Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/b-qLuN7LcWCmXzuyYW3S2X2JsvQ.roa
File: b-qLuN7LcWCmXzuyYW3S2X2JsvQ.roa (raw, json)
Hash identifier: LFWSIiOVLb/1xuV5ZI3+NKtHy2uXnhNazP8T4sdyYgo=
Subject key identifier: 6F:EA:8B:B8:DE:CB:71:60:A6:5F:3B:B2:61:6D:D2:D9:7D:89:B2:F4
Certificate issuer: /CN=0e64f81b9e36b849917787678d014db4bfcef311
Certificate serial: 01941F8C41F31D44C3380A61A652C8170AD5
Authority key identifier: 0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/b-qLuN7LcWCmXzuyYW3S2X2JsvQ.roa
Signing time: Wed 01 Jan 2025 01:47:53 +0000
ROA not before: Wed 01 Jan 2025 01:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3258
IP address blocks: 146.19.19.0/24 maxlen: 32
146.19.163.0/24 maxlen: 32
194.50.154.0/24 maxlen: 32
2a12:a300::/29 maxlen: 128
2a14:1f80::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:41:f3:1d:44:c3:38:0a:61:a6:52:c8:17:0a:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e64f81b9e36b849917787678d014db4bfcef311
Validity
Not Before: Jan 1 01:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fea8bb8decb7160a65f3bb2616dd2d97d89b2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:38:12:42:9c:ae:49:ee:39:bb:fd:ab:f5:e6:
08:3f:94:1b:a5:2a:3f:69:94:a6:14:bb:b9:ea:1a:
a8:9a:11:e2:45:99:2b:0e:9e:05:89:0e:60:ac:dc:
c0:40:83:80:0e:57:c1:bc:0e:c0:fd:13:8b:f3:37:
70:0e:07:99:a3:15:7d:35:c4:ef:27:1a:c9:dd:97:
0b:0d:23:b2:52:3e:47:e5:57:36:db:cf:96:53:6a:
4d:92:09:7d:68:d2:56:88:22:0b:42:68:55:a7:09:
ad:1e:57:33:cf:cd:f1:a5:b4:45:71:28:94:5a:67:
fc:cf:1a:9e:2d:ba:51:15:35:3c:e4:76:d0:d1:22:
68:b5:33:da:48:40:d3:6a:d0:58:5e:d9:87:10:3f:
1f:1e:0a:1f:bc:97:27:c0:b6:f5:78:e4:28:c9:1c:
74:dd:3d:32:2e:fd:9d:25:c4:49:64:61:01:0a:e5:
20:24:ce:db:85:85:36:5e:ba:96:c9:fb:80:7d:60:
07:3e:bd:db:cc:1f:89:4f:6e:df:30:b4:e2:70:98:
99:89:06:24:70:b5:2b:b5:95:d2:08:4e:d4:73:bb:
49:08:15:99:dd:d1:3f:60:69:03:75:2d:12:d3:aa:
b9:13:a8:c7:c9:89:b6:19:b5:24:d9:e8:9f:5f:b3:
41:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:EA:8B:B8:DE:CB:71:60:A6:5F:3B:B2:61:6D:D2:D9:7D:89:B2:F4
X509v3 Authority Key Identifier:
keyid:0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/b-qLuN7LcWCmXzuyYW3S2X2JsvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.19.0/24
146.19.163.0/24
194.50.154.0/24
IPv6:
2a12:a300::/29
2a14:1f80::/29
Signature Algorithm: sha256WithRSAEncryption
62:d1:39:d6:ca:86:cd:f1:89:bd:75:02:00:24:dc:76:d6:37:
70:42:84:13:3e:82:e4:00:84:f3:a4:92:42:78:a7:ed:02:c4:
8c:54:15:01:ae:6d:43:2d:98:c7:d5:24:5f:7b:1f:c3:b1:0e:
11:8a:bd:9f:5e:59:ca:09:5e:36:f7:fd:bf:7e:8c:d8:c3:b6:
f2:8c:29:98:e1:55:10:9e:c0:ca:5c:99:e9:03:c7:31:a4:6b:
f4:ce:80:33:a1:e7:80:ab:3e:50:4d:77:06:e6:ae:5d:fb:b8:
0b:94:69:8e:b5:76:36:70:36:6d:bf:4d:ed:b5:62:7d:fa:1d:
bc:cb:bc:31:1f:88:87:55:bc:6d:b5:93:d5:fc:84:d0:4e:24:
2f:8b:ec:a9:15:84:d4:6f:0c:3c:44:3f:8c:67:ae:d2:ee:fe:
42:e6:9c:56:cc:ea:05:57:a9:f3:0f:ed:2a:46:c9:d5:80:9a:
9d:ec:88:e0:99:34:e9:20:bf:8a:aa:95:5e:21:4d:18:63:8e:
2f:11:9c:8a:92:71:97:49:90:6e:02:8d:26:00:ee:bf:2a:8a:
29:bc:5d:7a:5b:f7:f3:05:19:d3:6f:37:85:4a:71:7d:3c:7e:
82:c0:09:e9:66:20:5f:c3:d0:ef:3d:3c:ae:a3:81:5c:94:17:
f8:c8:b2:e8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQfjEHzHUTDOAphplLIFwrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNjRmODFiOWUzNmI4NDk5MTc3ODc2NzhkMDE0ZGI0YmZj
ZWYzMTEwHhcNMjUwMTAxMDE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmVhOGJiOGRlY2I3MTYwYTY1ZjNiYjI2MTZkZDJkOTdkODliMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDgSQpyuSe45u/2r9eYIP5QbpSo/
aZSmFLu56hqomhHiRZkrDp4FiQ5grNzAQIOADlfBvA7A/ROL8zdwDgeZoxV9NcTv
JxrJ3ZcLDSOyUj5H5Vc228+WU2pNkgl9aNJWiCILQmhVpwmtHlczz83xpbRFcSiU
Wmf8zxqeLbpRFTU85HbQ0SJotTPaSEDTatBYXtmHED8fHgofvJcnwLb1eOQoyRx0
3T0yLv2dJcRJZGEBCuUgJM7bhYU2XrqWyfuAfWAHPr3bzB+JT27fMLTicJiZiQYk
cLUrtZXSCE7Uc7tJCBWZ3dE/YGkDdS0S06q5E6jHyYm2GbUk2eifX7NBAQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFG/qi7jey3Fgpl87smFt0tl9ibL0MB8GA1UdIwQY
MBaAFA5k+BueNrhJkXeHZ40BTbS/zvMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTct
YzhmMTgyZTk1ZWE1LzEvYi1xTHVON0xjV0NtWHp1eVlXM1MyWDJKc3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTctYzhmMTgyZTk1ZWE1
LzEvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAkhMTAwQA
khOjAwQAwjKaMBQEAgACMA4DBQMqEqMAAwUDKhQfgDANBgkqhkiG9w0BAQsFAAOC
AQEAYtE51sqGzfGJvXUCACTcdtY3cEKEEz6C5ACE86SSQnin7QLEjFQVAa5tQy2Y
x9UkX3sfw7EOEYq9n15ZygleNvf9v36M2MO28owpmOFVEJ7AylyZ6QPHMaRr9M6A
M6HngKs+UE13BuauXfu4C5RpjrV2NnA2bb9N7bViffodvMu8MR+Ih1W8bbWT1fyE
0E4kL4vsqRWE1G8MPEQ/jGeu0u7+QuacVszqBVep8w/tKkbJ1YCaneyI4Jk06SC/
iqqVXiFNGGOOLxGcipJxl0mQbgKNJgDuvyqKKbxdelv38wUZ0283hUpxfTx+gsAJ
6WYgX8PQ7z08rqOBXJQX+Miy6A==
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:20:00 2025 by rpki-client