Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e32322e302f32342d3234203d3e20323039323432.roa
File: 3134362e31392e32322e302f32342d3234203d3e20323039323432.roa (raw, json)
Hash identifier: hF2CPh/FhB4UR2oECEr9ue6Zql31alozp4P0e/qsVWk=
Subject key identifier: E2:A3:08:2B:C4:1A:6D:9E:F5:9A:3C:2D:BC:92:62:C8:7B:AE:59:45
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 4595D15A05151E27D1AC219CE91B852CB7F70F84
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e32322e302f32342d3234203d3e20323039323432.roa
Signing time: Wed 19 Feb 2025 12:48:45 +0000
ROA not before: Wed 19 Feb 2025 12:43:45 +0000
ROA not after: Wed 18 Feb 2026 12:48:45 +0000
asID: 209242
IP address blocks: 146.19.22.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:95:d1:5a:05:15:1e:27:d1:ac:21:9c:e9:1b:85:2c:b7:f7:0f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Feb 19 12:43:45 2025 GMT
Not After : Feb 18 12:48:45 2026 GMT
Subject: CN=E2A3082BC41A6D9EF59A3C2DBC9262C87BAE5945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5e:ca:d6:9f:01:07:45:14:a6:a4:39:48:9e:
46:78:5f:10:5d:f7:86:7e:02:02:0e:fd:8f:db:96:
44:36:01:7a:6e:0f:58:b9:ea:b9:f8:de:36:19:c4:
17:1a:a6:88:f3:66:77:7e:a9:93:26:a4:fb:27:c7:
91:69:da:19:12:bc:3e:42:4f:31:30:06:fa:c8:bb:
e9:5f:cf:52:a3:51:70:a7:c6:2e:77:00:bc:0c:33:
af:0e:2c:d6:63:0f:3e:76:a4:01:8a:ac:6e:8e:e3:
72:81:fe:0c:f0:c3:6d:f3:7a:f1:38:48:2d:4e:12:
ca:e3:09:e8:9e:c7:25:38:2a:6d:4d:7a:ea:65:9f:
43:44:13:d9:22:7f:d3:77:80:68:c0:c7:12:06:30:
46:0d:35:be:86:3d:97:13:3c:83:08:ea:5f:7c:3f:
76:f0:e2:bc:78:20:30:b7:4a:c9:10:8a:fd:f2:9b:
1c:05:a3:d5:e3:15:20:e6:1c:ba:5c:e9:ec:f8:13:
14:19:13:7f:77:2f:ee:dc:74:a7:2e:1e:72:ee:9b:
1f:48:58:ad:6b:42:12:34:14:e5:ce:c5:8e:a9:f7:
c8:84:44:86:43:8d:a0:15:e3:e3:cb:7f:fa:22:41:
43:ba:c3:43:12:fb:f9:ea:73:54:a1:dc:5a:af:4d:
d5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A3:08:2B:C4:1A:6D:9E:F5:9A:3C:2D:BC:92:62:C8:7B:AE:59:45
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e32322e302f32342d3234203d3e20323039323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.22.0/24
Signature Algorithm: sha256WithRSAEncryption
64:63:4c:60:bf:0d:b2:e6:27:94:4f:73:1b:f3:7e:a4:10:62:
b3:d6:3d:e0:99:4c:62:b6:91:d0:b1:43:e0:59:f3:27:3a:71:
e7:40:2c:b0:20:42:bb:43:a0:ca:e5:a3:46:cc:84:01:75:b4:
11:20:19:10:30:22:5a:b7:73:44:60:59:44:71:20:d9:0f:9d:
48:a8:4f:37:b7:aa:7f:3c:dc:36:f7:a8:e3:97:eb:fa:10:92:
19:1f:77:e6:05:15:e5:13:7a:26:72:25:63:e9:eb:20:7d:12:
f2:8a:da:e6:ce:8b:71:d3:3f:cf:91:45:e6:85:d3:fd:ee:51:
ef:b1:06:28:dd:8e:cf:01:7e:10:20:a6:aa:1c:40:da:bd:43:
a9:3c:be:14:12:4f:39:99:e5:b4:fb:c9:8b:3f:e2:95:4f:b0:
5b:58:4c:ab:e0:fa:3c:e3:0c:17:34:aa:96:df:a0:31:74:f4:
e1:67:7d:3c:ac:e6:18:52:f9:8a:2a:7e:d9:b9:2d:82:24:4a:
a2:57:00:b4:08:2f:75:d4:08:89:9b:8a:c7:c0:70:a5:b8:e1:
0d:68:04:fa:06:8f:81:96:05:39:17:7f:cd:94:56:f9:2e:5f:
76:a9:ec:2b:5b:18:68:bc:43:06:45:75:77:28:0a:5c:0d:39:
f4:ab:6b:05
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURZXRWgUVHifRrCGc6RuFLLf3D4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTAyMTkxMjQzNDVaFw0yNjAyMTgxMjQ4NDVaMDMxMTAvBgNV
BAMTKEUyQTMwODJCQzQxQTZEOUVGNTlBM0MyREJDOTI2MkM4N0JBRTU5NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChXsrWnwEHRRSmpDlInkZ4XxBd
94Z+AgIO/Y/blkQ2AXpuD1i56rn43jYZxBcapojzZnd+qZMmpPsnx5Fp2hkSvD5C
TzEwBvrIu+lfz1KjUXCnxi53ALwMM68OLNZjDz52pAGKrG6O43KB/gzww23zevE4
SC1OEsrjCeiexyU4Km1Neupln0NEE9kif9N3gGjAxxIGMEYNNb6GPZcTPIMI6l98
P3bw4rx4IDC3SskQiv3ymxwFo9XjFSDmHLpc6ez4ExQZE393L+7cdKcuHnLumx9I
WK1rQhI0FOXOxY6p98iERIZDjaAV4+PLf/oiQUO6w0MS+/nqc1Sh3FqvTdUbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU4qMIK8QabZ71mjwtvJJiyHuuWUUwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNDM2MmUzMTM5MmUzMjMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM5MzIzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khMWMA0GCSqGSIb3DQEBCwUAA4IBAQBkY0xgvw2y5ieUT3Mb836kEGKz1j3gmUxi
tpHQsUPgWfMnOnHnQCywIEK7Q6DK5aNGzIQBdbQRIBkQMCJat3NEYFlEcSDZD51I
qE83t6p/PNw296jjl+v6EJIZH3fmBRXlE3omciVj6esgfRLyitrmzotx0z/PkUXm
hdP97lHvsQYo3Y7PAX4QIKaqHEDavUOpPL4UEk85meW0+8mLP+KVT7BbWEyr4Po8
4wwXNKqW36AxdPThZ308rOYYUvmKKn7ZuS2CJEqiVwC0CC911AiJm4rHwHCluOEN
aAT6Bo+BlgU5F3/NlFb5Ll92qewrWxhovEMGRXV3KApcDTn0q2sF
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:41:23 2025 by rpki-client