Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/owdq7Ptu4EEwVPIa-hpaLK5sfS0.roa
File: owdq7Ptu4EEwVPIa-hpaLK5sfS0.roa (raw, json)
Hash identifier: 3CEDX5K2CjnQx7sKEofVN9ejLX8LPqKYaOFklqyG4CY=
Subject key identifier: A3:07:6A:EC:FB:6E:E0:41:30:54:F2:1A:FA:1A:5A:2C:AE:6C:7D:2D
Certificate issuer: /CN=61544481d3be7fca5e80a564ad93c1b8a2f636f8
Certificate serial: 018D8430EFD3F6B9027333D4000E90812F31
Authority key identifier: 61:54:44:81:D3:BE:7F:CA:5E:80:A5:64:AD:93:C1:B8:A2:F6:36:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YVREgdO-f8pegKVkrZPBuKL2Nvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/owdq7Ptu4EEwVPIa-hpaLK5sfS0.roa
Signing time: Wed 07 Feb 2024 15:30:16 +0000
ROA not before: Wed 07 Feb 2024 15:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 146.19.61.0/24 maxlen: 24
195.191.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:30:ef:d3:f6:b9:02:73:33:d4:00:0e:90:81:2f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61544481d3be7fca5e80a564ad93c1b8a2f636f8
Validity
Not Before: Feb 7 15:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3076aecfb6ee0413054f21afa1a5a2cae6c7d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4f:03:47:ba:90:d5:a8:55:da:a9:04:48:43:
27:12:c9:4f:26:f2:ad:d8:fe:88:3a:92:1e:41:e2:
0d:48:bb:9f:db:23:1d:4d:bb:87:44:fd:aa:bd:36:
1b:53:da:ea:dd:18:fd:d9:1d:15:08:b7:64:60:24:
9b:b4:a3:25:8d:13:07:0f:3f:92:3f:82:55:f2:ec:
3d:91:6c:03:ac:52:20:c6:ef:5e:f7:36:8e:45:45:
c0:94:95:fe:43:92:90:9a:03:74:aa:3c:a3:1a:47:
4d:35:d8:2d:b0:4d:eb:5a:d7:6d:f5:28:9f:a9:88:
b1:de:fc:6a:a9:f0:2b:fb:34:24:9b:89:bf:d2:4b:
b1:f5:32:00:e5:6c:28:bd:04:0f:1b:54:e9:49:8c:
11:0f:d6:0b:cb:aa:b4:d6:36:6b:d0:d4:30:e2:ee:
da:0c:10:46:2f:f0:81:00:33:43:c3:db:b2:52:10:
5c:ba:bf:cd:ba:ab:99:b2:91:bc:43:92:cc:15:45:
45:1d:eb:c4:5a:ea:ef:c8:bd:72:fa:8c:90:d2:e2:
8d:4b:27:2d:c4:cb:a3:33:3c:1e:fb:6c:1c:24:cf:
7f:c8:b8:62:89:61:7f:04:f1:ca:42:7b:e4:d4:20:
c3:84:79:62:c1:c1:16:c2:e7:73:ab:99:de:fd:58:
ae:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:07:6A:EC:FB:6E:E0:41:30:54:F2:1A:FA:1A:5A:2C:AE:6C:7D:2D
X509v3 Authority Key Identifier:
keyid:61:54:44:81:D3:BE:7F:CA:5E:80:A5:64:AD:93:C1:B8:A2:F6:36:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YVREgdO-f8pegKVkrZPBuKL2Nvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/owdq7Ptu4EEwVPIa-hpaLK5sfS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/ecec37-30b8-4e19-bbb2-f67e175d4ba7/1/YVREgdO-f8pegKVkrZPBuKL2Nvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.61.0/24
195.191.99.0/24
Signature Algorithm: sha256WithRSAEncryption
12:f3:81:dc:92:f4:67:19:38:15:22:2a:43:87:25:85:88:0b:
38:12:b2:57:28:e1:cc:7c:cc:78:59:b0:17:4a:2a:81:be:25:
31:29:5b:08:c5:4a:3c:c0:14:d5:2c:b4:1c:1f:6c:dc:00:64:
47:87:bc:d5:79:eb:9e:f7:46:6a:c3:71:4d:4f:9c:b4:41:f3:
a1:a3:be:7c:65:f3:89:26:0f:f3:8a:14:b3:4a:e3:69:a3:32:
e7:e4:8e:c6:c3:4f:f7:c6:e4:1c:17:74:7b:24:6a:58:21:88:
3c:39:44:07:e3:8d:2a:57:fd:bd:27:90:5e:5e:f8:15:66:a7:
30:0c:25:26:69:0a:79:0c:9e:c1:cd:99:09:50:53:42:1c:a4:
bf:01:73:ba:3b:7a:0d:d9:cb:f3:41:26:80:9e:4e:f4:76:c8:
29:b4:a0:da:d4:05:13:b0:04:df:1c:ee:76:58:8b:5e:a7:22:
90:03:50:7c:23:cd:58:6f:8c:8e:14:db:c8:5a:00:8d:39:e6:
de:45:b7:56:f6:da:5a:c7:41:b9:20:cf:b0:db:18:89:ff:16:
e4:2e:d1:73:7f:1f:23:78:39:76:00:b1:8b:07:4e:69:53:5d:
50:69:05:73:79:52:55:fc:0d:1c:23:c7:66:f0:64:10:27:eb:
57:3c:13:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2EMO/T9rkCczPUAA6QgS8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNTQ0NDgxZDNiZTdmY2E1ZTgwYTU2NGFkOTNjMWI4YTJm
NjM2ZjgwHhcNMjQwMjA3MTUzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzA3NmFlY2ZiNmVlMDQxMzA1NGYyMWFmYTFhNWEyY2FlNmM3ZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhE8DR7qQ1ahV2qkESEMnEslPJvKt
2P6IOpIeQeINSLuf2yMdTbuHRP2qvTYbU9rq3Rj92R0VCLdkYCSbtKMljRMHDz+S
P4JV8uw9kWwDrFIgxu9e9zaORUXAlJX+Q5KQmgN0qjyjGkdNNdgtsE3rWtdt9Sif
qYix3vxqqfAr+zQkm4m/0kux9TIA5WwovQQPG1TpSYwRD9YLy6q01jZr0NQw4u7a
DBBGL/CBADNDw9uyUhBcur/NuquZspG8Q5LMFUVFHevEWurvyL1y+oyQ0uKNSyct
xMujMzwe+2wcJM9/yLhiiWF/BPHKQnvk1CDDhHliwcEWwudzq5ne/ViuXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKMHauz7buBBMFTyGvoaWiyubH0tMB8GA1UdIwQY
MBaAFGFURIHTvn/KXoClZK2Twbii9jb4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVZSRWdkTy1mOHBlZ0tWa3JaUEJ1S0wyTnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9lY2VjMzctMzBiOC00ZTE5LWJiYjIt
ZjY3ZTE3NWQ0YmE3LzEvb3dkcTdQdHU0RUV3VlBJYS1ocGFMSzVzZlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9lY2VjMzctMzBiOC00ZTE5LWJiYjItZjY3ZTE3NWQ0YmE3
LzEvWVZSRWdkTy1mOHBlZ0tWa3JaUEJ1S0wyTnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhM9AwQA
w79jMA0GCSqGSIb3DQEBCwUAA4IBAQAS84HckvRnGTgVIipDhyWFiAs4ErJXKOHM
fMx4WbAXSiqBviUxKVsIxUo8wBTVLLQcH2zcAGRHh7zVeeue90Zqw3FNT5y0QfOh
o758ZfOJJg/zihSzSuNpozLn5I7Gw0/3xuQcF3R7JGpYIYg8OUQH440qV/29J5Be
XvgVZqcwDCUmaQp5DJ7BzZkJUFNCHKS/AXO6O3oN2cvzQSaAnk70dsgptKDa1AUT
sATfHO52WItepyKQA1B8I81Yb4yOFNvIWgCNOebeRbdW9tpax0G5IM+w2xiJ/xbk
LtFzfx8jeDl2ALGLB05pU11QaQVzeVJV/A0cI8dm8GQQJ+tXPBPp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:45 2025 by rpki-client