Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/tMkgfMxOavL7AWHmkH9Qsf07dCM.roa
File: tMkgfMxOavL7AWHmkH9Qsf07dCM.roa (raw, json)
Hash identifier: mYBhFG/2DbL+mq2HBEsd3aLmb6bkf/kecy1hsqIjuu8=
Subject key identifier: B4:C9:20:7C:CC:4E:6A:F2:FB:01:61:E6:90:7F:50:B1:FD:3B:74:23
Certificate issuer: /CN=b520449d4455cf789c64ea63cbf48fc3bb2c766a
Certificate serial: 018BC9BF453413C32A362EC249471863C16B
Authority key identifier: B5:20:44:9D:44:55:CF:78:9C:64:EA:63:CB:F4:8F:C3:BB:2C:76:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSBEnURVz3icZOpjy_SPw7ssdmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/tMkgfMxOavL7AWHmkH9Qsf07dCM.roa
Signing time: Mon 13 Nov 2023 17:33:57 +0000
ROA not before: Mon 13 Nov 2023 17:33:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212030
IP address blocks: 176.53.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:bf:45:34:13:c3:2a:36:2e:c2:49:47:18:63:c1:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b520449d4455cf789c64ea63cbf48fc3bb2c766a
Validity
Not Before: Nov 13 17:33:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4c9207ccc4e6af2fb0161e6907f50b1fd3b7423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1f:ed:71:ec:d0:9e:d5:1d:c3:9a:df:57:51:
a7:e5:b0:40:e1:bd:64:75:ac:44:3a:b6:05:db:fb:
e6:ed:96:19:5d:0a:40:5c:ff:ed:34:90:3f:e7:80:
f0:04:d1:f7:de:ad:63:7f:7d:b2:3f:54:0a:44:0f:
3a:18:23:33:61:d7:be:cb:4d:22:85:c1:fc:d5:64:
e9:29:3e:18:1f:bc:8d:59:4d:7a:66:ce:b5:4e:21:
d0:5e:4a:d0:17:2f:c3:a5:b6:79:a1:6f:32:d4:a2:
e4:61:89:60:6e:0a:71:f6:ec:15:66:68:98:d6:f2:
19:00:9f:2c:90:44:03:a0:46:d9:dd:16:9e:f0:90:
e3:59:cc:d1:5e:b0:d3:e4:ad:71:7e:0d:28:c1:d2:
c6:cd:c7:aa:22:a8:6d:48:8f:6f:c1:d3:9c:92:06:
e4:d1:86:8e:09:71:0b:51:f5:40:5a:b3:fa:91:d5:
c1:32:41:b9:52:0a:8f:56:3b:b8:98:ba:aa:92:dc:
4c:ab:43:27:3e:db:74:6f:89:ea:19:0d:70:84:e4:
61:56:98:d7:6b:81:ac:61:54:f8:ca:91:9c:86:c9:
74:5e:4b:7f:4d:b8:09:e5:ba:53:34:7d:a4:0e:c8:
6f:78:14:0b:3e:a9:86:aa:2e:b8:32:86:59:e2:db:
6e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C9:20:7C:CC:4E:6A:F2:FB:01:61:E6:90:7F:50:B1:FD:3B:74:23
X509v3 Authority Key Identifier:
keyid:B5:20:44:9D:44:55:CF:78:9C:64:EA:63:CB:F4:8F:C3:BB:2C:76:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSBEnURVz3icZOpjy_SPw7ssdmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/tMkgfMxOavL7AWHmkH9Qsf07dCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/f0d5e7-edb6-42ad-8482-a14d85f995cb/1/tSBEnURVz3icZOpjy_SPw7ssdmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.146.0/24
Signature Algorithm: sha256WithRSAEncryption
48:f2:1c:39:11:36:c0:4c:a1:77:a8:ba:e0:5a:09:94:8b:48:
8d:06:fa:4b:4e:f4:e8:11:07:db:61:14:b7:22:32:ee:06:ea:
23:46:05:1c:19:e0:0d:96:ed:cf:9d:5d:44:b5:84:35:fc:c1:
bb:12:9f:af:b4:e6:2d:aa:ed:c0:5b:07:41:a7:28:75:33:c5:
28:56:c1:1b:61:00:a6:77:bc:72:c2:74:fb:7c:f7:5d:cf:76:
6b:df:7f:b9:e5:a9:b7:6a:07:6e:98:75:ec:d2:de:a9:9e:6d:
1a:ed:bf:a5:f2:01:45:e1:6e:21:4a:48:db:d2:67:7a:20:6f:
ec:08:1c:b0:69:40:fc:64:93:6e:8f:df:2b:c0:fb:8a:91:50:
b4:ef:64:3c:8d:32:44:57:18:1a:66:ee:05:ae:b4:0b:d8:9f:
22:f4:8a:70:47:33:e8:fd:5e:5f:65:a0:30:ba:94:fe:f8:13:
18:53:44:50:f1:1e:2f:65:56:82:0a:16:6e:93:62:ee:69:9a:
13:64:99:86:e9:3e:c2:7f:2a:35:52:bc:1a:04:e5:9a:b5:f7:
1b:f5:63:74:44:0c:8a:81:1a:8c:a2:ef:4b:c5:5c:a0:01:38:
36:1c:5e:20:4b:e8:5e:5b:44:fd:69:dd:8b:97:34:4e:e9:e6:
f4:a4:f0:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvJv0U0E8MqNi7CSUcYY8FrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MjA0NDlkNDQ1NWNmNzg5YzY0ZWE2M2NiZjQ4ZmMzYmIy
Yzc2NmEwHhcNMjMxMTEzMTczMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGM5MjA3Y2NjNGU2YWYyZmIwMTYxZTY5MDdmNTBiMWZkM2I3NDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB/tcezQntUdw5rfV1Gn5bBA4b1k
daxEOrYF2/vm7ZYZXQpAXP/tNJA/54DwBNH33q1jf32yP1QKRA86GCMzYde+y00i
hcH81WTpKT4YH7yNWU16Zs61TiHQXkrQFy/DpbZ5oW8y1KLkYYlgbgpx9uwVZmiY
1vIZAJ8skEQDoEbZ3Rae8JDjWczRXrDT5K1xfg0owdLGzceqIqhtSI9vwdOckgbk
0YaOCXELUfVAWrP6kdXBMkG5UgqPVju4mLqqktxMq0MnPtt0b4nqGQ1whORhVpjX
a4GsYVT4ypGchsl0Xkt/TbgJ5bpTNH2kDshveBQLPqmGqi64MoZZ4ttuoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTJIHzMTmry+wFh5pB/ULH9O3QjMB8GA1UdIwQY
MBaAFLUgRJ1EVc94nGTqY8v0j8O7LHZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFNCRW5VUlZ6M2ljWk9wanlfU1B3N3NzZG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9mMGQ1ZTctZWRiNi00MmFkLTg0ODIt
YTE0ZDg1Zjk5NWNiLzEvdE1rZ2ZNeE9hdkw3QVdIbWtIOVFzZjA3ZENNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9mMGQ1ZTctZWRiNi00MmFkLTg0ODItYTE0ZDg1Zjk5NWNi
LzEvdFNCRW5VUlZ6M2ljWk9wanlfU1B3N3NzZG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDWSMA0G
CSqGSIb3DQEBCwUAA4IBAQBI8hw5ETbATKF3qLrgWgmUi0iNBvpLTvToEQfbYRS3
IjLuBuojRgUcGeANlu3PnV1EtYQ1/MG7Ep+vtOYtqu3AWwdBpyh1M8UoVsEbYQCm
d7xywnT7fPddz3Zr33+55am3agdumHXs0t6pnm0a7b+l8gFF4W4hSkjb0md6IG/s
CBywaUD8ZJNuj98rwPuKkVC072Q8jTJEVxgaZu4FrrQL2J8i9IpwRzPo/V5fZaAw
upT++BMYU0RQ8R4vZVaCChZuk2LuaZoTZJmG6T7Cfyo1UrwaBOWatfcb9WN0RAyK
gRqMou9LxVygATg2HF4gS+heW0T9ad2LlzRO6eb0pPCn
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:12:55 2025 by rpki-client