Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/febe62-507b-49b1-b52c-e43667c252bc/1/xim0qb0HZLKGx_GM0hnBrz2bfG8.roa
File: xim0qb0HZLKGx_GM0hnBrz2bfG8.roa (raw, json)
Hash identifier: LRgXGpAeiuhxg2OVwF7xuk+Pk/FcUVGu5Wi8Hn4I/dw=
Subject key identifier: C6:29:B4:A9:BD:07:64:B2:86:C7:F1:8C:D2:19:C1:AF:3D:9B:7C:6F
Certificate issuer: /CN=b682306dc0a6f35a11b7ae6be61f5b1274f4868c
Certificate serial: 0185BE80072F9FA672C60988306C607A896C
Authority key identifier: B6:82:30:6D:C0:A6:F3:5A:11:B7:AE:6B:E6:1F:5B:12:74:F4:86:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toIwbcCm81oRt65r5h9bEnT0how.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/febe62-507b-49b1-b52c-e43667c252bc/1/xim0qb0HZLKGx_GM0hnBrz2bfG8.roa
Signing time: Tue 17 Jan 2023 06:52:19 +0000
ROA not before: Tue 17 Jan 2023 06:52:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 146.19.139.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:be:80:07:2f:9f:a6:72:c6:09:88:30:6c:60:7a:89:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b682306dc0a6f35a11b7ae6be61f5b1274f4868c
Validity
Not Before: Jan 17 06:52:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c629b4a9bd0764b286c7f18cd219c1af3d9b7c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:82:c0:60:f1:dd:66:11:5b:53:a9:d8:66:47:
86:81:36:9e:8d:7d:83:bb:95:3e:05:23:16:97:4d:
8e:fa:37:76:44:d5:f1:b5:00:8d:5d:d7:fa:63:31:
29:8c:64:6f:09:c1:6f:6f:c9:e4:82:7c:2f:9d:24:
2d:3d:75:48:52:8b:be:8f:14:2b:83:71:c7:8d:ad:
62:bf:b0:f9:07:ba:b3:e4:09:5f:1c:98:cf:ea:37:
a4:45:7c:7d:dc:0a:a8:d6:5d:fa:fa:20:ff:ba:ea:
3d:09:af:b9:25:59:db:71:0b:27:a6:24:7d:68:2d:
e9:2b:79:b6:ef:59:bd:d0:37:12:ed:d0:ad:db:cc:
00:b1:30:24:c3:db:78:55:16:9a:b2:49:b1:6a:a7:
bc:31:dc:62:50:2f:ea:cb:fe:5a:9d:18:a2:11:9c:
be:17:d8:03:9c:80:6c:95:d4:68:a8:2d:97:ed:ce:
d9:1a:0b:7c:98:19:69:85:b9:b7:da:79:9f:0f:6b:
22:27:96:99:32:59:9a:13:55:26:c4:06:db:dd:59:
54:fd:a9:af:2e:65:48:51:ae:5e:d3:66:c1:0e:ec:
51:ab:f3:eb:70:e7:bd:97:4b:a7:c5:df:68:1c:79:
64:6a:3c:99:84:e0:a9:a4:1b:1c:0d:cc:ce:af:4f:
30:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:29:B4:A9:BD:07:64:B2:86:C7:F1:8C:D2:19:C1:AF:3D:9B:7C:6F
X509v3 Authority Key Identifier:
keyid:B6:82:30:6D:C0:A6:F3:5A:11:B7:AE:6B:E6:1F:5B:12:74:F4:86:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toIwbcCm81oRt65r5h9bEnT0how.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/febe62-507b-49b1-b52c-e43667c252bc/1/xim0qb0HZLKGx_GM0hnBrz2bfG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/febe62-507b-49b1-b52c-e43667c252bc/1/toIwbcCm81oRt65r5h9bEnT0how.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.139.0/24
Signature Algorithm: sha256WithRSAEncryption
87:18:cb:8d:42:47:34:f8:06:fe:ba:bc:67:95:9c:57:00:ca:
05:cd:d9:9e:e3:7c:e7:ce:1d:7d:6c:01:36:9f:42:1e:35:13:
db:85:d6:a5:fa:72:b3:24:fc:1c:da:9c:3b:cf:bc:10:14:9e:
52:29:e4:e6:c3:d1:08:27:33:17:af:3d:9c:e2:7a:44:45:ed:
4c:bd:c8:4f:18:c2:1b:f6:cf:23:73:dc:b9:cb:b5:1d:ca:c1:
7d:76:64:50:0e:98:82:68:72:da:a3:29:b9:c8:33:e1:29:1b:
f1:ac:56:09:9b:d3:25:29:49:57:8d:2d:fd:f4:c7:19:01:da:
57:0f:53:56:98:d0:76:65:8e:cd:7d:23:67:c1:98:9f:d0:45:
d9:fb:78:4c:5f:9d:8c:b6:34:8d:61:6e:99:2e:79:38:da:24:
69:91:6d:a7:a5:4a:07:ae:be:2f:dc:ba:53:1c:c1:24:c6:12:
ba:ce:40:8d:61:20:af:93:4a:9e:44:cf:a9:0d:2d:23:70:11:
7f:f2:f8:fd:fa:07:63:6f:de:db:7a:55:8a:36:9e:df:9d:b0:
38:30:81:a8:df:8e:a3:d9:40:52:95:70:80:4f:d6:2b:31:f1:
51:38:23:ab:8e:a2:dd:3d:a3:3b:58:ec:08:5a:30:c7:95:33:
44:74:41:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYW+gAcvn6ZyxgmIMGxgeolsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ODIzMDZkYzBhNmYzNWExMWI3YWU2YmU2MWY1YjEyNzRm
NDg2OGMwHhcNMjMwMTE3MDY1MjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjI5YjRhOWJkMDc2NGIyODZjN2YxOGNkMjE5YzFhZjNkOWI3YzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYLAYPHdZhFbU6nYZkeGgTaejX2D
u5U+BSMWl02O+jd2RNXxtQCNXdf6YzEpjGRvCcFvb8nkgnwvnSQtPXVIUou+jxQr
g3HHja1iv7D5B7qz5AlfHJjP6jekRXx93Aqo1l36+iD/uuo9Ca+5JVnbcQsnpiR9
aC3pK3m271m90DcS7dCt28wAsTAkw9t4VRaaskmxaqe8MdxiUC/qy/5anRiiEZy+
F9gDnIBsldRoqC2X7c7ZGgt8mBlphbm32nmfD2siJ5aZMlmaE1UmxAbb3VlU/amv
LmVIUa5e02bBDuxRq/PrcOe9l0unxd9oHHlkajyZhOCppBscDczOr08w5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMYptKm9B2SyhsfxjNIZwa89m3xvMB8GA1UdIwQY
MBaAFLaCMG3ApvNaEbeua+YfWxJ09IaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG9Jd2JjQ204MW9SdDY1cjVoOWJFblQwaG93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9mZWJlNjItNTA3Yi00OWIxLWI1MmMt
ZTQzNjY3YzI1MmJjLzEveGltMHFiMEhaTEtHeF9HTTBobkJyejJiZkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9mZWJlNjItNTA3Yi00OWIxLWI1MmMtZTQzNjY3YzI1MmJj
LzEvdG9Jd2JjQ204MW9SdDY1cjVoOWJFblQwaG93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOLMA0G
CSqGSIb3DQEBCwUAA4IBAQCHGMuNQkc0+Ab+urxnlZxXAMoFzdme43znzh19bAE2
n0IeNRPbhdal+nKzJPwc2pw7z7wQFJ5SKeTmw9EIJzMXrz2c4npERe1MvchPGMIb
9s8jc9y5y7UdysF9dmRQDpiCaHLaoym5yDPhKRvxrFYJm9MlKUlXjS399McZAdpX
D1NWmNB2ZY7NfSNnwZif0EXZ+3hMX52MtjSNYW6ZLnk42iRpkW2npUoHrr4v3LpT
HMEkxhK6zkCNYSCvk0qeRM+pDS0jcBF/8vj9+gdjb97belWKNp7fnbA4MIGo346j
2UBSlXCAT9YrMfFROCOrjqLdPaM7WOwIWjDHlTNEdEGt
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:23 2025 by rpki-client