Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/52257e-9e43-4a29-8538-2a7139a6d3cf/1/fXfL1bVtU_WWNx225ZIn1sKgGlE.roa
File: fXfL1bVtU_WWNx225ZIn1sKgGlE.roa (raw, json)
Hash identifier: 0tYbcKEK8u4DjLwdzuGgJbTt07PAvKmIeV4evKg9QpU=
Subject key identifier: 7D:77:CB:D5:B5:6D:53:F5:96:37:1D:B6:E5:92:27:D6:C2:A0:1A:51
Certificate issuer: /CN=4cf0ba6151b808243f12f1e8b544f4f164033ef6
Certificate serial: 0184F65CFEA58495CD10637579BA7D286A79
Authority key identifier: 4C:F0:BA:61:51:B8:08:24:3F:12:F1:E8:B5:44:F4:F1:64:03:3E:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPC6YVG4CCQ_EvHotUT08WQDPvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/52257e-9e43-4a29-8538-2a7139a6d3cf/1/fXfL1bVtU_WWNx225ZIn1sKgGlE.roa
Signing time: Fri 09 Dec 2022 10:10:00 +0000
ROA not before: Fri 09 Dec 2022 10:10:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207709
IP address blocks: 146.19.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:5c:fe:a5:84:95:cd:10:63:75:79:ba:7d:28:6a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf0ba6151b808243f12f1e8b544f4f164033ef6
Validity
Not Before: Dec 9 10:10:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d77cbd5b56d53f596371db6e59227d6c2a01a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:79:f3:29:76:b9:45:55:a2:b7:53:fc:7d:4a:
02:da:3b:c4:ed:74:98:0b:93:ea:bb:9f:3e:9c:83:
e4:02:1f:95:72:01:8e:d0:aa:30:79:1d:54:48:7f:
ab:5a:48:c7:0e:fb:cd:f9:3a:f1:3d:37:4a:d4:f6:
fc:a0:03:5a:8f:1e:c4:8c:57:7d:0f:ba:fe:a7:15:
a9:9d:40:22:ad:8d:6b:53:a4:92:9a:df:27:c8:66:
cb:fb:9f:d9:8e:08:f7:af:3e:fc:06:75:6f:a9:1e:
e7:23:e3:81:5e:99:d1:5e:62:0a:86:e8:9b:ed:29:
04:b2:2b:8c:d8:78:92:4b:bb:0c:c0:43:63:aa:ed:
61:57:50:6a:55:5e:07:1d:10:fd:24:48:11:8c:ca:
67:71:0d:1d:0f:18:c4:49:40:06:39:33:8b:13:1c:
ca:ab:f8:74:b8:c5:4d:82:f3:aa:bc:37:f3:f6:18:
a0:ae:03:33:e6:9a:88:3a:22:51:a3:f6:e9:34:c2:
09:0f:ff:d6:5d:2e:85:ad:24:01:ee:dc:ac:f8:e1:
81:5e:02:dc:4f:ce:25:6a:ba:0c:73:41:0d:bd:38:
2e:67:0d:fb:f9:a9:e5:c0:df:3a:89:53:4b:ef:50:
bf:a0:5f:1c:27:8b:d5:fb:0f:2f:2a:56:63:bb:d5:
c5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:77:CB:D5:B5:6D:53:F5:96:37:1D:B6:E5:92:27:D6:C2:A0:1A:51
X509v3 Authority Key Identifier:
keyid:4C:F0:BA:61:51:B8:08:24:3F:12:F1:E8:B5:44:F4:F1:64:03:3E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPC6YVG4CCQ_EvHotUT08WQDPvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/52257e-9e43-4a29-8538-2a7139a6d3cf/1/fXfL1bVtU_WWNx225ZIn1sKgGlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/52257e-9e43-4a29-8538-2a7139a6d3cf/1/TPC6YVG4CCQ_EvHotUT08WQDPvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.57.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:55:3b:0c:43:f0:37:8e:fa:e1:6f:2e:e6:8a:40:96:8a:d6:
42:7e:aa:5c:7a:f2:4d:41:ed:b1:3d:c7:55:cf:15:73:9a:1a:
57:00:5c:f6:46:71:52:61:ac:28:7c:86:ae:3d:5f:18:a0:a1:
db:fc:ec:e1:6d:27:86:4a:27:ad:c7:06:3b:89:c0:a0:38:29:
47:fd:77:d1:23:70:8c:74:b4:4f:61:f8:6d:66:4a:2f:a7:3d:
5e:c9:b1:02:5b:aa:3f:e9:6d:a4:f7:03:37:62:0d:28:c7:0c:
f8:0e:9f:2a:79:99:b1:c8:b7:c8:db:62:7c:6b:1a:75:e0:12:
c1:97:a7:c6:10:68:ac:2a:76:b3:15:6b:dd:39:d0:03:b6:fe:
de:26:95:fc:21:23:1b:27:6d:aa:e5:be:45:9a:68:be:4b:bb:
b3:e6:a0:b1:c2:95:4c:3a:32:b2:6a:fe:b5:02:74:c0:3a:99:
84:73:be:57:65:38:30:14:19:3f:23:96:8a:36:f3:1a:20:c1:
64:12:c2:53:80:85:6d:9f:cf:9f:7b:5f:e5:ed:5a:f9:60:ff:
a8:61:c8:94:77:14:4a:b5:db:40:16:2a:dc:44:33:8f:e1:5c:
f9:60:9d:42:ed:88:b8:7d:05:f5:67:6c:9e:ea:fb:ad:cc:06:
32:f5:2b:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT2XP6lhJXNEGN1ebp9KGp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjBiYTYxNTFiODA4MjQzZjEyZjFlOGI1NDRmNGYxNjQw
MzNlZjYwHhcNMjIxMjA5MTAxMDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDc3Y2JkNWI1NmQ1M2Y1OTYzNzFkYjZlNTkyMjdkNmMyYTAxYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnnzKXa5RVWit1P8fUoC2jvE7XSY
C5Pqu58+nIPkAh+VcgGO0KoweR1USH+rWkjHDvvN+TrxPTdK1Pb8oANajx7EjFd9
D7r+pxWpnUAirY1rU6SSmt8nyGbL+5/Zjgj3rz78BnVvqR7nI+OBXpnRXmIKhuib
7SkEsiuM2HiSS7sMwENjqu1hV1BqVV4HHRD9JEgRjMpncQ0dDxjESUAGOTOLExzK
q/h0uMVNgvOqvDfz9higrgMz5pqIOiJRo/bpNMIJD//WXS6FrSQB7tys+OGBXgLc
T84laroMc0ENvTguZw37+anlwN86iVNL71C/oF8cJ4vV+w8vKlZju9XFKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH13y9W1bVP1ljcdtuWSJ9bCoBpRMB8GA1UdIwQY
MBaAFEzwumFRuAgkPxLx6LVE9PFkAz72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBDNllWRzRDQ1FfRXZIb3RVVDA4V1FEUHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81MjI1N2UtOWU0My00YTI5LTg1Mzgt
MmE3MTM5YTZkM2NmLzEvZlhmTDFiVnRVX1dXTngyMjVaSW4xc0tnR2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81MjI1N2UtOWU0My00YTI5LTg1MzgtMmE3MTM5YTZkM2Nm
LzEvVFBDNllWRzRDQ1FfRXZIb3RVVDA4V1FEUHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhM5MA0G
CSqGSIb3DQEBCwUAA4IBAQCbVTsMQ/A3jvrhby7mikCWitZCfqpcevJNQe2xPcdV
zxVzmhpXAFz2RnFSYawofIauPV8YoKHb/OzhbSeGSietxwY7icCgOClH/XfRI3CM
dLRPYfhtZkovpz1eybECW6o/6W2k9wM3Yg0oxwz4Dp8qeZmxyLfI22J8axp14BLB
l6fGEGisKnazFWvdOdADtv7eJpX8ISMbJ22q5b5Fmmi+S7uz5qCxwpVMOjKyav61
AnTAOpmEc75XZTgwFBk/I5aKNvMaIMFkEsJTgIVtn8+fe1/l7Vr5YP+oYciUdxRK
tdtAFircRDOP4Vz5YJ1C7Yi4fQX1Z2ye6vutzAYy9Stt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:23 2025 by rpki-client