Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/52257e-9e43-4a29-8538-2a7139a6d3cf/1/jC5rB-sgHMDtcYD1oozrXYhynNM.roa
File: jC5rB-sgHMDtcYD1oozrXYhynNM.roa (raw, json)
Hash identifier: aeys8mxifks5Q7HF2OVSeHvR+El5+rSbaKJ8qq9S83c=
Subject key identifier: 8C:2E:6B:07:EB:20:1C:C0:ED:71:80:F5:A2:8C:EB:5D:88:72:9C:D3
Certificate issuer: /CN=4cf0ba6151b808243f12f1e8b544f4f164033ef6
Certificate serial: 01856E38EAE2EB2D169C6C8176E8F091ED78
Authority key identifier: 4C:F0:BA:61:51:B8:08:24:3F:12:F1:E8:B5:44:F4:F1:64:03:3E:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPC6YVG4CCQ_EvHotUT08WQDPvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/52257e-9e43-4a29-8538-2a7139a6d3cf/1/jC5rB-sgHMDtcYD1oozrXYhynNM.roa
Signing time: Sun 01 Jan 2023 16:45:01 +0000
ROA not before: Sun 01 Jan 2023 16:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207709
IP address blocks: 146.19.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:ea:e2:eb:2d:16:9c:6c:81:76:e8:f0:91:ed:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf0ba6151b808243f12f1e8b544f4f164033ef6
Validity
Not Before: Jan 1 16:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c2e6b07eb201cc0ed7180f5a28ceb5d88729cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a9:f9:7a:a6:72:5e:e8:34:09:c8:04:81:ff:
24:d2:e2:1c:7e:a9:73:b1:c2:91:53:ce:a2:3d:f5:
d1:6e:d8:c7:9c:f0:23:95:36:5f:cc:f9:16:f2:6c:
5f:59:a4:d3:36:0e:05:c4:54:91:10:62:12:ac:28:
11:72:e0:17:d1:dc:c8:de:20:f4:33:94:4d:ef:bb:
3a:3b:70:ef:75:01:ba:20:f8:18:84:2a:c1:10:32:
a4:d8:ba:ca:3a:e6:67:00:a6:2a:c0:67:1d:51:ff:
49:43:14:76:67:91:a0:02:d3:99:12:48:77:c5:f6:
14:7d:a9:c7:a4:83:ae:67:6e:de:f7:e8:fb:ec:23:
7f:30:dd:42:3c:ab:7a:e2:43:0c:0f:56:ee:91:1b:
49:38:40:f9:ea:5c:f0:9a:89:80:4f:61:5a:55:02:
34:58:39:c0:6a:c5:6d:db:12:c8:83:0e:d5:55:31:
46:70:24:4f:ba:d5:5a:80:73:cc:a8:6f:ad:57:df:
72:d9:1c:58:2d:d6:a0:5a:36:06:fe:a3:a9:6b:63:
63:69:18:21:d7:05:c9:35:79:45:98:af:38:41:da:
cc:f0:bb:c4:ec:78:c9:f7:ba:f6:09:b0:ee:d8:94:
81:c8:43:a2:f7:84:af:65:a7:9f:57:54:a3:3a:32:
f4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:2E:6B:07:EB:20:1C:C0:ED:71:80:F5:A2:8C:EB:5D:88:72:9C:D3
X509v3 Authority Key Identifier:
keyid:4C:F0:BA:61:51:B8:08:24:3F:12:F1:E8:B5:44:F4:F1:64:03:3E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPC6YVG4CCQ_EvHotUT08WQDPvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/52257e-9e43-4a29-8538-2a7139a6d3cf/1/jC5rB-sgHMDtcYD1oozrXYhynNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/52257e-9e43-4a29-8538-2a7139a6d3cf/1/TPC6YVG4CCQ_EvHotUT08WQDPvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.57.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:e8:40:6f:95:1d:31:a5:36:c2:a5:2f:d5:20:b8:8c:34:1c:
62:09:17:de:f6:34:04:66:fb:00:3d:56:60:68:c4:2c:88:13:
ba:6c:42:ce:3f:3e:75:0b:f8:f0:1d:25:59:f6:34:a0:e5:c1:
ed:6a:68:7e:7d:4b:a9:81:07:84:18:d5:5d:8f:18:c4:c2:18:
71:af:8c:41:55:23:dc:b3:59:5b:7d:9d:ba:54:c2:df:6e:4f:
90:c2:b9:9c:ad:54:62:e2:77:2e:5f:cb:04:f0:07:e4:4d:67:
64:94:b3:c6:40:4d:d4:f4:0f:bb:29:22:63:0d:10:cb:23:ad:
ac:0d:6f:49:9b:45:d0:58:62:6d:f8:45:01:69:35:9b:60:c5:
43:bd:d1:53:58:1b:e0:c5:9b:05:65:74:31:0d:10:eb:f6:85:
8e:88:49:46:29:df:42:fd:09:a9:3e:ea:ca:af:1f:c8:f5:21:
d6:6b:5e:f8:fc:02:3a:e6:20:29:a8:97:85:bd:6e:55:39:29:
33:ec:08:d2:93:9c:2d:74:bf:13:58:b1:2c:59:c0:8a:80:94:
20:3b:28:40:10:97:1b:f1:38:90:0e:48:79:bd:3f:8b:6b:8d:
15:46:8c:c3:5a:6e:b0:a2:09:ab:d7:8d:df:10:4a:d9:47:45:
fb:60:6d:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuOOri6y0WnGyBdujwke14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjBiYTYxNTFiODA4MjQzZjEyZjFlOGI1NDRmNGYxNjQw
MzNlZjYwHhcNMjMwMTAxMTY0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzJlNmIwN2ViMjAxY2MwZWQ3MTgwZjVhMjhjZWI1ZDg4NzI5Y2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKn5eqZyXug0CcgEgf8k0uIcfqlz
scKRU86iPfXRbtjHnPAjlTZfzPkW8mxfWaTTNg4FxFSREGISrCgRcuAX0dzI3iD0
M5RN77s6O3DvdQG6IPgYhCrBEDKk2LrKOuZnAKYqwGcdUf9JQxR2Z5GgAtOZEkh3
xfYUfanHpIOuZ27e9+j77CN/MN1CPKt64kMMD1bukRtJOED56lzwmomAT2FaVQI0
WDnAasVt2xLIgw7VVTFGcCRPutVagHPMqG+tV99y2RxYLdagWjYG/qOpa2NjaRgh
1wXJNXlFmK84QdrM8LvE7HjJ97r2CbDu2JSByEOi94SvZaefV1SjOjL0awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwuawfrIBzA7XGA9aKM612IcpzTMB8GA1UdIwQY
MBaAFEzwumFRuAgkPxLx6LVE9PFkAz72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBDNllWRzRDQ1FfRXZIb3RVVDA4V1FEUHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi81MjI1N2UtOWU0My00YTI5LTg1Mzgt
MmE3MTM5YTZkM2NmLzEvakM1ckItc2dITUR0Y1lEMW9venJYWWh5bk5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi81MjI1N2UtOWU0My00YTI5LTg1MzgtMmE3MTM5YTZkM2Nm
LzEvVFBDNllWRzRDQ1FfRXZIb3RVVDA4V1FEUHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhM5MA0G
CSqGSIb3DQEBCwUAA4IBAQDU6EBvlR0xpTbCpS/VILiMNBxiCRfe9jQEZvsAPVZg
aMQsiBO6bELOPz51C/jwHSVZ9jSg5cHtamh+fUupgQeEGNVdjxjEwhhxr4xBVSPc
s1lbfZ26VMLfbk+QwrmcrVRi4ncuX8sE8AfkTWdklLPGQE3U9A+7KSJjDRDLI62s
DW9Jm0XQWGJt+EUBaTWbYMVDvdFTWBvgxZsFZXQxDRDr9oWOiElGKd9C/QmpPurK
rx/I9SHWa174/AI65iApqJeFvW5VOSkz7AjSk5wtdL8TWLEsWcCKgJQgOyhAEJcb
8TiQDkh5vT+La40VRozDWm6wogmr143fEErZR0X7YG1u
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:29 2025 by rpki-client