Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/t3F8K-eKkpIig0xnri8gdWPYoUc.roa
File: t3F8K-eKkpIig0xnri8gdWPYoUc.roa (raw, json)
Hash identifier: 0LMmNIPY61uLEOsd/F4vx4OEiYbCbnmZs1SeTx2VOHc=
Subject key identifier: B7:71:7C:2B:E7:8A:92:92:22:83:4C:67:AE:2F:20:75:63:D8:A1:47
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 019426D9515D815BA8CF640708A729AC05A8
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/t3F8K-eKkpIig0xnri8gdWPYoUc.roa
Signing time: Thu 02 Jan 2025 11:49:23 +0000
ROA not before: Thu 02 Jan 2025 11:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203162
IP address blocks: 146.19.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:51:5d:81:5b:a8:cf:64:07:08:a7:29:ac:05:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Jan 2 11:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7717c2be78a929222834c67ae2f207563d8a147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c5:f8:53:7f:40:41:fb:86:2e:24:3b:b5:3d:
b0:fa:27:73:33:17:08:d0:97:ba:25:db:5e:74:9b:
4c:ce:eb:11:47:fa:bc:9f:f6:ac:d1:89:15:04:88:
7c:bf:f9:79:41:26:5d:d6:3b:02:15:7a:78:3c:46:
8e:16:fb:5c:f4:ae:4c:95:0e:b2:e6:ef:f3:bf:c5:
01:e4:34:04:bc:a1:cb:62:59:8b:b8:ef:bd:fd:27:
d8:7c:2b:00:b1:49:65:61:b1:03:33:a2:7e:02:11:
1c:3f:bc:b9:d7:07:38:57:a5:d4:44:4b:e6:47:da:
45:fd:53:8e:40:76:68:0d:c6:65:4c:c7:98:a4:f0:
52:27:a8:17:c8:fe:2f:32:b6:4f:ed:01:93:6a:d0:
f4:f6:fa:c3:5a:9f:de:0e:95:1c:9f:fc:cd:87:0d:
57:e8:cc:ba:a1:ab:5d:b3:2e:31:ba:7c:2b:61:c6:
f1:e9:2e:90:13:90:ff:e5:e5:80:b7:03:cb:cb:f6:
28:a5:33:cc:68:8a:1a:92:db:3f:2e:8f:b7:12:f6:
c0:9b:d8:68:c4:18:fb:36:a0:bf:eb:bd:86:8d:e9:
be:9d:1a:cf:a6:8d:2f:b9:24:df:1b:e1:87:80:be:
42:0c:bc:16:fc:85:a2:a1:51:6e:bb:23:a3:f0:75:
cb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:71:7C:2B:E7:8A:92:92:22:83:4C:67:AE:2F:20:75:63:D8:A1:47
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/t3F8K-eKkpIig0xnri8gdWPYoUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.104.0/24
Signature Algorithm: sha256WithRSAEncryption
69:8d:6a:fb:5a:88:6e:c2:1f:ca:73:94:04:d1:56:00:26:65:
34:90:8e:b6:93:84:a7:96:7e:37:42:45:cc:24:9b:d7:5c:dd:
1b:50:a9:dc:6c:0f:a7:7c:40:94:b0:8e:67:db:25:02:85:ab:
60:4c:c6:79:84:85:0f:34:30:a5:1d:11:11:65:15:80:e1:c2:
0f:3b:34:35:6b:99:01:a3:5f:5e:7a:2d:37:88:6c:9a:95:4d:
2d:94:88:c3:22:35:49:bb:9a:c7:54:f4:a6:95:50:b9:fb:28:
37:55:fb:0d:3f:a5:2a:ed:4b:36:16:03:44:b9:4d:cf:c2:1a:
83:cb:85:66:29:90:a9:b3:82:25:ca:c6:a5:bc:50:e3:0d:5e:
45:3b:29:05:e9:fc:c6:3d:4f:82:55:09:d2:0d:d6:bf:41:45:
94:2e:1e:62:30:1e:56:2d:9c:8e:bd:09:5f:5a:b3:d7:23:79:
c1:d2:99:07:31:26:90:cb:f2:c3:0b:c2:24:d2:c1:48:f3:12:
b6:40:b9:02:85:4f:e6:c2:47:08:d2:3d:35:65:47:e0:45:16:
c7:5b:2e:c2:2c:13:84:a3:60:f2:14:67:1b:82:8b:d6:02:0a:
de:01:bb:86:7c:bb:bb:aa:c5:d6:0b:3b:44:b1:d5:01:b0:9a:
8b:07:0d:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2VFdgVuoz2QHCKcprAWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjUwMTAyMTE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzcxN2MyYmU3OGE5MjkyMjI4MzRjNjdhZTJmMjA3NTYzZDhhMTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMX4U39AQfuGLiQ7tT2w+idzMxcI
0Je6JdtedJtMzusRR/q8n/as0YkVBIh8v/l5QSZd1jsCFXp4PEaOFvtc9K5MlQ6y
5u/zv8UB5DQEvKHLYlmLuO+9/SfYfCsAsUllYbEDM6J+AhEcP7y51wc4V6XUREvm
R9pF/VOOQHZoDcZlTMeYpPBSJ6gXyP4vMrZP7QGTatD09vrDWp/eDpUcn/zNhw1X
6My6oatdsy4xunwrYcbx6S6QE5D/5eWAtwPLy/YopTPMaIoakts/Lo+3EvbAm9ho
xBj7NqC/672Gjem+nRrPpo0vuSTfG+GHgL5CDLwW/IWioVFuuyOj8HXLzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLdxfCvnipKSIoNMZ64vIHVj2KFHMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvdDNGOEstZUtrcElpZzB4bnJpOGdkV1BZb1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNoMA0G
CSqGSIb3DQEBCwUAA4IBAQBpjWr7Wohuwh/Kc5QE0VYAJmU0kI62k4Snln43QkXM
JJvXXN0bUKncbA+nfECUsI5n2yUChatgTMZ5hIUPNDClHRERZRWA4cIPOzQ1a5kB
o19eei03iGyalU0tlIjDIjVJu5rHVPSmlVC5+yg3VfsNP6Uq7Us2FgNEuU3PwhqD
y4VmKZCps4IlysalvFDjDV5FOykF6fzGPU+CVQnSDda/QUWULh5iMB5WLZyOvQlf
WrPXI3nB0pkHMSaQy/LDC8Ik0sFI8xK2QLkChU/mwkcI0j01ZUfgRRbHWy7CLBOE
o2DyFGcbgovWAgreAbuGfLu7qsXWCztEsdUBsJqLBw2l
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:25 2025 by rpki-client