Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/a66b3b-8c3a-4446-810e-067aec85ca67/1/1NNnvC6Hf9kDs6ThQz1Bi9s6npI.roa
File: 1NNnvC6Hf9kDs6ThQz1Bi9s6npI.roa (raw, json)
Hash identifier: dJvjOE2c5qePp1S7Epx4ZKdClnyWZo+Y5IcdYipIQBQ=
Subject key identifier: D4:D3:67:BC:2E:87:7F:D9:03:B3:A4:E1:43:3D:41:8B:DB:3A:9E:92
Certificate issuer: /CN=817f8e8f31a03389b3d691ef5a00e82e989e350f
Certificate serial: 01856FA6EB4607C10000CEA5D106CF7DA298
Authority key identifier: 81:7F:8E:8F:31:A0:33:89:B3:D6:91:EF:5A:00:E8:2E:98:9E:35:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gX-OjzGgM4mz1pHvWgDoLpieNQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/a66b3b-8c3a-4446-810e-067aec85ca67/1/1NNnvC6Hf9kDs6ThQz1Bi9s6npI.roa
Signing time: Sun 01 Jan 2023 23:24:48 +0000
ROA not before: Sun 01 Jan 2023 23:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 146.19.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:eb:46:07:c1:00:00:ce:a5:d1:06:cf:7d:a2:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=817f8e8f31a03389b3d691ef5a00e82e989e350f
Validity
Not Before: Jan 1 23:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4d367bc2e877fd903b3a4e1433d418bdb3a9e92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d8:75:79:71:91:28:1e:9c:ce:0c:57:8a:bd:
08:e5:be:79:08:10:82:47:fc:8f:62:98:6c:2b:54:
82:03:72:12:0a:76:f5:81:5f:3c:37:59:4c:20:37:
fd:2c:a7:12:b0:7e:c9:e9:8c:16:eb:a0:03:2c:61:
d2:a6:49:0b:87:fe:7c:66:01:51:af:7b:fd:46:c5:
85:b4:dc:da:16:c9:90:15:2f:89:3e:e1:c1:f8:f7:
4f:1a:7e:b0:a5:b3:30:cb:0c:48:47:39:bd:f4:f8:
81:a2:f8:05:24:f5:a6:0f:5c:ab:8b:3c:a5:bc:78:
62:e6:2a:3b:70:fa:b4:d3:51:66:39:df:7a:a3:47:
b6:e4:2d:bd:1b:28:63:38:a0:47:5b:3f:57:df:20:
f0:a6:ef:cb:a1:b8:1c:6b:35:20:c8:22:46:28:9f:
9b:3e:ca:82:30:ed:c4:52:69:98:8c:5a:26:51:45:
51:7b:8a:5f:06:f3:ae:1b:a4:fc:d5:4d:6b:25:1a:
61:c4:41:09:c3:66:d8:f8:bb:65:b3:68:ec:c6:42:
3f:24:1d:59:6a:46:36:04:7e:79:92:de:76:38:da:
6c:e6:7f:65:bc:db:df:20:cd:79:ea:c5:bd:7f:88:
50:d9:7f:c4:cd:f1:d4:91:93:d4:a3:d5:1b:05:af:
bb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D3:67:BC:2E:87:7F:D9:03:B3:A4:E1:43:3D:41:8B:DB:3A:9E:92
X509v3 Authority Key Identifier:
keyid:81:7F:8E:8F:31:A0:33:89:B3:D6:91:EF:5A:00:E8:2E:98:9E:35:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gX-OjzGgM4mz1pHvWgDoLpieNQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/a66b3b-8c3a-4446-810e-067aec85ca67/1/1NNnvC6Hf9kDs6ThQz1Bi9s6npI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/a66b3b-8c3a-4446-810e-067aec85ca67/1/gX-OjzGgM4mz1pHvWgDoLpieNQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.208.0/24
Signature Algorithm: sha256WithRSAEncryption
99:9e:59:61:fc:7c:cc:89:62:85:2d:c7:49:53:92:81:fc:eb:
2f:6d:d4:2d:18:ab:f6:3f:75:16:74:94:c7:6e:f8:ae:c8:7b:
75:2a:d2:37:7b:d8:5c:74:21:2e:75:45:be:98:8a:d6:9c:7b:
80:d5:60:be:48:c4:96:11:f7:d1:25:60:90:39:2a:18:ca:b5:
18:84:8d:64:38:af:78:c1:89:57:cf:f4:de:60:ce:d9:1b:94:
a2:06:2e:02:74:95:44:f5:f3:bc:66:e5:15:8a:b7:41:fd:31:
5c:38:c6:3f:76:21:7a:3c:02:cb:3c:91:28:6e:6a:e7:1c:27:
29:de:9b:cf:7f:6f:3e:5c:bd:f6:5f:9c:9c:4e:57:85:25:cc:
1e:e9:51:4a:38:6b:52:45:c1:d1:46:cf:a3:01:72:a3:eb:a7:
58:f4:db:ed:f0:de:36:b7:b5:9a:89:10:65:c4:9d:bc:c0:71:
04:a6:50:97:fa:1c:b2:64:b2:5f:b6:0a:ed:d1:a3:97:da:21:
cb:ed:fb:59:58:37:4b:e7:ea:88:05:c0:34:65:2e:94:2d:8f:
64:dd:a4:df:e8:7b:ef:1a:14:2e:7d:f2:f5:e7:65:e0:53:7c:
17:f5:63:b3:67:83:d1:4a:54:20:ad:0f:23:6d:3f:c4:f8:1a:
1c:9b:2b:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvputGB8EAAM6l0QbPfaKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxN2Y4ZThmMzFhMDMzODliM2Q2OTFlZjVhMDBlODJlOTg5
ZTM1MGYwHhcNMjMwMTAxMjMyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQzNjdiYzJlODc3ZmQ5MDNiM2E0ZTE0MzNkNDE4YmRiM2E5ZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdh1eXGRKB6czgxXir0I5b55CBCC
R/yPYphsK1SCA3ISCnb1gV88N1lMIDf9LKcSsH7J6YwW66ADLGHSpkkLh/58ZgFR
r3v9RsWFtNzaFsmQFS+JPuHB+PdPGn6wpbMwywxIRzm99PiBovgFJPWmD1yrizyl
vHhi5io7cPq001FmOd96o0e25C29GyhjOKBHWz9X3yDwpu/LobgcazUgyCJGKJ+b
PsqCMO3EUmmYjFomUUVRe4pfBvOuG6T81U1rJRphxEEJw2bY+Ltls2jsxkI/JB1Z
akY2BH55kt52ONps5n9lvNvfIM156sW9f4hQ2X/EzfHUkZPUo9UbBa+76QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTTZ7wuh3/ZA7Ok4UM9QYvbOp6SMB8GA1UdIwQY
MBaAFIF/jo8xoDOJs9aR71oA6C6YnjUPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1gtT2p6R2dNNG16MXBIdldnRG9McGllTlE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9hNjZiM2ItOGMzYS00NDQ2LTgxMGUt
MDY3YWVjODVjYTY3LzEvMU5ObnZDNkhmOWtEczZUaFF6MUJpOXM2bnBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9hNjZiM2ItOGMzYS00NDQ2LTgxMGUtMDY3YWVjODVjYTY3
LzEvZ1gtT2p6R2dNNG16MXBIdldnRG9McGllTlE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPQMA0G
CSqGSIb3DQEBCwUAA4IBAQCZnllh/HzMiWKFLcdJU5KB/OsvbdQtGKv2P3UWdJTH
bviuyHt1KtI3e9hcdCEudUW+mIrWnHuA1WC+SMSWEffRJWCQOSoYyrUYhI1kOK94
wYlXz/TeYM7ZG5SiBi4CdJVE9fO8ZuUVirdB/TFcOMY/diF6PALLPJEobmrnHCcp
3pvPf28+XL32X5ycTleFJcwe6VFKOGtSRcHRRs+jAXKj66dY9Nvt8N42t7WaiRBl
xJ28wHEEplCX+hyyZLJftgrt0aOX2iHL7ftZWDdL5+qIBcA0ZS6ULY9k3aTf6Hvv
GhQuffL152XgU3wX9WOzZ4PRSlQgrQ8jbT/E+Bocmyui
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:46 2025 by rpki-client