Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/f573d3-de14-4434-ab94-94fbf34de159/1/aBhKnKpguJkpK7eQH0OE9eN0ccM.roa
File: aBhKnKpguJkpK7eQH0OE9eN0ccM.roa (raw, json)
Hash identifier: ybziVvuGrc2UclgiulBHBkVJS7F+1mYjso1v3nCRxoE=
Subject key identifier: 68:18:4A:9C:AA:60:B8:99:29:2B:B7:90:1F:43:84:F5:E3:74:71:C3
Certificate issuer: /CN=9f50270fd310e11422e586f26317155d5cf66458
Certificate serial: 018572B41B796675E33007453275D956B9FC
Authority key identifier: 9F:50:27:0F:D3:10:E1:14:22:E5:86:F2:63:17:15:5D:5C:F6:64:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1AnD9MQ4RQi5YbyYxcVXVz2ZFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/f573d3-de14-4434-ab94-94fbf34de159/1/aBhKnKpguJkpK7eQH0OE9eN0ccM.roa
Signing time: Mon 02 Jan 2023 13:38:04 +0000
ROA not before: Mon 02 Jan 2023 13:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29066
IP address blocks: 146.19.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:1b:79:66:75:e3:30:07:45:32:75:d9:56:b9:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f50270fd310e11422e586f26317155d5cf66458
Validity
Not Before: Jan 2 13:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68184a9caa60b899292bb7901f4384f5e37471c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6c:ad:14:9b:79:31:95:37:66:25:25:17:ea:
e8:e0:5d:4d:82:28:b3:68:7c:87:6f:d5:59:4f:ac:
95:23:21:50:a2:12:e4:0a:25:4e:12:9c:a5:99:f2:
e3:63:7b:84:36:c0:f9:d1:2c:bd:39:69:24:2a:a1:
00:b4:d4:d6:3c:46:b9:4b:9b:96:8b:0d:6f:e6:31:
07:46:f5:38:3a:17:06:6b:33:d8:23:31:8c:f2:e6:
a2:0d:78:25:af:52:7c:d6:bb:b7:11:87:96:ec:71:
75:21:ee:32:b4:40:ff:b0:b0:9c:ac:02:0a:a7:74:
0a:56:61:b0:2b:f9:8a:f5:85:1d:b5:66:f9:1c:71:
4a:5b:60:23:2c:05:f8:ee:64:59:14:74:f1:35:9b:
68:ca:d7:21:8a:6e:65:44:45:b6:6a:50:b0:63:27:
d7:ea:e3:da:01:1d:e5:8f:eb:16:a3:42:41:49:92:
15:11:e6:51:62:f1:69:05:3c:aa:cf:a2:70:08:f3:
79:fc:34:76:49:f3:33:0d:69:02:33:d7:32:ff:2b:
40:1f:30:65:d1:c8:26:2c:18:ad:62:a0:65:a8:d9:
9b:6a:fc:8d:29:6c:06:d9:17:5d:02:65:d9:35:1f:
27:57:bb:6c:1d:8e:b1:56:1c:a4:9a:8c:a1:82:a3:
8a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:18:4A:9C:AA:60:B8:99:29:2B:B7:90:1F:43:84:F5:E3:74:71:C3
X509v3 Authority Key Identifier:
keyid:9F:50:27:0F:D3:10:E1:14:22:E5:86:F2:63:17:15:5D:5C:F6:64:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1AnD9MQ4RQi5YbyYxcVXVz2ZFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/f573d3-de14-4434-ab94-94fbf34de159/1/aBhKnKpguJkpK7eQH0OE9eN0ccM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/f573d3-de14-4434-ab94-94fbf34de159/1/n1AnD9MQ4RQi5YbyYxcVXVz2ZFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.245.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:4e:b0:05:ee:8d:e0:19:95:a3:15:73:eb:7a:ce:cb:df:7f:
1b:b4:9b:97:e8:a5:74:8c:4d:b1:5a:f3:60:1e:25:2f:fb:17:
6c:8a:c4:de:70:07:93:34:56:29:22:2d:70:f6:f4:6d:81:c0:
1d:db:75:89:a8:11:93:90:93:e3:4a:89:3d:42:e1:fe:14:4b:
76:1e:08:53:84:9b:86:8d:a1:03:5d:a0:68:87:cb:e0:4b:dd:
4c:a2:80:09:8e:f3:e8:16:ef:df:ee:5b:88:90:18:03:59:9d:
70:28:3f:90:23:1b:83:e4:e1:73:8e:2c:84:2f:3b:4f:c7:64:
36:f5:7e:91:a6:c9:9b:94:d5:6d:87:b1:88:9e:f9:35:07:3a:
0c:80:ec:a5:ee:9e:a5:69:71:63:62:da:7a:56:be:14:da:ed:
eb:a0:d2:73:81:43:fd:61:7a:44:57:8d:62:87:1d:21:9a:65:
4b:5c:31:4a:86:d1:51:b5:4b:07:38:6c:26:04:a7:41:29:64:
a3:32:b8:25:85:77:85:82:05:8c:97:bb:8e:1e:cd:2b:47:e8:
37:94:0d:5d:b0:e6:13:ea:6d:db:39:0f:36:c3:2e:64:fe:73:
24:10:5b:c1:ac:e1:98:d1:0c:57:63:ce:fb:8e:21:2f:57:9a:
ff:ef:fe:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytBt5ZnXjMAdFMnXZVrn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNTAyNzBmZDMxMGUxMTQyMmU1ODZmMjYzMTcxNTVkNWNm
NjY0NTgwHhcNMjMwMTAyMTMzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODE4NGE5Y2FhNjBiODk5MjkyYmI3OTAxZjQzODRmNWUzNzQ3MWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2ytFJt5MZU3ZiUlF+ro4F1Ngiiz
aHyHb9VZT6yVIyFQohLkCiVOEpylmfLjY3uENsD50Sy9OWkkKqEAtNTWPEa5S5uW
iw1v5jEHRvU4OhcGazPYIzGM8uaiDXglr1J81ru3EYeW7HF1Ie4ytED/sLCcrAIK
p3QKVmGwK/mK9YUdtWb5HHFKW2AjLAX47mRZFHTxNZtoytchim5lREW2alCwYyfX
6uPaAR3lj+sWo0JBSZIVEeZRYvFpBTyqz6JwCPN5/DR2SfMzDWkCM9cy/ytAHzBl
0cgmLBitYqBlqNmbavyNKWwG2RddAmXZNR8nV7tsHY6xVhykmoyhgqOK/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgYSpyqYLiZKSu3kB9DhPXjdHHDMB8GA1UdIwQY
MBaAFJ9QJw/TEOEUIuWG8mMXFV1c9mRYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFBbkQ5TVE0UlFpNVlieVl4Y1ZYVnoyWkZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9mNTczZDMtZGUxNC00NDM0LWFiOTQt
OTRmYmYzNGRlMTU5LzEvYUJoS25LcGd1SmtwSzdlUUgwT0U5ZU4wY2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9mNTczZDMtZGUxNC00NDM0LWFiOTQtOTRmYmYzNGRlMTU5
LzEvbjFBbkQ5TVE0UlFpNVlieVl4Y1ZYVnoyWkZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP1MA0G
CSqGSIb3DQEBCwUAA4IBAQB8TrAF7o3gGZWjFXPres7L338btJuX6KV0jE2xWvNg
HiUv+xdsisTecAeTNFYpIi1w9vRtgcAd23WJqBGTkJPjSok9QuH+FEt2HghThJuG
jaEDXaBoh8vgS91MooAJjvPoFu/f7luIkBgDWZ1wKD+QIxuD5OFzjiyELztPx2Q2
9X6RpsmblNVth7GInvk1BzoMgOyl7p6laXFjYtp6Vr4U2u3roNJzgUP9YXpEV41i
hx0hmmVLXDFKhtFRtUsHOGwmBKdBKWSjMrglhXeFggWMl7uOHs0rR+g3lA1dsOYT
6m3bOQ82wy5k/nMkEFvBrOGY0QxXY877jiEvV5r/7/4z
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:03:52 2025 by rpki-client