Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/36137c-64fc-4e19-aa1a-adb73d1365a8/1/YwgvnUNeBXROkbeorrZw7WoY9S4.roa
File: YwgvnUNeBXROkbeorrZw7WoY9S4.roa (raw, json)
Hash identifier: Uia2m1QiWhOqJ4RUGYzrisB7c2P4B/xCrefS/ilGKns=
Subject key identifier: 63:08:2F:9D:43:5E:05:74:4E:91:B7:A8:AE:B6:70:ED:6A:18:F5:2E
Certificate issuer: /CN=749a1c5869ae0b1b0faabd026acfcb47324c1624
Certificate serial: 01856D663C17A73C40E98505091531BD0EC2
Authority key identifier: 74:9A:1C:58:69:AE:0B:1B:0F:AA:BD:02:6A:CF:CB:47:32:4C:16:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJocWGmuCxsPqr0Cas_LRzJMFiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/36137c-64fc-4e19-aa1a-adb73d1365a8/1/YwgvnUNeBXROkbeorrZw7WoY9S4.roa
Signing time: Sun 01 Jan 2023 12:54:54 +0000
ROA not before: Sun 01 Jan 2023 12:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200019
IP address blocks: 146.19.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:3c:17:a7:3c:40:e9:85:05:09:15:31:bd:0e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749a1c5869ae0b1b0faabd026acfcb47324c1624
Validity
Not Before: Jan 1 12:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=63082f9d435e05744e91b7a8aeb670ed6a18f52e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ad:c9:3a:3b:6f:7d:53:70:eb:4b:15:e0:f1:
a2:92:99:5d:58:11:cb:b2:ad:f4:85:9f:40:ca:3c:
c0:c2:59:48:4b:ba:7d:ab:d2:9f:9f:1b:61:f2:03:
27:4e:2b:23:a3:73:8a:53:e7:51:be:ec:95:5c:6b:
60:93:1d:00:da:33:6f:5c:27:b0:02:5d:4c:31:b1:
b9:6e:14:ea:b7:61:a6:50:f8:70:dc:88:6a:32:b7:
d0:85:d9:5a:d3:63:1d:57:97:20:5c:8d:96:40:a5:
79:14:67:89:26:83:05:47:4c:59:60:44:11:50:a2:
eb:75:1d:0e:db:19:93:bd:7a:af:62:1d:e8:8a:88:
48:6f:56:9d:7a:42:5d:09:d9:55:c1:a0:3c:42:19:
d1:ac:59:88:7d:59:80:80:4d:ce:40:2c:39:af:ab:
7e:3a:11:cb:01:18:e6:cd:78:ff:c9:42:0e:47:52:
53:b2:22:c6:a0:de:6c:56:4e:13:6e:45:d4:15:d5:
22:d6:d6:f7:e6:59:fe:b1:5a:ac:ea:23:ff:ad:98:
e8:43:69:3b:d7:c2:48:a6:b0:f3:88:b7:47:81:20:
83:d9:f9:05:87:d0:bd:11:a3:df:0b:0a:74:72:d3:
10:92:10:46:50:56:05:bd:0c:e6:9d:f5:3f:cf:ab:
a0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:08:2F:9D:43:5E:05:74:4E:91:B7:A8:AE:B6:70:ED:6A:18:F5:2E
X509v3 Authority Key Identifier:
keyid:74:9A:1C:58:69:AE:0B:1B:0F:AA:BD:02:6A:CF:CB:47:32:4C:16:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJocWGmuCxsPqr0Cas_LRzJMFiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/36137c-64fc-4e19-aa1a-adb73d1365a8/1/YwgvnUNeBXROkbeorrZw7WoY9S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/36137c-64fc-4e19-aa1a-adb73d1365a8/1/dJocWGmuCxsPqr0Cas_LRzJMFiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.213.0/24
Signature Algorithm: sha256WithRSAEncryption
65:79:85:73:b8:3b:29:3d:3c:78:9b:41:81:79:f6:2c:ca:dd:
50:36:04:c4:82:be:dd:2c:cd:d3:ae:3b:4d:f7:36:93:51:18:
7c:5a:4c:1b:5c:a1:0d:dd:db:f0:11:fd:d0:9c:62:50:a3:fd:
d8:0f:88:59:d4:41:97:6e:f5:4e:2d:ed:c7:80:c6:1e:33:8b:
6d:65:9f:eb:ed:b6:96:3a:7d:89:b3:27:1b:35:2f:b9:54:6c:
12:6e:32:4a:82:8f:6e:02:1a:44:04:24:04:c6:11:2d:c4:f4:
e0:c7:9d:f0:51:33:f2:2c:64:26:d0:5a:5d:4b:be:1d:b6:72:
6f:36:a6:9a:08:55:0e:a8:a2:a3:36:2a:96:a6:9f:62:0f:92:
9e:7d:fc:b0:b1:d2:81:6a:18:5d:94:00:fb:a7:1d:7f:38:10:
7d:ed:bb:73:7d:3a:76:af:91:33:de:3b:93:5d:59:75:2d:d2:
d9:71:27:f3:33:49:7e:68:2f:57:8c:1b:fe:c5:61:12:26:3e:
f2:37:0a:b2:aa:77:29:27:ed:6a:41:f3:db:7e:d0:55:e0:12:
df:09:d1:7f:4c:09:e8:89:c1:32:43:d0:d6:0a:c6:64:b8:4b:
2c:09:67:1c:5a:2c:4b:8a:f0:60:78:95:38:46:4b:95:cb:0d:
26:16:f4:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZjwXpzxA6YUFCRUxvQ7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OWExYzU4NjlhZTBiMWIwZmFhYmQwMjZhY2ZjYjQ3MzI0
YzE2MjQwHhcNMjMwMTAxMTI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzA4MmY5ZDQzNWUwNTc0NGU5MWI3YThhZWI2NzBlZDZhMThmNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkq3JOjtvfVNw60sV4PGikpldWBHL
sq30hZ9AyjzAwllIS7p9q9Kfnxth8gMnTisjo3OKU+dRvuyVXGtgkx0A2jNvXCew
Al1MMbG5bhTqt2GmUPhw3IhqMrfQhdla02MdV5cgXI2WQKV5FGeJJoMFR0xZYEQR
UKLrdR0O2xmTvXqvYh3oiohIb1adekJdCdlVwaA8QhnRrFmIfVmAgE3OQCw5r6t+
OhHLARjmzXj/yUIOR1JTsiLGoN5sVk4TbkXUFdUi1tb35ln+sVqs6iP/rZjoQ2k7
18JIprDziLdHgSCD2fkFh9C9EaPfCwp0ctMQkhBGUFYFvQzmnfU/z6ugBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMIL51DXgV0TpG3qK62cO1qGPUuMB8GA1UdIwQY
MBaAFHSaHFhprgsbD6q9AmrPy0cyTBYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpvY1dHbXVDeHNQcXIwQ2FzX0xSekpNRmlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8zNjEzN2MtNjRmYy00ZTE5LWFhMWEt
YWRiNzNkMTM2NWE4LzEvWXdndm5VTmVCWFJPa2Jlb3JyWnc3V29ZOVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8zNjEzN2MtNjRmYy00ZTE5LWFhMWEtYWRiNzNkMTM2NWE4
LzEvZEpvY1dHbXVDeHNQcXIwQ2FzX0xSekpNRmlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPVMA0G
CSqGSIb3DQEBCwUAA4IBAQBleYVzuDspPTx4m0GBefYsyt1QNgTEgr7dLM3TrjtN
9zaTURh8WkwbXKEN3dvwEf3QnGJQo/3YD4hZ1EGXbvVOLe3HgMYeM4ttZZ/r7baW
On2JsycbNS+5VGwSbjJKgo9uAhpEBCQExhEtxPTgx53wUTPyLGQm0FpdS74dtnJv
NqaaCFUOqKKjNiqWpp9iD5KeffywsdKBahhdlAD7px1/OBB97btzfTp2r5Ez3juT
XVl1LdLZcSfzM0l+aC9XjBv+xWESJj7yNwqyqncpJ+1qQfPbftBV4BLfCdF/TAno
icEyQ9DWCsZkuEssCWccWixLivBgeJU4RkuVyw0mFvTl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:24 2025 by rpki-client