Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/400f02-e52e-47f6-8280-f489287abcc4/1/jlHTsW6VOyY93pL0kHo2li2vnVo.roa
File: jlHTsW6VOyY93pL0kHo2li2vnVo.roa (raw, json)
Hash identifier: /OyLtXugU0d3O8G7IiLE5tARVrItvZQJ/BpIwbT3av8=
Subject key identifier: 8E:51:D3:B1:6E:95:3B:26:3D:DE:92:F4:90:7A:36:96:2D:AF:9D:5A
Certificate issuer: /CN=0fb2f4ea3bab0fb0e8892ee7f855d6452ea73300
Certificate serial: 018A23923942B74F806B0153C42DC2E59227
Authority key identifier: 0F:B2:F4:EA:3B:AB:0F:B0:E8:89:2E:E7:F8:55:D6:45:2E:A7:33:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D7L06jurD7DoiS7n-FXWRS6nMwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/400f02-e52e-47f6-8280-f489287abcc4/1/jlHTsW6VOyY93pL0kHo2li2vnVo.roa
Signing time: Wed 23 Aug 2023 18:04:59 +0000
ROA not before: Wed 23 Aug 2023 18:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 146.19.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:23:92:39:42:b7:4f:80:6b:01:53:c4:2d:c2:e5:92:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fb2f4ea3bab0fb0e8892ee7f855d6452ea73300
Validity
Not Before: Aug 23 18:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e51d3b16e953b263dde92f4907a36962daf9d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0a:3b:46:fc:ba:96:a5:05:35:97:c0:5c:c9:
fc:3b:b6:0d:67:44:93:51:be:59:61:a5:c7:5d:f7:
84:c7:da:0e:38:21:59:74:f3:e9:cb:b9:04:7c:9a:
9f:56:22:be:5c:66:90:b3:88:a6:fe:22:38:44:ce:
37:6e:6f:c6:b6:3f:a3:b1:77:89:9d:89:52:7e:94:
3d:af:13:79:67:80:1d:89:26:91:fd:73:10:ab:c4:
e9:0f:07:2e:84:c8:6a:59:c9:19:be:8f:6d:d6:54:
14:1b:d4:d8:77:11:99:8e:df:4d:01:10:13:de:f6:
53:70:58:2f:b7:d6:42:ff:32:eb:10:bc:9f:3f:79:
6a:6f:f3:95:d1:3d:92:47:7c:f3:dc:31:0f:19:6c:
75:ec:00:71:99:a8:13:88:ea:56:84:0d:78:1e:67:
0f:d8:9a:dc:67:c6:06:59:9a:f7:bb:1a:88:43:ea:
f2:76:22:ef:80:eb:1e:a0:68:25:b3:56:c8:bb:45:
3d:31:be:b3:01:2b:84:02:62:7e:cf:18:fb:c4:ad:
d8:0b:47:fa:1f:6e:13:9a:a4:ba:68:e6:7f:8e:ce:
d5:df:dd:b0:d6:6d:1f:ea:3b:3a:6b:bf:38:0a:21:
d9:68:dd:3f:b0:5c:32:1d:3a:c1:b7:f8:cc:bb:cf:
2d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:51:D3:B1:6E:95:3B:26:3D:DE:92:F4:90:7A:36:96:2D:AF:9D:5A
X509v3 Authority Key Identifier:
keyid:0F:B2:F4:EA:3B:AB:0F:B0:E8:89:2E:E7:F8:55:D6:45:2E:A7:33:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D7L06jurD7DoiS7n-FXWRS6nMwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/400f02-e52e-47f6-8280-f489287abcc4/1/jlHTsW6VOyY93pL0kHo2li2vnVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/400f02-e52e-47f6-8280-f489287abcc4/1/D7L06jurD7DoiS7n-FXWRS6nMwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.50.0/24
Signature Algorithm: sha256WithRSAEncryption
51:84:04:40:00:db:5e:0f:a0:a0:8e:8b:f2:f0:d2:5a:7c:6f:
cb:44:fe:aa:ba:52:c7:05:52:be:82:91:52:f8:1e:25:72:05:
d9:20:f2:24:7d:e2:b8:ed:f1:a0:65:c8:7c:ea:e6:2c:9b:b7:
a6:03:22:84:ad:8b:83:aa:d3:36:4d:7d:54:bc:4c:d2:16:c3:
da:eb:37:e3:b8:57:76:b0:67:d8:df:fd:93:42:62:37:00:96:
42:49:f6:49:5a:c9:d8:68:c7:36:7f:f5:c4:a6:72:fe:c3:b7:
a5:9e:99:37:eb:1f:ab:bd:73:9d:91:19:be:da:7b:d5:da:b8:
16:ef:eb:1d:59:10:d4:a9:67:4f:1d:34:81:0f:97:26:21:5c:
95:c3:06:f0:96:f5:bf:02:d1:2e:2d:e6:93:c7:ee:52:e9:d8:
35:f8:d9:8d:6d:f1:1f:e1:ac:2e:1c:e3:11:0e:4c:49:e4:b9:
cb:d7:8f:f3:9b:c4:70:2c:7c:11:9e:6d:93:3a:59:f5:9e:7c:
53:5f:d1:d8:fa:a9:52:17:3a:f9:c2:90:d0:9d:eb:7e:45:2b:
8e:0b:4d:02:ae:63:35:47:61:f7:ed:17:e2:6e:2f:78:59:4e:
28:65:79:05:b9:13:5e:a1:b0:39:c1:5c:fe:bc:79:2f:f4:de:
d8:9e:5a:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYojkjlCt0+AawFTxC3C5ZInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYjJmNGVhM2JhYjBmYjBlODg5MmVlN2Y4NTVkNjQ1MmVh
NzMzMDAwHhcNMjMwODIzMTgwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTUxZDNiMTZlOTUzYjI2M2RkZTkyZjQ5MDdhMzY5NjJkYWY5ZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQo7Rvy6lqUFNZfAXMn8O7YNZ0ST
Ub5ZYaXHXfeEx9oOOCFZdPPpy7kEfJqfViK+XGaQs4im/iI4RM43bm/Gtj+jsXeJ
nYlSfpQ9rxN5Z4AdiSaR/XMQq8TpDwcuhMhqWckZvo9t1lQUG9TYdxGZjt9NARAT
3vZTcFgvt9ZC/zLrELyfP3lqb/OV0T2SR3zz3DEPGWx17ABxmagTiOpWhA14HmcP
2JrcZ8YGWZr3uxqIQ+rydiLvgOseoGgls1bIu0U9Mb6zASuEAmJ+zxj7xK3YC0f6
H24TmqS6aOZ/js7V392w1m0f6js6a784CiHZaN0/sFwyHTrBt/jMu88tywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI5R07FulTsmPd6S9JB6NpYtr51aMB8GA1UdIwQY
MBaAFA+y9Oo7qw+w6Iku5/hV1kUupzMAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDdMMDZqdXJEN0RvaVM3bi1GWFdSUzZuTXdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80MDBmMDItZTUyZS00N2Y2LTgyODAt
ZjQ4OTI4N2FiY2M0LzEvamxIVHNXNlZPeVk5M3BMMGtIbzJsaTJ2blZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80MDBmMDItZTUyZS00N2Y2LTgyODAtZjQ4OTI4N2FiY2M0
LzEvRDdMMDZqdXJEN0RvaVM3bi1GWFdSUzZuTXdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhMyMA0G
CSqGSIb3DQEBCwUAA4IBAQBRhARAANteD6Cgjovy8NJafG/LRP6qulLHBVK+gpFS
+B4lcgXZIPIkfeK47fGgZch86uYsm7emAyKErYuDqtM2TX1UvEzSFsPa6zfjuFd2
sGfY3/2TQmI3AJZCSfZJWsnYaMc2f/XEpnL+w7elnpk36x+rvXOdkRm+2nvV2rgW
7+sdWRDUqWdPHTSBD5cmIVyVwwbwlvW/AtEuLeaTx+5S6dg1+NmNbfEf4awuHOMR
DkxJ5LnL14/zm8RwLHwRnm2TOln1nnxTX9HY+qlSFzr5wpDQnet+RSuOC00CrmM1
R2H37Rfibi94WU4oZXkFuRNeobA5wVz+vHkv9N7Ynlry
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:29:10 2025 by rpki-client