Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/7de221-e3be-456d-91f4-b14b7cf70d2f/1/L3JNovBKFDId1vp6DewfmCVfoGo.roa
File: L3JNovBKFDId1vp6DewfmCVfoGo.roa (raw, json)
Hash identifier: qs/W6AG/A9GiIueAN4vuvfHGTDKUa0hQAqxI6+ap4fA=
Subject key identifier: 2F:72:4D:A2:F0:4A:14:32:1D:D6:FA:7A:0D:EC:1F:98:25:5F:A0:6A
Certificate issuer: /CN=02edfcfb335c9d76888d81b73ecd8a40bafecffc
Certificate serial: 018A9C52DA434B65A960069D4DC1C4D33DD3
Authority key identifier: 02:ED:FC:FB:33:5C:9D:76:88:8D:81:B7:3E:CD:8A:40:BA:FE:CF:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Au38-zNcnXaIjYG3Ps2KQLr-z_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/7de221-e3be-456d-91f4-b14b7cf70d2f/1/L3JNovBKFDId1vp6DewfmCVfoGo.roa
Signing time: Sat 16 Sep 2023 04:49:50 +0000
ROA not before: Sat 16 Sep 2023 04:49:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 146.19.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9c:52:da:43:4b:65:a9:60:06:9d:4d:c1:c4:d3:3d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02edfcfb335c9d76888d81b73ecd8a40bafecffc
Validity
Not Before: Sep 16 04:49:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f724da2f04a14321dd6fa7a0dec1f98255fa06a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d1:4f:ed:48:06:3f:f9:18:9b:19:40:b2:3d:
82:c5:95:57:dc:27:83:1b:41:ca:16:95:00:a6:fd:
f4:5c:d5:d2:f9:fc:64:93:f6:23:c2:ca:a1:15:a8:
32:3d:7e:c7:0f:80:1a:0a:35:20:f8:eb:34:dd:67:
e6:bc:8d:9c:32:78:32:48:0d:f3:52:4d:c2:ba:71:
06:70:be:2b:43:68:9b:77:af:19:a5:bf:f6:a7:67:
af:dc:d0:c3:21:2a:99:cb:49:36:33:b5:04:17:20:
e0:7d:f8:bd:0b:6d:b8:28:2e:a3:2f:b6:b3:e8:71:
58:12:9b:ea:5d:7d:59:5b:af:2b:90:6b:65:e6:b9:
3b:a8:49:20:d3:4e:7c:6a:7f:2d:3c:3a:50:24:26:
f7:81:3e:e7:6f:7b:c8:3d:7e:44:6d:fb:9e:fd:e7:
5d:18:5a:de:e2:78:84:a7:44:7a:f6:be:01:f5:d1:
df:2b:85:3a:12:6d:6e:8f:29:c7:dd:f6:4b:45:15:
aa:f2:24:f2:5f:11:4a:46:07:c3:17:40:46:81:0e:
7b:4e:99:58:3a:32:dd:48:12:e0:64:7d:6a:d8:d3:
20:07:a6:6f:f2:b1:94:6b:55:4b:42:88:10:98:32:
d2:03:65:2c:af:e2:e9:9c:86:89:0b:76:60:b4:0f:
c4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:72:4D:A2:F0:4A:14:32:1D:D6:FA:7A:0D:EC:1F:98:25:5F:A0:6A
X509v3 Authority Key Identifier:
keyid:02:ED:FC:FB:33:5C:9D:76:88:8D:81:B7:3E:CD:8A:40:BA:FE:CF:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Au38-zNcnXaIjYG3Ps2KQLr-z_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/7de221-e3be-456d-91f4-b14b7cf70d2f/1/L3JNovBKFDId1vp6DewfmCVfoGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/7de221-e3be-456d-91f4-b14b7cf70d2f/1/Au38-zNcnXaIjYG3Ps2KQLr-z_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.204.0/24
Signature Algorithm: sha256WithRSAEncryption
17:0c:dc:58:c0:ee:c3:2a:ab:d2:71:f4:b5:15:88:61:0a:5e:
ac:f4:88:89:71:11:65:51:23:fe:bb:44:3a:b3:b8:c0:05:0a:
5b:9c:95:65:01:40:a7:ba:5d:b0:82:ec:fe:8e:d3:a5:69:6b:
68:be:b3:f3:c4:15:b5:85:89:a0:fe:81:9c:fb:b0:0f:db:01:
90:bb:52:94:c1:75:27:68:af:c4:47:b9:90:9a:e7:bf:95:ed:
67:7b:71:e0:8d:0b:e5:4b:6c:df:d0:2f:91:ee:6d:54:c9:57:
3b:c8:76:13:5c:2d:2b:de:57:83:b5:59:ae:58:a1:e9:88:3d:
f7:b6:b0:77:aa:fa:54:a5:62:c5:08:c6:fd:f3:dd:68:44:3e:
71:29:39:71:b9:df:95:80:b7:65:18:f0:e7:ce:4b:c8:fb:b2:
0d:93:3d:b8:72:a6:19:e4:84:9d:31:12:35:02:34:94:50:7c:
be:c9:90:1b:57:76:fe:62:c6:2d:66:24:39:1a:dd:bb:0a:0c:
91:d9:f7:92:0d:ca:36:37:9d:8d:9d:e6:61:ee:9f:31:72:9d:
29:e3:bb:6c:e8:32:bc:74:84:25:49:4c:32:01:6a:6e:64:53:
ed:fc:3b:dd:fd:8f:d1:ab:58:fa:c1:d1:e8:8a:d5:4a:f7:db:
fc:db:dc:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqcUtpDS2WpYAadTcHE0z3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZWRmY2ZiMzM1YzlkNzY4ODhkODFiNzNlY2Q4YTQwYmFm
ZWNmZmMwHhcNMjMwOTE2MDQ0OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjcyNGRhMmYwNGExNDMyMWRkNmZhN2EwZGVjMWY5ODI1NWZhMDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9FP7UgGP/kYmxlAsj2CxZVX3CeD
G0HKFpUApv30XNXS+fxkk/YjwsqhFagyPX7HD4AaCjUg+Os03WfmvI2cMngySA3z
Uk3CunEGcL4rQ2ibd68Zpb/2p2ev3NDDISqZy0k2M7UEFyDgffi9C224KC6jL7az
6HFYEpvqXX1ZW68rkGtl5rk7qEkg0058an8tPDpQJCb3gT7nb3vIPX5Ebfue/edd
GFre4niEp0R69r4B9dHfK4U6Em1ujynH3fZLRRWq8iTyXxFKRgfDF0BGgQ57TplY
OjLdSBLgZH1q2NMgB6Zv8rGUa1VLQogQmDLSA2Usr+LpnIaJC3ZgtA/EuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9yTaLwShQyHdb6eg3sH5glX6BqMB8GA1UdIwQY
MBaAFALt/PszXJ12iI2Btz7NikC6/s/8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXUzOC16TmNuWGFJallHM1BzMktRTHItel93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83ZGUyMjEtZTNiZS00NTZkLTkxZjQt
YjE0YjdjZjcwZDJmLzEvTDNKTm92QktGRElkMXZwNkRld2ZtQ1Zmb0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83ZGUyMjEtZTNiZS00NTZkLTkxZjQtYjE0YjdjZjcwZDJm
LzEvQXUzOC16TmNuWGFJallHM1BzMktRTHItel93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPMMA0G
CSqGSIb3DQEBCwUAA4IBAQAXDNxYwO7DKqvScfS1FYhhCl6s9IiJcRFlUSP+u0Q6
s7jABQpbnJVlAUCnul2wguz+jtOlaWtovrPzxBW1hYmg/oGc+7AP2wGQu1KUwXUn
aK/ER7mQmue/le1ne3HgjQvlS2zf0C+R7m1UyVc7yHYTXC0r3leDtVmuWKHpiD33
trB3qvpUpWLFCMb9891oRD5xKTlxud+VgLdlGPDnzkvI+7INkz24cqYZ5ISdMRI1
AjSUUHy+yZAbV3b+YsYtZiQ5Gt27CgyR2feSDco2N52NneZh7p8xcp0p47ts6DK8
dIQlSUwyAWpuZFPt/Dvd/Y/Rq1j6wdHoitVK99v829wA
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:16:08 2025 by rpki-client