Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e0a8f4-864f-4cae-b4a8-a1e5ca179a75/1/2c8jRHrPrgsDOg3p8n8uo1zcrG0.roa
File: 2c8jRHrPrgsDOg3p8n8uo1zcrG0.roa (raw, json)
Hash identifier: PkjZxIFVYeCV1KuBZ092r0ZWLPL10GMk3yDajm56s94=
Subject key identifier: D9:CF:23:44:7A:CF:AE:0B:03:3A:0D:E9:F2:7F:2E:A3:5C:DC:AC:6D
Certificate issuer: /CN=f980c91ebf1096462a2b74469dc61cb4a3ac3d32
Certificate serial: 01856B9C6B17D91A64F8169640FEF54837F4
Authority key identifier: F9:80:C9:1E:BF:10:96:46:2A:2B:74:46:9D:C6:1C:B4:A3:AC:3D:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YDJHr8QlkYqK3RGncYctKOsPTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e0a8f4-864f-4cae-b4a8-a1e5ca179a75/1/2c8jRHrPrgsDOg3p8n8uo1zcrG0.roa
Signing time: Sun 01 Jan 2023 04:34:51 +0000
ROA not before: Sun 01 Jan 2023 04:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 146.19.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:9c:6b:17:d9:1a:64:f8:16:96:40:fe:f5:48:37:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f980c91ebf1096462a2b74469dc61cb4a3ac3d32
Validity
Not Before: Jan 1 04:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9cf23447acfae0b033a0de9f27f2ea35cdcac6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9c:f7:7a:bc:d5:2e:ab:50:52:ae:fb:b2:54:
22:7f:e4:f9:74:9e:19:9a:3a:71:e2:f7:c5:27:1e:
57:4e:01:73:f6:27:3f:24:18:ec:11:a5:00:a2:8d:
02:f1:7f:ac:b4:de:e9:0c:8b:3b:dd:66:53:08:22:
4f:66:c9:92:f8:9c:dc:da:d4:34:43:22:1b:39:80:
12:32:58:c2:1f:59:c7:59:c3:e0:85:ee:c4:04:20:
0a:7e:07:35:d0:19:25:5d:61:97:8e:f0:7c:87:09:
57:b7:df:1d:a8:2f:5b:7c:09:5b:27:fa:6c:57:66:
7d:9f:21:02:ef:b4:28:55:31:90:56:13:68:f1:c8:
cd:68:e5:fd:1e:09:39:ef:b1:05:d2:75:9a:b7:ca:
b9:10:3b:f4:97:0f:6e:50:9a:93:f1:88:48:b7:87:
2b:64:5c:aa:7d:41:85:3d:24:8d:1e:01:e1:94:fc:
95:d5:e7:db:9a:b1:8e:67:fa:f8:0a:a3:57:5d:02:
35:cf:8f:30:cb:17:6a:3b:3a:87:14:43:ba:07:d0:
4a:77:d2:73:87:00:0a:f1:47:61:24:10:f8:cf:e7:
72:29:f8:62:6c:17:84:de:5e:c9:68:ce:24:cc:21:
07:c1:4c:5b:2b:71:d1:c8:06:f1:34:5e:43:a1:37:
68:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:CF:23:44:7A:CF:AE:0B:03:3A:0D:E9:F2:7F:2E:A3:5C:DC:AC:6D
X509v3 Authority Key Identifier:
keyid:F9:80:C9:1E:BF:10:96:46:2A:2B:74:46:9D:C6:1C:B4:A3:AC:3D:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YDJHr8QlkYqK3RGncYctKOsPTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e0a8f4-864f-4cae-b4a8-a1e5ca179a75/1/2c8jRHrPrgsDOg3p8n8uo1zcrG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e0a8f4-864f-4cae-b4a8-a1e5ca179a75/1/1-YDJHr8QlkYqK3RGncYctKOsPTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.20.0/24
Signature Algorithm: sha256WithRSAEncryption
21:17:20:08:e8:6f:7d:02:0a:1f:76:76:36:d3:fe:f1:10:79:
3f:fb:ec:eb:0d:cb:9b:52:52:3a:4b:ae:8c:81:3b:21:7b:3f:
7e:e8:50:6c:b8:af:88:36:54:d0:cb:69:4e:10:f2:06:cf:3b:
f2:8c:6f:90:d2:56:f7:96:4b:f4:e9:a3:4e:0d:3d:1f:e5:0c:
f4:f0:73:a3:cc:6e:2c:e8:32:a8:5a:d0:e6:64:6a:7b:5e:05:
a3:31:ff:8d:87:06:ef:ec:54:6a:54:0b:fa:5b:38:42:99:b5:
20:af:0d:bd:9e:88:af:be:74:ff:a4:9f:9e:9f:bb:98:96:db:
17:10:c2:6f:6d:f6:0e:c2:84:83:a8:5d:5e:12:19:40:14:08:
0d:aa:5b:73:dd:df:ea:77:9a:3c:e6:84:17:1a:e7:fe:1d:bc:
93:cb:95:ae:32:30:ee:22:63:a0:15:2b:6f:ff:79:70:87:c5:
a8:6c:2d:b3:9a:5e:2b:79:3c:05:0c:70:76:5e:bb:ab:67:58:
40:c3:ce:df:36:95:d0:e6:56:d3:3d:44:d5:3b:ec:b0:f3:28:
8a:14:79:6a:07:da:2b:78:bc:2f:8d:99:52:5b:74:d9:64:ed:
1a:ed:20:c0:09:cb:d5:a0:36:dd:15:5e:12:4c:41:57:e9:52:
50:bd:68:52
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVrnGsX2Rpk+BaWQP71SDf0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODBjOTFlYmYxMDk2NDYyYTJiNzQ0NjlkYzYxY2I0YTNh
YzNkMzIwHhcNMjMwMTAxMDQzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWNmMjM0NDdhY2ZhZTBiMDMzYTBkZTlmMjdmMmVhMzVjZGNhYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJz3erzVLqtQUq77slQif+T5dJ4Z
mjpx4vfFJx5XTgFz9ic/JBjsEaUAoo0C8X+stN7pDIs73WZTCCJPZsmS+Jzc2tQ0
QyIbOYASMljCH1nHWcPghe7EBCAKfgc10BklXWGXjvB8hwlXt98dqC9bfAlbJ/ps
V2Z9nyEC77QoVTGQVhNo8cjNaOX9Hgk577EF0nWat8q5EDv0lw9uUJqT8YhIt4cr
ZFyqfUGFPSSNHgHhlPyV1efbmrGOZ/r4CqNXXQI1z48wyxdqOzqHFEO6B9BKd9Jz
hwAK8UdhJBD4z+dyKfhibBeE3l7JaM4kzCEHwUxbK3HRyAbxNF5DoTdo7QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNnPI0R6z64LAzoN6fJ/LqNc3KxtMB8GA1UdIwQY
MBaAFPmAyR6/EJZGKit0Rp3GHLSjrD0yMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZREpIcjhRbGtZcUszUkduY1ljdEtPc1BUSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAvZTBhOGY0LTg2NGYtNGNhZS1iNGE4
LWExZTVjYTE3OWE3NS8xLzJjOGpSSHJQcmdzRE9nM3A4bjh1bzF6Y3JHMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODAvZTBhOGY0LTg2NGYtNGNhZS1iNGE4LWExZTVjYTE3OWE3
NS8xLzEtWURKSHI4UWxrWXFLM1JHbmNZY3RLT3NQVEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACSExQw
DQYJKoZIhvcNAQELBQADggEBACEXIAjob30CCh92djbT/vEQeT/77OsNy5tSUjpL
royBOyF7P37oUGy4r4g2VNDLaU4Q8gbPO/KMb5DSVveWS/Tpo04NPR/lDPTwc6PM
bizoMqha0OZkanteBaMx/42HBu/sVGpUC/pbOEKZtSCvDb2eiK++dP+kn56fu5iW
2xcQwm9t9g7ChIOoXV4SGUAUCA2qW3Pd3+p3mjzmhBca5/4dvJPLla4yMO4iY6AV
K2//eXCHxahsLbOaXit5PAUMcHZeu6tnWEDDzt82ldDmVtM9RNU77LDzKIoUeWoH
2it4vC+NmVJbdNlk7RrtIMAJy9WgNt0VXhJMQVfpUlC9aFI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:48 2025 by rpki-client