Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/a66b3b-8c3a-4446-810e-067aec85ca67/1/FIsQThT0jJkegB3ieTpq65s1nIs.roa
File: FIsQThT0jJkegB3ieTpq65s1nIs.roa (raw, json)
Hash identifier: 5DzaBAQnX/YJ7fsodR7waPbdOlJZw44YuCVWfwFJqZo=
Subject key identifier: 14:8B:10:4E:14:F4:8C:99:1E:80:1D:E2:79:3A:6A:EB:9B:35:9C:8B
Certificate issuer: /CN=817f8e8f31a03389b3d691ef5a00e82e989e350f
Certificate serial: 018220815579733C746A47DC446947BBCA26
Authority key identifier: 81:7F:8E:8F:31:A0:33:89:B3:D6:91:EF:5A:00:E8:2E:98:9E:35:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gX-OjzGgM4mz1pHvWgDoLpieNQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/a66b3b-8c3a-4446-810e-067aec85ca67/1/FIsQThT0jJkegB3ieTpq65s1nIs.roa
Signing time: Thu 21 Jul 2022 11:25:23 +0000
ROA not before: Thu 21 Jul 2022 11:25:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 146.19.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:20:81:55:79:73:3c:74:6a:47:dc:44:69:47:bb:ca:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=817f8e8f31a03389b3d691ef5a00e82e989e350f
Validity
Not Before: Jul 21 11:25:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=148b104e14f48c991e801de2793a6aeb9b359c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:03:0f:5a:fb:f4:d2:c0:60:12:e2:13:82:8f:
c1:93:99:77:32:e9:09:a6:89:98:03:be:24:13:9f:
a9:b4:f8:e9:b4:4d:e4:2b:a2:b9:c3:b4:50:3b:e1:
58:4e:2a:9e:28:d9:76:4d:2f:d1:4c:d3:7d:27:1f:
db:9d:1f:a8:20:2b:a6:e9:91:c0:be:71:71:46:e9:
a5:a2:e9:f8:fd:72:a8:cf:b5:22:27:c9:82:95:34:
32:7c:3c:c6:62:d0:e6:47:54:d9:6a:8b:4f:12:53:
44:4d:b5:25:b5:82:64:cc:7c:ba:db:e6:75:41:92:
8b:6f:82:20:33:bb:a3:b3:6b:0d:19:1f:78:0f:c3:
db:19:07:ea:77:0f:bd:bb:05:0f:f4:ec:2f:6b:0c:
a1:d2:8a:d8:db:12:8b:e5:37:f0:04:34:0c:57:84:
f8:bb:07:a6:7d:a7:ce:cc:f6:10:66:24:9a:2e:62:
99:8e:11:d2:c5:1d:a2:ac:52:f2:ce:e1:66:3c:f7:
7a:f1:2c:d8:c4:91:e8:87:fc:c6:87:f4:30:65:cf:
c7:cf:bb:d7:43:87:ac:18:d1:52:34:a1:92:24:1a:
a4:b4:6e:57:42:a8:a3:67:ea:3c:75:2c:af:a0:15:
22:0a:78:99:e6:39:90:5d:e1:3a:79:fe:ab:b9:0c:
c5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:8B:10:4E:14:F4:8C:99:1E:80:1D:E2:79:3A:6A:EB:9B:35:9C:8B
X509v3 Authority Key Identifier:
keyid:81:7F:8E:8F:31:A0:33:89:B3:D6:91:EF:5A:00:E8:2E:98:9E:35:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gX-OjzGgM4mz1pHvWgDoLpieNQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/a66b3b-8c3a-4446-810e-067aec85ca67/1/FIsQThT0jJkegB3ieTpq65s1nIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/a66b3b-8c3a-4446-810e-067aec85ca67/1/gX-OjzGgM4mz1pHvWgDoLpieNQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.208.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:1d:37:57:21:4c:ed:70:a7:49:07:82:b5:59:ce:30:d0:38:
e4:05:26:b6:50:16:a7:cb:f9:0c:43:a8:17:5f:eb:c0:e7:cb:
ee:eb:fe:51:4c:33:39:f2:81:fb:a3:c2:92:f9:ab:3a:34:d8:
90:22:8a:b0:0b:fb:fd:78:cd:08:16:d4:9d:3a:51:b7:8f:75:
45:ae:93:9f:d2:69:26:db:00:eb:49:12:e0:1e:d8:3b:c3:5b:
fb:4a:41:69:24:f4:de:fa:fa:15:82:2a:51:22:04:15:18:08:
aa:6f:09:16:af:fb:d4:12:37:1e:b5:0e:61:44:03:ff:56:b8:
af:a0:cf:ae:66:d9:ed:72:49:f6:26:54:23:e8:5c:ca:95:26:
94:82:77:8e:2a:06:be:b4:9c:08:68:ed:9c:64:7c:53:5d:6b:
67:8e:cc:65:75:cc:7e:01:4a:ba:0d:97:74:85:ed:71:6d:1b:
86:17:3a:05:b5:85:61:6d:f4:29:79:57:4f:73:a8:2a:f1:63:
f8:63:ac:77:f0:a0:ff:e7:4f:74:1f:d8:58:d5:4c:06:30:40:
5c:e6:d0:69:d2:60:29:1b:b1:8a:ea:27:0f:62:84:be:e1:8b:
c9:e7:af:4c:cc:03:c7:27:82:93:ed:d2:a6:77:71:db:6c:ac:
22:27:1b:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIggVV5czx0akfcRGlHu8omMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxN2Y4ZThmMzFhMDMzODliM2Q2OTFlZjVhMDBlODJlOTg5
ZTM1MGYwHhcNMjIwNzIxMTEyNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDhiMTA0ZTE0ZjQ4Yzk5MWU4MDFkZTI3OTNhNmFlYjliMzU5YzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgMPWvv00sBgEuITgo/Bk5l3MukJ
pomYA74kE5+ptPjptE3kK6K5w7RQO+FYTiqeKNl2TS/RTNN9Jx/bnR+oICum6ZHA
vnFxRumloun4/XKoz7UiJ8mClTQyfDzGYtDmR1TZaotPElNETbUltYJkzHy62+Z1
QZKLb4IgM7ujs2sNGR94D8PbGQfqdw+9uwUP9Owvawyh0orY2xKL5TfwBDQMV4T4
uwemfafOzPYQZiSaLmKZjhHSxR2irFLyzuFmPPd68SzYxJHoh/zGh/QwZc/Hz7vX
Q4esGNFSNKGSJBqktG5XQqijZ+o8dSyvoBUiCniZ5jmQXeE6ef6ruQzFQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBSLEE4U9IyZHoAd4nk6auubNZyLMB8GA1UdIwQY
MBaAFIF/jo8xoDOJs9aR71oA6C6YnjUPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1gtT2p6R2dNNG16MXBIdldnRG9McGllTlE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9hNjZiM2ItOGMzYS00NDQ2LTgxMGUt
MDY3YWVjODVjYTY3LzEvRklzUVRoVDBqSmtlZ0IzaWVUcHE2NXMxbklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9hNjZiM2ItOGMzYS00NDQ2LTgxMGUtMDY3YWVjODVjYTY3
LzEvZ1gtT2p6R2dNNG16MXBIdldnRG9McGllTlE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPQMA0G
CSqGSIb3DQEBCwUAA4IBAQBuHTdXIUztcKdJB4K1Wc4w0DjkBSa2UBany/kMQ6gX
X+vA58vu6/5RTDM58oH7o8KS+as6NNiQIoqwC/v9eM0IFtSdOlG3j3VFrpOf0mkm
2wDrSRLgHtg7w1v7SkFpJPTe+voVgipRIgQVGAiqbwkWr/vUEjcetQ5hRAP/Vriv
oM+uZtntckn2JlQj6FzKlSaUgneOKga+tJwIaO2cZHxTXWtnjsxldcx+AUq6DZd0
he1xbRuGFzoFtYVhbfQpeVdPc6gq8WP4Y6x38KD/5090H9hY1UwGMEBc5tBp0mAp
G7GK6icPYoS+4YvJ569MzAPHJ4KT7dKmd3HbbKwiJxt9
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:05:53 2025 by rpki-client