Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/sShD_q4ceLwxQ66Q2G4C6NLHOns.roa
File: sShD_q4ceLwxQ66Q2G4C6NLHOns.roa (raw, json)
Hash identifier: BiX0Ojf2DbZMT20uSZBtFAbZP4As97iO/AHVcU+bzqI=
Subject key identifier: B1:28:43:FE:AE:1C:78:BC:31:43:AE:90:D8:6E:02:E8:D2:C7:3A:7B
Certificate issuer: /CN=8ad9281aafefc8375ad8b4b7e604899555952237
Certificate serial: 019425218C4008CDDACE727AB0987F02753A
Authority key identifier: 8A:D9:28:1A:AF:EF:C8:37:5A:D8:B4:B7:E6:04:89:95:55:95:22:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itkoGq_vyDda2LS35gSJlVWVIjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/sShD_q4ceLwxQ66Q2G4C6NLHOns.roa
Signing time: Thu 02 Jan 2025 03:49:03 +0000
ROA not before: Thu 02 Jan 2025 03:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210986
IP address blocks: 146.19.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8c:40:08:cd:da:ce:72:7a:b0:98:7f:02:75:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad9281aafefc8375ad8b4b7e604899555952237
Validity
Not Before: Jan 2 03:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b12843feae1c78bc3143ae90d86e02e8d2c73a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e6:b0:73:51:00:6d:8a:fc:8d:71:26:6e:c0:
c3:5b:90:cc:71:b7:cb:8b:0b:b3:6d:6f:73:b1:e1:
b4:75:dc:3f:fe:bc:e6:dc:84:c4:ac:bd:cf:8a:fe:
c2:06:45:cc:31:b1:35:38:5b:e5:67:d9:3e:93:38:
76:37:72:8a:11:c4:1f:3c:89:fd:3a:33:bb:e6:d2:
18:db:5a:ac:05:aa:bb:4f:90:cb:12:ea:b2:8d:bd:
c6:85:44:c0:eb:4b:0d:09:3c:3f:6c:2a:03:d8:91:
9d:3b:5c:6a:5a:39:c6:ce:a0:15:d5:cd:05:43:2e:
29:cf:12:af:1f:7c:d0:7c:fa:83:d5:a4:68:9d:93:
8e:6a:d7:8e:30:40:fd:71:57:1e:c8:3b:74:26:ab:
76:de:fa:f5:9b:df:95:27:07:5b:d5:8d:49:7d:7c:
36:d0:d3:73:94:46:ed:67:2c:98:9a:90:41:95:b8:
56:5c:8a:73:30:86:e6:6d:fa:62:4c:cf:b6:f8:47:
8e:74:33:88:fd:03:c0:41:08:a4:22:95:47:70:3f:
a7:af:d8:86:5e:5c:d7:31:99:c6:7c:e0:16:1e:ec:
f2:2c:5f:b5:c6:66:19:27:f3:02:7e:43:81:2c:dc:
08:6f:1c:8c:35:e2:66:63:ca:38:12:78:c1:09:ca:
87:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:28:43:FE:AE:1C:78:BC:31:43:AE:90:D8:6E:02:E8:D2:C7:3A:7B
X509v3 Authority Key Identifier:
keyid:8A:D9:28:1A:AF:EF:C8:37:5A:D8:B4:B7:E6:04:89:95:55:95:22:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itkoGq_vyDda2LS35gSJlVWVIjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/sShD_q4ceLwxQ66Q2G4C6NLHOns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/itkoGq_vyDda2LS35gSJlVWVIjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.79.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:2b:30:0b:ef:64:59:ce:0c:f5:d8:d6:27:4f:2a:34:7b:91:
b1:de:9c:41:5e:5b:c2:e9:0e:ff:14:5b:b1:3e:1f:43:49:d7:
85:a5:25:64:bc:63:00:85:e2:9d:5d:84:a6:eb:84:90:5d:87:
bc:41:a2:7c:c6:83:b7:47:6f:79:ef:95:d0:40:4f:25:40:fc:
e2:48:f7:83:7a:0a:2d:05:2c:37:d8:e0:f7:28:b0:71:d1:ec:
8e:3f:a4:0c:71:6d:af:30:f1:62:71:b7:cd:1c:10:ec:67:67:
45:6c:53:36:a7:98:bd:ca:49:62:e2:dc:f9:14:81:62:2d:8f:
a6:b2:e4:99:98:e8:57:22:02:d4:e9:d4:15:c9:50:2a:ad:d2:
00:ed:72:36:a0:67:0e:bd:a5:b3:df:c1:7f:fe:9a:f4:b0:b7:
80:cf:aa:10:63:a7:4d:27:64:c9:54:e1:a5:ae:19:88:33:26:
dc:e8:02:23:e8:ae:74:44:43:c0:57:bb:44:ae:12:48:b6:d4:
91:2d:98:a0:f0:54:4b:21:0a:e7:0c:5b:59:75:8a:ce:82:6d:
42:22:aa:ff:b6:e5:eb:73:9b:33:c9:60:2a:6e:90:a3:fb:27:
ab:01:1c:2e:7f:16:25:55:05:32:58:a7:a2:0c:c0:47:9d:64:
7b:f8:7a:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIYxACM3aznJ6sJh/AnU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDkyODFhYWZlZmM4Mzc1YWQ4YjRiN2U2MDQ4OTk1NTU5
NTIyMzcwHhcNMjUwMTAyMDM0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTI4NDNmZWFlMWM3OGJjMzE0M2FlOTBkODZlMDJlOGQyYzczYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOawc1EAbYr8jXEmbsDDW5DMcbfL
iwuzbW9zseG0ddw//rzm3ITErL3Piv7CBkXMMbE1OFvlZ9k+kzh2N3KKEcQfPIn9
OjO75tIY21qsBaq7T5DLEuqyjb3GhUTA60sNCTw/bCoD2JGdO1xqWjnGzqAV1c0F
Qy4pzxKvH3zQfPqD1aRonZOOateOMED9cVceyDt0Jqt23vr1m9+VJwdb1Y1JfXw2
0NNzlEbtZyyYmpBBlbhWXIpzMIbmbfpiTM+2+EeOdDOI/QPAQQikIpVHcD+nr9iG
XlzXMZnGfOAWHuzyLF+1xmYZJ/MCfkOBLNwIbxyMNeJmY8o4EnjBCcqHawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLEoQ/6uHHi8MUOukNhuAujSxzp7MB8GA1UdIwQY
MBaAFIrZKBqv78g3Wti0t+YEiZVVlSI3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRrb0dxX3Z5RGRhMkxTMzVnU0psVldWSWpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wNTg1MDktMmZlNy00ODZiLWI0YWQt
OGM3NGY5ZGQ2N2ZjLzEvc1NoRF9xNGNlTHd4UTY2UTJHNEM2TkxIT25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wNTg1MDktMmZlNy00ODZiLWI0YWQtOGM3NGY5ZGQ2N2Zj
LzEvaXRrb0dxX3Z5RGRhMkxTMzVnU0psVldWSWpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNPMA0G
CSqGSIb3DQEBCwUAA4IBAQC3KzAL72RZzgz12NYnTyo0e5Gx3pxBXlvC6Q7/FFux
Ph9DSdeFpSVkvGMAheKdXYSm64SQXYe8QaJ8xoO3R29575XQQE8lQPziSPeDegot
BSw32OD3KLBx0eyOP6QMcW2vMPFicbfNHBDsZ2dFbFM2p5i9ykli4tz5FIFiLY+m
suSZmOhXIgLU6dQVyVAqrdIA7XI2oGcOvaWz38F//pr0sLeAz6oQY6dNJ2TJVOGl
rhmIMybc6AIj6K50REPAV7tErhJIttSRLZig8FRLIQrnDFtZdYrOgm1CIqr/tuXr
c5szyWAqbpCj+yerARwufxYlVQUyWKeiDMBHnWR7+Hq2
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:10:27 2025 by rpki-client