Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0049ae-b743-4acb-8d7b-380888b642f3/1/FHY1nhOgwCuY8vyZ_Y4MG0P-dRI.roa
File: FHY1nhOgwCuY8vyZ_Y4MG0P-dRI.roa (raw, json)
Hash identifier: wU7+M310fyjh2CjiqPnfW1SWoy0fybH8Labp85h6W6o=
Subject key identifier: 14:76:35:9E:13:A0:C0:2B:98:F2:FC:99:FD:8E:0C:1B:43:FE:75:12
Certificate issuer: /CN=d5db0956d24700a6c8c23bf458eda6c618fcfab3
Certificate serial: 01857395F294DF321CFF8110616033D2F4F1
Authority key identifier: D5:DB:09:56:D2:47:00:A6:C8:C2:3B:F4:58:ED:A6:C6:18:FC:FA:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1dsJVtJHAKbIwjv0WO2mxhj8-rM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/0049ae-b743-4acb-8d7b-380888b642f3/1/FHY1nhOgwCuY8vyZ_Y4MG0P-dRI.roa
Signing time: Mon 02 Jan 2023 17:44:44 +0000
ROA not before: Mon 02 Jan 2023 17:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41957
IP address blocks: 146.19.178.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:95:f2:94:df:32:1c:ff:81:10:61:60:33:d2:f4:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5db0956d24700a6c8c23bf458eda6c618fcfab3
Validity
Not Before: Jan 2 17:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1476359e13a0c02b98f2fc99fd8e0c1b43fe7512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f5:3d:61:59:17:d6:9e:e7:de:eb:93:71:27:
18:0a:6b:56:03:e0:f8:cb:a8:0e:92:e5:bf:7f:77:
3a:dd:78:3e:f9:9d:95:4e:3f:97:0f:1b:0d:0e:e8:
03:75:65:06:8f:49:38:c3:cb:ae:13:da:a5:e9:ef:
f0:4f:93:76:76:29:a9:da:52:01:97:9a:d7:e6:42:
bc:78:df:89:b4:62:22:8a:d6:0e:13:45:c3:74:9e:
a1:8f:d2:68:35:fa:fb:a3:8e:29:be:02:1b:52:1a:
e3:73:54:30:2b:c6:ec:4d:45:8d:e0:db:42:05:4d:
f4:00:be:53:3f:65:a7:a3:66:5e:27:82:58:5b:ec:
b8:e3:e6:e7:ac:d7:ea:5b:a1:95:39:eb:7b:69:56:
3d:df:1b:84:58:79:9b:be:cb:6b:67:e9:82:a5:00:
f8:d0:c6:d6:95:d5:4f:c6:11:0a:7e:03:8a:a5:49:
c3:ef:ea:c9:36:8d:f2:59:2b:d7:36:0c:7a:a0:4b:
c1:48:db:2b:5f:39:c4:09:5c:98:9e:28:28:d3:45:
ad:dc:30:bd:d8:37:e4:39:43:54:39:34:a8:ee:07:
e7:b2:a4:f2:d5:53:b4:bf:2d:46:b4:03:0b:57:6b:
f2:d2:da:a7:d4:9e:bd:0c:7a:91:7b:6e:e5:0f:68:
43:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:76:35:9E:13:A0:C0:2B:98:F2:FC:99:FD:8E:0C:1B:43:FE:75:12
X509v3 Authority Key Identifier:
keyid:D5:DB:09:56:D2:47:00:A6:C8:C2:3B:F4:58:ED:A6:C6:18:FC:FA:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1dsJVtJHAKbIwjv0WO2mxhj8-rM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0049ae-b743-4acb-8d7b-380888b642f3/1/FHY1nhOgwCuY8vyZ_Y4MG0P-dRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0049ae-b743-4acb-8d7b-380888b642f3/1/1dsJVtJHAKbIwjv0WO2mxhj8-rM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.178.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:0a:8c:b4:34:25:f7:1e:b4:53:cc:d1:76:8e:e3:a9:dc:cc:
1a:21:85:d4:bc:9f:89:57:a2:a2:66:5a:02:bb:a1:9f:b9:db:
5e:f3:0c:b4:34:57:b0:db:e1:b2:b2:ab:70:87:4f:d4:eb:d6:
2b:ed:19:08:a6:af:17:bb:57:8b:fd:11:70:bf:ef:2d:73:6a:
d6:b0:7e:f6:b0:c8:c2:ef:82:d5:eb:c6:0f:44:0f:71:3b:39:
d4:c4:af:e7:6b:1b:0b:d0:08:90:5b:4f:6f:2c:f1:19:e5:77:
5a:6a:39:c1:a8:e1:14:ef:28:bd:a5:c0:c2:31:53:fa:9a:46:
d4:9a:51:93:50:29:85:44:40:be:39:e4:0b:ec:0d:b7:dc:98:
9a:94:93:08:80:92:45:42:92:d0:6d:04:34:7d:49:df:10:e4:
75:ee:55:57:88:b2:23:04:4b:88:fd:4f:80:73:5d:54:a2:dc:
44:55:38:92:97:25:c7:4c:b1:eb:0d:bc:2a:60:b7:dc:1f:ea:
45:4c:04:08:84:3c:f6:b9:d2:84:07:52:9f:c2:14:7a:d2:4a:
a2:ff:e7:a4:74:28:3d:2b:8f:0c:c7:c9:5f:29:55:16:33:ea:
79:27:84:fe:fd:f1:d1:89:6d:8a:7d:0b:be:35:42:76:5f:d0:
ca:86:58:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzlfKU3zIc/4EQYWAz0vTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZGIwOTU2ZDI0NzAwYTZjOGMyM2JmNDU4ZWRhNmM2MThm
Y2ZhYjMwHhcNMjMwMTAyMTc0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDc2MzU5ZTEzYTBjMDJiOThmMmZjOTlmZDhlMGMxYjQzZmU3NTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/U9YVkX1p7n3uuTcScYCmtWA+D4
y6gOkuW/f3c63Xg++Z2VTj+XDxsNDugDdWUGj0k4w8uuE9ql6e/wT5N2dimp2lIB
l5rX5kK8eN+JtGIiitYOE0XDdJ6hj9JoNfr7o44pvgIbUhrjc1QwK8bsTUWN4NtC
BU30AL5TP2Wno2ZeJ4JYW+y44+bnrNfqW6GVOet7aVY93xuEWHmbvstrZ+mCpQD4
0MbWldVPxhEKfgOKpUnD7+rJNo3yWSvXNgx6oEvBSNsrXznECVyYnigo00Wt3DC9
2DfkOUNUOTSo7gfnsqTy1VO0vy1GtAMLV2vy0tqn1J69DHqRe27lD2hDawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBR2NZ4ToMArmPL8mf2ODBtD/nUSMB8GA1UdIwQY
MBaAFNXbCVbSRwCmyMI79FjtpsYY/PqzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWRzSlZ0SkhBS2JJd2p2MFdPMm14aGo4LXJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wMDQ5YWUtYjc0My00YWNiLThkN2It
MzgwODg4YjY0MmYzLzEvRkhZMW5oT2d3Q3VZOHZ5Wl9ZNE1HMFAtZFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wMDQ5YWUtYjc0My00YWNiLThkN2ItMzgwODg4YjY0MmYz
LzEvMWRzSlZ0SkhBS2JJd2p2MFdPMm14aGo4LXJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOyMA0G
CSqGSIb3DQEBCwUAA4IBAQAuCoy0NCX3HrRTzNF2juOp3MwaIYXUvJ+JV6KiZloC
u6Gfudte8wy0NFew2+Gysqtwh0/U69Yr7RkIpq8Xu1eL/RFwv+8tc2rWsH72sMjC
74LV68YPRA9xOznUxK/naxsL0AiQW09vLPEZ5XdaajnBqOEU7yi9pcDCMVP6mkbU
mlGTUCmFREC+OeQL7A233JialJMIgJJFQpLQbQQ0fUnfEOR17lVXiLIjBEuI/U+A
c11UotxEVTiSlyXHTLHrDbwqYLfcH+pFTAQIhDz2udKEB1KfwhR60kqi/+ekdCg9
K48Mx8lfKVUWM+p5J4T+/fHRiW2KfQu+NUJ2X9DKhljT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:35 2025 by rpki-client