Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/96937c-89c6-41dd-a7ad-d7f672e90a2e/1/XLbD0X_tDPIfyYzv42IsCJQCGiU.roa
File: XLbD0X_tDPIfyYzv42IsCJQCGiU.roa (raw, json)
Hash identifier: vAe6FG5K5ysfyKtO0d3+3cQSGtytjZxHz/X/ydRLcAg=
Subject key identifier: 5C:B6:C3:D1:7F:ED:0C:F2:1F:C9:8C:EF:E3:62:2C:08:94:02:1A:25
Certificate issuer: /CN=e2a1bfcd9a43a0938ac213482731e5ea584890c0
Certificate serial: 01856E01F2C03C683F2E75B7374742727836
Authority key identifier: E2:A1:BF:CD:9A:43:A0:93:8A:C2:13:48:27:31:E5:EA:58:48:90:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4qG_zZpDoJOKwhNIJzHl6lhIkMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/96937c-89c6-41dd-a7ad-d7f672e90a2e/1/XLbD0X_tDPIfyYzv42IsCJQCGiU.roa
Signing time: Sun 01 Jan 2023 15:44:59 +0000
ROA not before: Sun 01 Jan 2023 15:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213373
IP address blocks: 146.19.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:f2:c0:3c:68:3f:2e:75:b7:37:47:42:72:78:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2a1bfcd9a43a0938ac213482731e5ea584890c0
Validity
Not Before: Jan 1 15:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cb6c3d17fed0cf21fc98cefe3622c0894021a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2e:68:3e:a0:ec:d8:8a:bd:8f:16:5e:b8:f2:
a4:9d:3d:69:f5:9c:d1:9a:11:11:b1:f8:da:6f:e8:
a5:a9:7a:ef:69:fd:d0:8e:6d:ea:2d:15:8c:b1:8b:
24:d7:08:a4:4d:52:61:64:eb:28:c0:c8:2f:e9:ee:
35:31:99:64:58:fc:82:96:eb:2d:f8:cf:93:0e:87:
ae:b3:7b:ff:2d:3a:56:ed:e3:85:1f:96:b8:c2:71:
09:d6:ea:d3:c1:a2:33:8f:6f:ec:ce:10:ad:9d:dc:
98:6f:93:ad:be:9d:bb:c5:b1:d8:99:7f:26:dd:4b:
9c:29:a8:87:9a:61:45:68:4b:6a:a7:86:17:a9:cb:
ef:99:60:8c:34:14:61:cd:22:b9:b4:7d:96:b2:cd:
53:be:a3:1d:d5:9e:88:8b:5d:53:a4:09:7b:2a:f0:
80:2a:43:d9:80:c3:07:b1:83:39:ae:f2:af:c9:43:
34:e1:cf:90:e2:01:27:80:3b:39:f3:5d:79:b6:0e:
ad:8c:ea:f7:0b:0d:ae:d9:19:d1:21:af:82:22:e7:
3f:2a:a4:2b:1a:f8:2a:d8:05:84:43:74:9f:69:ab:
cd:e2:de:52:22:fc:21:31:6f:79:83:d4:4d:57:43:
8a:07:d4:40:b4:08:7a:da:a9:1a:85:d3:0b:02:09:
b8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B6:C3:D1:7F:ED:0C:F2:1F:C9:8C:EF:E3:62:2C:08:94:02:1A:25
X509v3 Authority Key Identifier:
keyid:E2:A1:BF:CD:9A:43:A0:93:8A:C2:13:48:27:31:E5:EA:58:48:90:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4qG_zZpDoJOKwhNIJzHl6lhIkMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/96937c-89c6-41dd-a7ad-d7f672e90a2e/1/XLbD0X_tDPIfyYzv42IsCJQCGiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/96937c-89c6-41dd-a7ad-d7f672e90a2e/1/4qG_zZpDoJOKwhNIJzHl6lhIkMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.253.0/24
Signature Algorithm: sha256WithRSAEncryption
72:47:d3:1b:6a:98:fd:d4:b7:37:b9:14:8e:7e:ce:04:0a:b6:
d5:3e:91:2c:e9:62:c3:e5:43:6e:59:e8:f3:31:2e:70:25:e3:
f2:77:d8:a6:07:10:78:24:29:43:91:e1:ed:20:5a:6f:17:9d:
f6:42:b5:19:65:65:0a:50:44:3c:e0:be:87:c0:7a:ac:02:9a:
06:9c:bd:d1:12:30:99:1b:ce:f4:c7:92:26:dd:d0:49:40:d4:
e7:d0:5d:69:c6:19:e8:09:d5:e2:6d:48:16:0d:88:cc:c9:ed:
d3:fa:04:2b:5b:b8:9b:0e:2a:2c:ac:8c:94:48:62:68:60:8d:
b6:68:a4:38:e1:18:af:31:71:79:fc:15:14:ba:43:af:e7:d7:
99:82:e9:f4:64:0d:0f:b9:ea:01:84:97:ab:6f:04:d8:8a:dc:
cb:96:74:f1:06:30:a9:4a:2f:61:a7:17:26:44:43:a9:0e:0b:
8d:14:8c:a2:4f:3d:9a:62:b7:3c:a9:5e:b5:92:0f:27:df:36:
04:13:39:92:08:a0:30:0b:b8:20:99:19:fb:29:72:70:04:ac:
b8:07:ac:2b:b8:07:90:f7:42:7a:e5:ec:ee:a5:70:37:04:29:
ad:b0:8f:26:0d:2f:6e:d7:8d:e6:a5:58:f6:42:40:6b:9a:8e:
df:5b:da:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAfLAPGg/LnW3N0dCcng2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYTFiZmNkOWE0M2EwOTM4YWMyMTM0ODI3MzFlNWVhNTg0
ODkwYzAwHhcNMjMwMTAxMTU0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2I2YzNkMTdmZWQwY2YyMWZjOThjZWZlMzYyMmMwODk0MDIxYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy5oPqDs2Iq9jxZeuPKknT1p9ZzR
mhERsfjab+ilqXrvaf3Qjm3qLRWMsYsk1wikTVJhZOsowMgv6e41MZlkWPyClust
+M+TDoeus3v/LTpW7eOFH5a4wnEJ1urTwaIzj2/szhCtndyYb5Otvp27xbHYmX8m
3UucKaiHmmFFaEtqp4YXqcvvmWCMNBRhzSK5tH2Wss1TvqMd1Z6Ii11TpAl7KvCA
KkPZgMMHsYM5rvKvyUM04c+Q4gEngDs58115tg6tjOr3Cw2u2RnRIa+CIuc/KqQr
Gvgq2AWEQ3SfaavN4t5SIvwhMW95g9RNV0OKB9RAtAh62qkahdMLAgm48wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFy2w9F/7QzyH8mM7+NiLAiUAholMB8GA1UdIwQY
MBaAFOKhv82aQ6CTisITSCcx5epYSJDAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHFHX3pacERvSk9Ld2hOSUp6SGw2bGhJa01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NjkzN2MtODljNi00MWRkLWE3YWQt
ZDdmNjcyZTkwYTJlLzEvWExiRDBYX3REUElmeVl6djQySXNDSlFDR2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NjkzN2MtODljNi00MWRkLWE3YWQtZDdmNjcyZTkwYTJl
LzEvNHFHX3pacERvSk9Ld2hOSUp6SGw2bGhJa01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP9MA0G
CSqGSIb3DQEBCwUAA4IBAQByR9Mbapj91Lc3uRSOfs4ECrbVPpEs6WLD5UNuWejz
MS5wJePyd9imBxB4JClDkeHtIFpvF532QrUZZWUKUEQ84L6HwHqsApoGnL3REjCZ
G870x5Im3dBJQNTn0F1pxhnoCdXibUgWDYjMye3T+gQrW7ibDiosrIyUSGJoYI22
aKQ44RivMXF5/BUUukOv59eZgun0ZA0PueoBhJerbwTYitzLlnTxBjCpSi9hpxcm
REOpDguNFIyiTz2aYrc8qV61kg8n3zYEEzmSCKAwC7ggmRn7KXJwBKy4B6wruAeQ
90J65ezupXA3BCmtsI8mDS9u143mpVj2QkBrmo7fW9ok
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:43:33 2025 by rpki-client