Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/36b3fa-c925-4b09-b8ea-32f59fa5b311/1/RjTQWNSpJfe8w_ITXynh7HC007o.roa
File: RjTQWNSpJfe8w_ITXynh7HC007o.roa (raw, json)
Hash identifier: 9sQWYv1ZBZpCaxlO7ZwUlIuYAMf5VR1aWrG6FLQdSrc=
Subject key identifier: 46:34:D0:58:D4:A9:25:F7:BC:C3:F2:13:5F:29:E1:EC:70:B4:D3:BA
Certificate issuer: /CN=b435f526d7d0909e7f4a7df2c5cad72d2af6b2c3
Certificate serial: 018570FB9CAB66ACD6B90F5A1F999E7A39BA
Authority key identifier: B4:35:F5:26:D7:D0:90:9E:7F:4A:7D:F2:C5:CA:D7:2D:2A:F6:B2:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDX1JtfQkJ5_Sn3yxcrXLSr2ssM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/36b3fa-c925-4b09-b8ea-32f59fa5b311/1/RjTQWNSpJfe8w_ITXynh7HC007o.roa
Signing time: Mon 02 Jan 2023 05:36:55 +0000
ROA not before: Mon 02 Jan 2023 05:36:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199367
IP address blocks: 185.19.144.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:9c:ab:66:ac:d6:b9:0f:5a:1f:99:9e:7a:39:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b435f526d7d0909e7f4a7df2c5cad72d2af6b2c3
Validity
Not Before: Jan 2 05:36:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4634d058d4a925f7bcc3f2135f29e1ec70b4d3ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:19:84:77:1a:5f:b4:89:2e:d7:44:9a:13:ca:
ee:cc:e6:ea:2a:27:b9:cd:ef:cd:b7:ab:18:e4:cd:
31:0a:3c:c6:5a:7a:37:32:1d:27:a5:39:37:21:4c:
d0:16:53:5d:af:bb:5c:70:f1:cc:a0:b7:45:d1:53:
90:0c:33:e9:b2:00:5b:ae:cb:b5:82:97:4e:45:8d:
66:2c:ad:74:3f:b9:e1:bb:f1:f6:54:15:68:0e:a8:
13:b2:55:bd:9e:02:47:7e:c6:1e:23:7f:f6:9f:c6:
94:1e:50:72:b7:74:d0:ca:97:1f:5e:d7:d5:0b:98:
ac:50:a1:6f:ed:8d:95:6d:94:ca:d1:21:ac:67:82:
ca:21:eb:9c:7b:14:40:d8:5c:a5:7f:d8:d5:d5:8a:
12:3f:37:00:25:4e:7b:27:e7:a8:02:f6:90:72:9a:
21:67:52:59:b7:99:6f:0d:91:69:15:39:c5:47:2f:
83:74:93:c0:be:09:b9:da:b9:7e:ee:23:97:5b:fe:
03:da:53:f3:1c:45:fb:84:cc:e7:f1:b8:34:56:ae:
a7:6c:ce:69:e5:79:78:02:f8:80:04:8b:73:6e:57:
5e:31:ff:ee:5b:fd:bc:e8:a5:8f:e8:cd:5e:37:ab:
9f:d7:38:67:fc:c9:a4:cb:00:05:5f:be:ee:33:85:
79:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:34:D0:58:D4:A9:25:F7:BC:C3:F2:13:5F:29:E1:EC:70:B4:D3:BA
X509v3 Authority Key Identifier:
keyid:B4:35:F5:26:D7:D0:90:9E:7F:4A:7D:F2:C5:CA:D7:2D:2A:F6:B2:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDX1JtfQkJ5_Sn3yxcrXLSr2ssM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/36b3fa-c925-4b09-b8ea-32f59fa5b311/1/RjTQWNSpJfe8w_ITXynh7HC007o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/36b3fa-c925-4b09-b8ea-32f59fa5b311/1/tDX1JtfQkJ5_Sn3yxcrXLSr2ssM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.144.0/22
Signature Algorithm: sha256WithRSAEncryption
c7:e0:f7:1e:54:c8:b7:7b:a7:9f:dd:6b:7e:29:a5:44:7b:00:
b4:a5:71:d3:bd:25:ea:25:a5:df:df:c3:ad:11:09:1a:a9:37:
ad:c7:65:1f:3e:96:6d:91:2e:29:56:18:0a:88:68:ca:56:31:
a0:e2:18:44:f2:3b:7a:61:8e:05:8e:ba:6e:5e:a4:a8:34:5a:
8b:2c:75:d3:ef:70:79:7a:8f:19:82:b2:87:be:06:72:40:04:
75:56:2e:55:aa:71:1f:bf:5a:de:be:75:8e:94:0a:63:31:c0:
f6:ed:db:4d:87:27:b3:8b:6e:4f:38:20:05:e4:3b:53:fa:dc:
f8:73:29:89:de:81:50:b5:6a:12:e9:f3:3e:ff:b4:7b:ca:66:
c1:49:d3:94:f5:0a:83:68:3e:21:ad:1b:ae:a6:d3:d7:02:94:
84:da:4c:2b:40:a5:32:48:2c:34:07:b1:2c:87:cb:0d:93:ed:
f1:61:31:52:8c:2c:2e:92:6f:9b:84:49:48:d3:e8:28:74:1e:
51:0d:db:ba:3f:5f:0b:38:60:25:8d:35:33:29:f3:da:e5:12:
ff:5d:a6:6d:a0:72:26:1a:4d:cb:91:e8:6f:2e:df:3c:af:2a:
e0:a6:b4:d2:c6:15:e4:2f:83:3f:42:03:f8:b7:da:ff:03:92:
01:79:2f:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+5yrZqzWuQ9aH5meejm6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzVmNTI2ZDdkMDkwOWU3ZjRhN2RmMmM1Y2FkNzJkMmFm
NmIyYzMwHhcNMjMwMTAyMDUzNjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjM0ZDA1OGQ0YTkyNWY3YmNjM2YyMTM1ZjI5ZTFlYzcwYjRkM2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBmEdxpftIku10SaE8ruzObqKie5
ze/Nt6sY5M0xCjzGWno3Mh0npTk3IUzQFlNdr7tccPHMoLdF0VOQDDPpsgBbrsu1
gpdORY1mLK10P7nhu/H2VBVoDqgTslW9ngJHfsYeI3/2n8aUHlByt3TQypcfXtfV
C5isUKFv7Y2VbZTK0SGsZ4LKIeucexRA2Fylf9jV1YoSPzcAJU57J+eoAvaQcpoh
Z1JZt5lvDZFpFTnFRy+DdJPAvgm52rl+7iOXW/4D2lPzHEX7hMzn8bg0Vq6nbM5p
5Xl4AviABItzbldeMf/uW/286KWP6M1eN6uf1zhn/MmkywAFX77uM4V5wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEY00FjUqSX3vMPyE18p4exwtNO6MB8GA1UdIwQY
MBaAFLQ19SbX0JCef0p98sXK1y0q9rLDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERYMUp0ZlFrSjVfU24zeXhjclhMU3Iyc3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8zNmIzZmEtYzkyNS00YjA5LWI4ZWEt
MzJmNTlmYTViMzExLzEvUmpUUVdOU3BKZmU4d19JVFh5bmg3SEMwMDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8zNmIzZmEtYzkyNS00YjA5LWI4ZWEtMzJmNTlmYTViMzEx
LzEvdERYMUp0ZlFrSjVfU24zeXhjclhMU3Iyc3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuROQMA0G
CSqGSIb3DQEBCwUAA4IBAQDH4PceVMi3e6ef3Wt+KaVEewC0pXHTvSXqJaXf38Ot
EQkaqTetx2UfPpZtkS4pVhgKiGjKVjGg4hhE8jt6YY4FjrpuXqSoNFqLLHXT73B5
eo8ZgrKHvgZyQAR1Vi5VqnEfv1revnWOlApjMcD27dtNhyezi25POCAF5DtT+tz4
cymJ3oFQtWoS6fM+/7R7ymbBSdOU9QqDaD4hrRuuptPXApSE2kwrQKUySCw0B7Es
h8sNk+3xYTFSjCwukm+bhElI0+godB5RDdu6P18LOGAljTUzKfPa5RL/XaZtoHIm
Gk3LkehvLt88ryrgprTSxhXkL4M/QgP4t9r/A5IBeS8Y
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:35:07 2025 by rpki-client