Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/dc2ed1-e167-4508-881a-22225c3b6ef0/1/vJ_QlgSG1-QdtDpdMCRCHJdyDA8.roa
File: vJ_QlgSG1-QdtDpdMCRCHJdyDA8.roa (raw, json)
Hash identifier: cCyYG/EltxrUoC4nReEX3JS+M+elKAf2+fE6upLE6PA=
Subject key identifier: BC:9F:D0:96:04:86:D7:E4:1D:B4:3A:5D:30:24:42:1C:97:72:0C:0F
Certificate issuer: /CN=3a6c747d0a6e50fb9f79fc7f3a3d0b58b5ec3674
Certificate serial: 018CC7274EBE7B645C5A79118604D7BE1BD3
Authority key identifier: 3A:6C:74:7D:0A:6E:50:FB:9F:79:FC:7F:3A:3D:0B:58:B5:EC:36:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Omx0fQpuUPufefx_Oj0LWLXsNnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/dc2ed1-e167-4508-881a-22225c3b6ef0/1/vJ_QlgSG1-QdtDpdMCRCHJdyDA8.roa
Signing time: Mon 01 Jan 2024 22:31:31 +0000
ROA not before: Mon 01 Jan 2024 22:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207937
IP address blocks: 146.19.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:4e:be:7b:64:5c:5a:79:11:86:04:d7:be:1b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a6c747d0a6e50fb9f79fc7f3a3d0b58b5ec3674
Validity
Not Before: Jan 1 22:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc9fd0960486d7e41db43a5d3024421c97720c0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9b:57:b6:02:7d:36:44:81:aa:0d:d1:96:5a:
8b:fa:f9:08:f3:d5:f5:3a:24:67:48:6b:6d:b5:53:
75:2d:e7:9b:e5:0a:a7:70:ac:6d:07:9f:5e:1b:45:
37:c9:ae:67:a4:19:b5:46:b9:16:63:7b:45:72:7a:
e4:14:f1:61:be:d7:3e:7f:08:b0:7f:74:b9:95:30:
e9:89:ac:4d:fb:cd:a2:23:87:59:7a:b5:12:39:75:
58:11:82:78:e8:e9:89:c4:06:07:4b:22:74:91:27:
bf:f3:72:7c:84:a9:0b:a8:1e:de:77:1e:5f:9e:df:
98:29:d5:95:52:f8:6a:bd:ef:cb:23:97:59:ef:45:
52:da:92:dc:3a:f0:a7:53:00:b7:0b:a2:52:01:86:
27:ce:b9:07:11:9e:0a:62:86:2e:98:67:7a:d8:f5:
55:3c:d5:e7:cf:7a:4f:71:df:21:e7:0e:78:74:4f:
9b:d7:24:71:cd:bf:d7:ac:b3:60:94:f7:bf:9c:9f:
5e:74:99:6a:70:55:49:1a:7c:53:b2:ee:6a:05:b5:
ac:be:94:1c:3b:d9:05:a1:02:f1:5e:ea:b5:74:37:
c7:14:b7:bb:d2:1e:ba:f6:df:ac:63:7b:a3:7a:a4:
b1:fd:41:b1:0e:88:ca:14:d7:55:30:73:59:49:07:
92:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:9F:D0:96:04:86:D7:E4:1D:B4:3A:5D:30:24:42:1C:97:72:0C:0F
X509v3 Authority Key Identifier:
keyid:3A:6C:74:7D:0A:6E:50:FB:9F:79:FC:7F:3A:3D:0B:58:B5:EC:36:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Omx0fQpuUPufefx_Oj0LWLXsNnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/dc2ed1-e167-4508-881a-22225c3b6ef0/1/vJ_QlgSG1-QdtDpdMCRCHJdyDA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/dc2ed1-e167-4508-881a-22225c3b6ef0/1/Omx0fQpuUPufefx_Oj0LWLXsNnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.222.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:82:5f:a4:84:5f:ee:89:b2:09:bb:87:4c:4a:8f:fb:cb:bb:
16:1b:b7:ea:fe:bd:90:2b:1a:9a:28:da:e4:53:7d:56:91:a8:
d7:99:4c:cc:5a:8f:99:3d:1f:dd:8c:a0:8f:ac:b1:d3:00:40:
70:1b:1d:38:fb:ad:bc:c3:70:de:03:84:93:1a:ba:d3:90:a5:
e4:44:f4:66:a8:1f:5a:a3:cb:f3:04:cc:ae:05:d1:14:87:ec:
f5:01:de:a2:e9:3f:d2:15:fe:d0:81:d1:03:85:87:10:02:af:
fe:e5:38:a3:3b:e6:a7:b3:94:84:5c:a9:1d:13:ee:cc:af:4a:
cc:1a:fd:8a:b3:01:1d:a2:95:4f:ff:20:bf:96:2c:09:f8:24:
f4:86:39:ef:bd:ed:ab:b7:29:cb:4c:00:0f:d0:05:61:12:7d:
cc:b8:41:de:52:de:fc:95:12:82:2c:6a:e0:09:a1:d8:a9:9b:
94:8a:01:f2:e8:44:0f:89:9a:0e:62:ab:ce:f8:0b:58:6c:fa:
41:5a:13:f9:85:f5:37:da:05:77:3d:15:a2:fe:9f:e6:46:1e:
27:ac:c6:3d:12:d8:02:67:95:a0:17:0e:f7:96:f2:f9:0f:fa:
4a:72:5c:f8:25:98:cd:bc:3f:5d:27:1f:c4:32:f7:89:02:73:
57:c4:13:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ06+e2RcWnkRhgTXvhvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNmM3NDdkMGE2ZTUwZmI5Zjc5ZmM3ZjNhM2QwYjU4YjVl
YzM2NzQwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzlmZDA5NjA0ODZkN2U0MWRiNDNhNWQzMDI0NDIxYzk3NzIwYzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJtXtgJ9NkSBqg3RllqL+vkI89X1
OiRnSGtttVN1Leeb5QqncKxtB59eG0U3ya5npBm1RrkWY3tFcnrkFPFhvtc+fwiw
f3S5lTDpiaxN+82iI4dZerUSOXVYEYJ46OmJxAYHSyJ0kSe/83J8hKkLqB7edx5f
nt+YKdWVUvhqve/LI5dZ70VS2pLcOvCnUwC3C6JSAYYnzrkHEZ4KYoYumGd62PVV
PNXnz3pPcd8h5w54dE+b1yRxzb/XrLNglPe/nJ9edJlqcFVJGnxTsu5qBbWsvpQc
O9kFoQLxXuq1dDfHFLe70h669t+sY3ujeqSx/UGxDojKFNdVMHNZSQeSuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLyf0JYEhtfkHbQ6XTAkQhyXcgwPMB8GA1UdIwQY
MBaAFDpsdH0KblD7n3n8fzo9C1i17DZ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT214MGZRcHVVUHVmZWZ4X09qMExXTFhzTm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9kYzJlZDEtZTE2Ny00NTA4LTg4MWEt
MjIyMjVjM2I2ZWYwLzEvdkpfUWxnU0cxLVFkdERwZE1DUkNISmR5REE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9kYzJlZDEtZTE2Ny00NTA4LTg4MWEtMjIyMjVjM2I2ZWYw
LzEvT214MGZRcHVVUHVmZWZ4X09qMExXTFhzTm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPeMA0G
CSqGSIb3DQEBCwUAA4IBAQB6gl+khF/uibIJu4dMSo/7y7sWG7fq/r2QKxqaKNrk
U31WkajXmUzMWo+ZPR/djKCPrLHTAEBwGx04+628w3DeA4STGrrTkKXkRPRmqB9a
o8vzBMyuBdEUh+z1Ad6i6T/SFf7QgdEDhYcQAq/+5TijO+ans5SEXKkdE+7Mr0rM
Gv2KswEdopVP/yC/liwJ+CT0hjnvve2rtynLTAAP0AVhEn3MuEHeUt78lRKCLGrg
CaHYqZuUigHy6EQPiZoOYqvO+AtYbPpBWhP5hfU32gV3PRWi/p/mRh4nrMY9EtgC
Z5WgFw73lvL5D/pKclz4JZjNvD9dJx/EMveJAnNXxBN0
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:57 2025 by rpki-client