Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/19e6e2-c2a1-4ebc-ba5a-e7caf5e5bcba/1/3Gbnet98ld2uF50D7YCjLTfkMpA.roa
File: 3Gbnet98ld2uF50D7YCjLTfkMpA.roa (raw, json)
Hash identifier: VXqXm4z6E41hAlJYaZsYhRtFw5yW6/XPRFTdwUW8xG4=
Subject key identifier: DC:66:E7:7A:DF:7C:95:DD:AE:17:9D:03:ED:80:A3:2D:37:E4:32:90
Certificate issuer: /CN=c691f345a503cb8c8a9de427e8812efff21b22b5
Certificate serial: 019423D7EFB03EE583541ADB01DFC40190D2
Authority key identifier: C6:91:F3:45:A5:03:CB:8C:8A:9D:E4:27:E8:81:2E:FF:F2:1B:22:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xpHzRaUDy4yKneQn6IEu__IbIrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/19e6e2-c2a1-4ebc-ba5a-e7caf5e5bcba/1/3Gbnet98ld2uF50D7YCjLTfkMpA.roa
Signing time: Wed 01 Jan 2025 21:49:01 +0000
ROA not before: Wed 01 Jan 2025 21:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 146.19.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ef:b0:3e:e5:83:54:1a:db:01:df:c4:01:90:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c691f345a503cb8c8a9de427e8812efff21b22b5
Validity
Not Before: Jan 1 21:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc66e77adf7c95ddae179d03ed80a32d37e43290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:70:bf:1f:9b:a5:26:0d:a6:55:ec:4d:e8:b9:
c1:5e:73:bb:09:03:e3:7b:33:ce:4f:26:ec:cc:a5:
82:00:f5:ae:4c:84:28:0e:d2:73:1b:0f:ed:5d:1a:
0e:48:3a:a0:a3:4f:61:9f:34:0a:04:dd:a8:f0:07:
d7:ad:10:6c:06:b5:70:0f:07:b4:4c:f8:38:83:a9:
cd:c5:42:75:43:36:b3:86:8e:27:c1:46:76:22:3e:
0c:5e:8b:31:b8:2e:58:0e:fb:fd:2c:36:70:f5:2b:
f4:bb:76:a4:4c:d6:ef:a6:9d:c6:ed:8b:29:84:7a:
e8:c3:0f:6b:19:d9:25:dc:f7:25:b7:e1:37:1d:92:
76:80:db:d5:92:6c:7f:9f:14:52:3b:c8:02:c0:8d:
15:5d:63:36:13:67:91:3b:09:33:fc:0b:9b:9e:df:
76:3d:2c:41:90:9d:26:62:7b:bb:c1:20:a4:9d:89:
c2:a5:d1:b1:1c:97:32:58:79:3e:89:79:72:97:ad:
66:6d:04:47:b9:c3:03:f8:81:80:89:5f:59:d1:46:
bb:2c:cb:dd:8f:92:0b:40:d4:9f:1c:47:ab:06:e4:
16:0c:4c:c9:95:c6:58:36:bc:ee:20:1d:79:87:28:
2e:3a:ba:25:f1:55:9a:f4:4f:9c:6e:33:9b:04:51:
10:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:66:E7:7A:DF:7C:95:DD:AE:17:9D:03:ED:80:A3:2D:37:E4:32:90
X509v3 Authority Key Identifier:
keyid:C6:91:F3:45:A5:03:CB:8C:8A:9D:E4:27:E8:81:2E:FF:F2:1B:22:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xpHzRaUDy4yKneQn6IEu__IbIrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/19e6e2-c2a1-4ebc-ba5a-e7caf5e5bcba/1/3Gbnet98ld2uF50D7YCjLTfkMpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/19e6e2-c2a1-4ebc-ba5a-e7caf5e5bcba/1/xpHzRaUDy4yKneQn6IEu__IbIrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.204.0/24
Signature Algorithm: sha256WithRSAEncryption
68:29:a2:5b:57:1f:e5:51:6b:fb:da:1c:c5:01:c9:de:99:74:
9c:84:fc:74:46:b2:8b:fc:b0:32:36:8e:b4:0a:b9:da:ff:63:
91:ee:b5:a0:06:a7:9f:9e:53:b0:96:02:4c:34:47:2e:d4:ff:
bc:7e:80:8b:51:42:b0:3b:a4:05:67:19:95:41:4e:a6:78:85:
33:60:4d:be:d2:cb:01:0f:3f:50:ec:58:33:f7:40:ec:93:db:
2f:1f:73:1c:d3:7c:98:d0:59:79:11:50:91:75:2d:33:0b:ee:
bf:91:e3:d9:34:4d:43:02:76:e5:21:9d:6e:a4:f5:bd:a2:61:
07:ee:04:0b:d3:96:af:c0:0d:b3:db:2d:95:59:b2:9f:68:7e:
cc:d6:36:3e:d8:bc:8c:b6:1d:c2:a1:bc:98:93:b7:f5:39:ea:
9e:de:83:a4:7b:3c:09:c6:22:c9:99:ed:81:6d:27:b4:cc:16:
b4:4c:b9:5f:d2:07:f8:9a:06:1d:5a:bd:db:a1:c3:c8:fd:80:
63:80:ec:b1:2f:30:9e:04:a7:e0:8b:8a:39:a0:21:2d:52:91:
43:2a:39:68:cb:03:94:f8:f5:21:8c:a5:8c:a4:69:e0:80:c3:
7f:4b:64:07:e3:4f:ca:2f:5f:47:b9:ab:62:74:8e:39:f0:d4:
f9:97:e0:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1++wPuWDVBrbAd/EAZDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OTFmMzQ1YTUwM2NiOGM4YTlkZTQyN2U4ODEyZWZmZjIx
YjIyYjUwHhcNMjUwMTAxMjE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzY2ZTc3YWRmN2M5NWRkYWUxNzlkMDNlZDgwYTMyZDM3ZTQzMjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHC/H5ulJg2mVexN6LnBXnO7CQPj
ezPOTybszKWCAPWuTIQoDtJzGw/tXRoOSDqgo09hnzQKBN2o8AfXrRBsBrVwDwe0
TPg4g6nNxUJ1Qzazho4nwUZ2Ij4MXosxuC5YDvv9LDZw9Sv0u3akTNbvpp3G7Ysp
hHroww9rGdkl3Pclt+E3HZJ2gNvVkmx/nxRSO8gCwI0VXWM2E2eROwkz/Aubnt92
PSxBkJ0mYnu7wSCknYnCpdGxHJcyWHk+iXlyl61mbQRHucMD+IGAiV9Z0Ua7LMvd
j5ILQNSfHEerBuQWDEzJlcZYNrzuIB15hyguOrol8VWa9E+cbjObBFEQPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxm53rffJXdrhedA+2Aoy035DKQMB8GA1UdIwQY
MBaAFMaR80WlA8uMip3kJ+iBLv/yGyK1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHBIelJhVUR5NHlLbmVRbjZJRXVfX0liSXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xOWU2ZTItYzJhMS00ZWJjLWJhNWEt
ZTdjYWY1ZTViY2JhLzEvM0dibmV0OThsZDJ1RjUwRDdZQ2pMVGZrTXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xOWU2ZTItYzJhMS00ZWJjLWJhNWEtZTdjYWY1ZTViY2Jh
LzEveHBIelJhVUR5NHlLbmVRbjZJRXVfX0liSXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhPMMA0G
CSqGSIb3DQEBCwUAA4IBAQBoKaJbVx/lUWv72hzFAcnemXSchPx0RrKL/LAyNo60
Crna/2OR7rWgBqefnlOwlgJMNEcu1P+8foCLUUKwO6QFZxmVQU6meIUzYE2+0ssB
Dz9Q7Fgz90Dsk9svH3Mc03yY0Fl5EVCRdS0zC+6/kePZNE1DAnblIZ1upPW9omEH
7gQL05avwA2z2y2VWbKfaH7M1jY+2LyMth3CobyYk7f1Oeqe3oOkezwJxiLJme2B
bSe0zBa0TLlf0gf4mgYdWr3bocPI/YBjgOyxLzCeBKfgi4o5oCEtUpFDKjloywOU
+PUhjKWMpGnggMN/S2QH40/KL19HuatidI458NT5l+C9
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:13:31 2025 by rpki-client