Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/jjb9-8iXZGVpIaiYLG1b0CgDmDQ.roa
File: jjb9-8iXZGVpIaiYLG1b0CgDmDQ.roa (raw, json)
Hash identifier: aXW8Frrn0CPPaBr+F5uNOjUESeabRZzpMHqeAGAbYRY=
Subject key identifier: 8E:36:FD:FB:C8:97:64:65:69:21:A8:98:2C:6D:5B:D0:28:03:98:34
Certificate issuer: /CN=8b2e0d184ff553375c847c38d4dfcdcde1219fd3
Certificate serial: 019421B1FDA9F2C77C61C4C9C69E7C34058B
Authority key identifier: 8B:2E:0D:18:4F:F5:53:37:5C:84:7C:38:D4:DF:CD:CD:E1:21:9F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iy4NGE_1UzdchHw41N_NzeEhn9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/jjb9-8iXZGVpIaiYLG1b0CgDmDQ.roa
Signing time: Wed 01 Jan 2025 11:48:20 +0000
ROA not before: Wed 01 Jan 2025 11:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213373
IP address blocks: 146.19.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:fd:a9:f2:c7:7c:61:c4:c9:c6:9e:7c:34:05:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b2e0d184ff553375c847c38d4dfcdcde1219fd3
Validity
Not Before: Jan 1 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e36fdfbc89764656921a8982c6d5bd028039834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e4:37:65:f3:eb:ea:57:ed:55:44:5d:02:79:
67:fe:83:64:17:ab:e6:65:67:a0:7f:ac:65:db:73:
0c:e6:6f:4d:ab:d0:3a:5f:56:7c:a5:dd:7f:11:9c:
50:23:81:86:5a:b2:14:8b:de:26:80:47:a5:6a:f6:
51:21:26:5f:05:a5:15:07:9c:a2:0a:53:5e:da:3f:
f2:38:49:3e:9c:8d:0d:1d:28:67:28:ca:9a:1a:da:
c7:2d:52:c9:13:f8:75:35:6f:cd:26:5a:bb:5b:41:
98:bb:1d:fb:dd:22:db:52:d3:4b:d4:02:35:74:72:
8d:24:09:ef:e4:43:f9:71:62:7a:55:c4:6c:25:76:
75:a0:7f:b6:81:1e:5c:62:3e:6d:44:92:92:de:8b:
84:d9:37:28:28:71:70:7f:92:89:be:c8:ed:ad:3c:
34:ea:49:8a:be:72:9b:c9:d7:a9:3e:14:48:e9:76:
d4:f3:90:ad:98:19:ba:43:35:35:d2:f1:aa:44:97:
3b:04:89:85:1a:24:c3:f8:e6:c9:eb:9a:a3:84:36:
d3:f0:9c:67:2e:c9:86:67:80:48:af:2f:d8:29:08:
3f:49:79:29:0f:aa:16:60:92:e4:2b:fe:a6:22:b0:
7f:ad:b1:83:d4:da:d9:b2:a3:56:b7:ed:36:e4:13:
d4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:36:FD:FB:C8:97:64:65:69:21:A8:98:2C:6D:5B:D0:28:03:98:34
X509v3 Authority Key Identifier:
keyid:8B:2E:0D:18:4F:F5:53:37:5C:84:7C:38:D4:DF:CD:CD:E1:21:9F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iy4NGE_1UzdchHw41N_NzeEhn9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/jjb9-8iXZGVpIaiYLG1b0CgDmDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/iy4NGE_1UzdchHw41N_NzeEhn9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.173.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:89:48:7a:af:af:5e:f7:77:57:11:b2:ce:7a:81:82:a9:d7:
93:6e:66:ab:11:aa:a0:e4:0a:d9:ae:09:43:3d:f0:3b:f9:63:
f1:bb:2f:8c:51:87:a9:fd:b0:dc:4e:ca:8d:20:81:18:80:41:
e3:e2:c1:06:3c:2d:84:c6:eb:12:62:8d:6e:4f:f8:9e:26:99:
1c:28:32:3d:ab:c6:f3:d0:d7:aa:51:7c:e6:24:ae:d7:1c:a4:
5e:62:3e:c8:4e:40:34:04:16:82:49:c4:26:b9:b5:16:e9:19:
95:96:52:64:56:9d:23:63:d2:64:c7:be:a3:48:af:25:3f:13:
df:ea:f1:9e:6b:a6:bf:fc:fa:b5:22:89:64:04:24:51:52:66:
c3:9a:3b:22:5f:b5:6e:1f:fa:48:f7:c4:1b:9d:c9:3a:e4:e3:
4c:cc:19:f3:73:20:45:b7:df:a1:59:0b:17:f6:be:b1:e6:13:
ff:41:44:7a:98:5f:45:12:23:a6:ed:fe:57:29:23:9f:d2:95:
9e:b4:90:be:c4:43:46:a8:39:78:e9:7f:13:b1:d7:30:cd:42:
53:b6:96:5f:82:a2:e2:a6:cf:34:9a:a7:9c:5c:42:37:d7:e1:
87:ec:e7:b9:ec:31:90:85:8c:3e:b0:b9:8f:62:1f:e9:db:70:
60:3b:0b:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsf2p8sd8YcTJxp58NAWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMmUwZDE4NGZmNTUzMzc1Yzg0N2MzOGQ0ZGZjZGNkZTEy
MTlmZDMwHhcNMjUwMTAxMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTM2ZmRmYmM4OTc2NDY1NjkyMWE4OTgyYzZkNWJkMDI4MDM5ODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uQ3ZfPr6lftVURdAnln/oNkF6vm
ZWegf6xl23MM5m9Nq9A6X1Z8pd1/EZxQI4GGWrIUi94mgEelavZRISZfBaUVB5yi
ClNe2j/yOEk+nI0NHShnKMqaGtrHLVLJE/h1NW/NJlq7W0GYux373SLbUtNL1AI1
dHKNJAnv5EP5cWJ6VcRsJXZ1oH+2gR5cYj5tRJKS3ouE2TcoKHFwf5KJvsjtrTw0
6kmKvnKbydepPhRI6XbU85CtmBm6QzU10vGqRJc7BImFGiTD+ObJ65qjhDbT8Jxn
LsmGZ4BIry/YKQg/SXkpD6oWYJLkK/6mIrB/rbGD1NrZsqNWt+025BPU/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI42/fvIl2RlaSGomCxtW9AoA5g0MB8GA1UdIwQY
MBaAFIsuDRhP9VM3XIR8ONTfzc3hIZ/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXk0TkdFXzFVemRjaEh3NDFOX056ZUVobjlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wZmNkOGUtMTAzNC00YTc1LWEwNzAt
Njk5ZjNjZDg1MGZhLzEvampiOS04aVhaR1ZwSWFpWUxHMWIwQ2dEbURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wZmNkOGUtMTAzNC00YTc1LWEwNzAtNjk5ZjNjZDg1MGZh
LzEvaXk0TkdFXzFVemRjaEh3NDFOX056ZUVobjlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOtMA0G
CSqGSIb3DQEBCwUAA4IBAQC7iUh6r69e93dXEbLOeoGCqdeTbmarEaqg5ArZrglD
PfA7+WPxuy+MUYep/bDcTsqNIIEYgEHj4sEGPC2ExusSYo1uT/ieJpkcKDI9q8bz
0NeqUXzmJK7XHKReYj7ITkA0BBaCScQmubUW6RmVllJkVp0jY9Jkx76jSK8lPxPf
6vGea6a//Pq1IolkBCRRUmbDmjsiX7VuH/pI98Qbnck65ONMzBnzcyBFt9+hWQsX
9r6x5hP/QUR6mF9FEiOm7f5XKSOf0pWetJC+xENGqDl46X8TsdcwzUJTtpZfgqLi
ps80mqecXEI31+GH7Oe57DGQhYw+sLmPYh/p23BgOws8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:40 2025 by rpki-client