3QR+0lhG9kQmZUtUbZNr7LMB+l/d9M2WMKRSu2wd8x8Vu/mW93QSvfzR9SumEZHl
6HH2cn5LGVtIX8zg1X+BDFjDy9LB7S4zSlo9ht2OPvikQb0gu5pggB504c6Rnhp2
V/uMDudV5Hp1coMkCJ787R4Gt3gE0/dxGPI21zuuFrClGcjyCFBF3XwTSUgzh46N
g7zJLbja4FIPl9rdZLMN/o4Z
-----END CERTIFICATE-----
Generated at Mon May 12 23:07:32 2025 by rpki-client