Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/4a2cb4-caba-4b98-8b3d-56e067c82330/1/XfTIghyVNlHud9m4b8nqAwMS4Oc.roa
File: XfTIghyVNlHud9m4b8nqAwMS4Oc.roa (raw, json)
Hash identifier: pCWPPJWY+qwBVoHkvFAnVAr8SaayE0DidkwmtAONfKg=
Subject key identifier: 5D:F4:C8:82:1C:95:36:51:EE:77:D9:B8:6F:C9:EA:03:03:12:E0:E7
Certificate issuer: /CN=ae51fcf63f1064cc321c012ae769a7c75345e93b
Certificate serial: 01856F14ADFEDC97600E757EAFEFAC1D8045
Authority key identifier: AE:51:FC:F6:3F:10:64:CC:32:1C:01:2A:E7:69:A7:C7:53:45:E9:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rlH89j8QZMwyHAEq52mnx1NF6Ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/4a2cb4-caba-4b98-8b3d-56e067c82330/1/XfTIghyVNlHud9m4b8nqAwMS4Oc.roa
Signing time: Sun 01 Jan 2023 20:45:04 +0000
ROA not before: Sun 01 Jan 2023 20:45:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 146.19.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ad:fe:dc:97:60:0e:75:7e:af:ef:ac:1d:80:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae51fcf63f1064cc321c012ae769a7c75345e93b
Validity
Not Before: Jan 1 20:45:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5df4c8821c953651ee77d9b86fc9ea030312e0e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d3:7a:b6:b1:7b:be:d7:16:c8:f3:b1:1f:47:
7a:34:2c:58:80:02:01:2c:31:d8:27:a2:62:46:53:
cd:ba:d9:a1:4a:cd:94:bf:89:14:e0:2b:c6:ab:cd:
09:46:e7:1b:f5:a6:21:17:87:4d:02:07:f2:c6:2a:
68:af:1d:b4:f2:85:81:e8:60:18:a0:d9:84:78:67:
9e:1a:af:7f:1e:bd:81:bc:1d:b2:78:69:2c:d7:90:
ef:22:be:fc:c6:30:1b:9a:83:50:22:f8:6b:54:b9:
3b:1b:07:b9:f0:38:20:88:84:99:fa:ba:d0:9d:ce:
8d:ae:3f:fa:ce:c9:61:b2:be:65:07:10:eb:53:85:
18:73:10:7e:db:37:9c:36:4b:7f:8a:f0:1f:77:35:
cc:6d:0d:80:81:0b:ea:94:f1:d0:2f:1a:2e:de:fd:
94:a2:3b:8f:91:29:43:c0:dd:fc:d5:8a:d8:82:91:
e9:04:d6:d1:8f:57:ee:d9:e7:9a:76:76:19:f7:05:
90:35:6f:5a:e4:00:3f:de:2a:15:17:de:86:74:1f:
3d:6a:a8:d4:d8:fc:cb:c2:a3:46:7b:73:be:1b:08:
70:cd:b2:3e:ff:ce:00:9c:45:0b:91:03:45:b6:35:
4a:a9:1b:be:d7:62:4c:b9:59:9d:75:c2:9a:09:39:
22:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F4:C8:82:1C:95:36:51:EE:77:D9:B8:6F:C9:EA:03:03:12:E0:E7
X509v3 Authority Key Identifier:
keyid:AE:51:FC:F6:3F:10:64:CC:32:1C:01:2A:E7:69:A7:C7:53:45:E9:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rlH89j8QZMwyHAEq52mnx1NF6Ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/4a2cb4-caba-4b98-8b3d-56e067c82330/1/XfTIghyVNlHud9m4b8nqAwMS4Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/4a2cb4-caba-4b98-8b3d-56e067c82330/1/rlH89j8QZMwyHAEq52mnx1NF6Ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.44.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:0e:15:df:ea:b9:7b:2b:15:e6:fe:fa:f8:0c:87:4f:db:e2:
eb:b2:46:54:da:59:a8:8b:31:80:00:2a:1a:d8:e8:da:e4:f2:
df:2d:9a:4b:33:0f:77:06:e1:f2:d0:77:a5:41:df:dc:b8:3d:
00:3f:79:b5:83:59:97:bf:dc:a8:d2:e8:c7:ef:49:d6:7d:cb:
d4:66:fc:b4:69:17:f5:ca:56:43:cd:5f:2c:4b:59:0b:6e:f3:
5e:42:4b:4c:c2:28:a1:86:96:68:8c:8c:2b:49:f0:43:bc:ee:
a1:c5:c8:a4:d1:e0:7e:92:87:c8:ae:5f:13:21:e5:9b:d3:36:
c8:67:0f:20:fc:5b:10:b0:e9:b4:46:70:f7:5a:0a:a4:56:87:
78:98:12:1e:5a:84:bd:44:88:ae:38:a3:d4:b8:9a:6d:22:52:
7a:4b:cc:43:ae:bd:72:dd:e7:e1:ac:d1:ab:1a:8f:2d:4c:e2:
5e:b5:ce:de:98:8a:ef:f7:22:60:f2:8f:c1:30:69:95:91:26:
ee:f1:e8:6f:5f:59:56:2e:16:bb:87:6d:df:a9:4b:35:42:05:
5f:c8:7b:36:5e:f9:a0:db:ca:25:59:36:d5:cd:85:31:4b:ed:
bf:8f:b8:98:34:74:fe:32:f9:44:d0:39:8d:c8:81:d6:99:07:
6e:48:ba:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFK3+3JdgDnV+r++sHYBFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNTFmY2Y2M2YxMDY0Y2MzMjFjMDEyYWU3NjlhN2M3NTM0
NWU5M2IwHhcNMjMwMTAxMjA0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGY0Yzg4MjFjOTUzNjUxZWU3N2Q5Yjg2ZmM5ZWEwMzAzMTJlMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNN6trF7vtcWyPOxH0d6NCxYgAIB
LDHYJ6JiRlPNutmhSs2Uv4kU4CvGq80JRucb9aYhF4dNAgfyxiporx208oWB6GAY
oNmEeGeeGq9/Hr2BvB2yeGks15DvIr78xjAbmoNQIvhrVLk7Gwe58DggiISZ+rrQ
nc6Nrj/6zslhsr5lBxDrU4UYcxB+2zecNkt/ivAfdzXMbQ2AgQvqlPHQLxou3v2U
ojuPkSlDwN381YrYgpHpBNbRj1fu2eeadnYZ9wWQNW9a5AA/3ioVF96GdB89aqjU
2PzLwqNGe3O+GwhwzbI+/84AnEULkQNFtjVKqRu+12JMuVmddcKaCTkiNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF30yIIclTZR7nfZuG/J6gMDEuDnMB8GA1UdIwQY
MBaAFK5R/PY/EGTMMhwBKudpp8dTRek7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmxIODlqOFFaTXd5SEFFcTUybW54MU5GNlRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC80YTJjYjQtY2FiYS00Yjk4LThiM2Qt
NTZlMDY3YzgyMzMwLzEvWGZUSWdoeVZObEh1ZDltNGI4bnFBd01TNE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC80YTJjYjQtY2FiYS00Yjk4LThiM2QtNTZlMDY3YzgyMzMw
LzEvcmxIODlqOFFaTXd5SEFFcTUybW54MU5GNlRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhMsMA0G
CSqGSIb3DQEBCwUAA4IBAQDLDhXf6rl7KxXm/vr4DIdP2+LrskZU2lmoizGAACoa
2Oja5PLfLZpLMw93BuHy0HelQd/cuD0AP3m1g1mXv9yo0ujH70nWfcvUZvy0aRf1
ylZDzV8sS1kLbvNeQktMwiihhpZojIwrSfBDvO6hxcik0eB+kofIrl8TIeWb0zbI
Zw8g/FsQsOm0RnD3WgqkVod4mBIeWoS9RIiuOKPUuJptIlJ6S8xDrr1y3efhrNGr
Go8tTOJetc7emIrv9yJg8o/BMGmVkSbu8ehvX1lWLha7h23fqUs1QgVfyHs2Xvmg
28olWTbVzYUxS+2/j7iYNHT+MvlE0DmNyIHWmQduSLpp
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:28:40 2025 by rpki-client