Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/0661d0-8478-44f3-92d2-f0cd98bd4d98/1/TVBkLaoLTbZvpjLbalS7glwR5v0.roa
File: TVBkLaoLTbZvpjLbalS7glwR5v0.roa (raw, json)
Hash identifier: NyRdJ1RerGLrv+6c6D9h46guT6HckjnV+W2YgJhma+M=
Subject key identifier: 4D:50:64:2D:AA:0B:4D:B6:6F:A6:32:DB:6A:54:BB:82:5C:11:E6:FD
Certificate issuer: /CN=385e4d3a6709740dd91b98f5590687b5d596d806
Certificate serial: 0194228D3C169C116001D59298B4B54EB744
Authority key identifier: 38:5E:4D:3A:67:09:74:0D:D9:1B:98:F5:59:06:87:B5:D5:96:D8:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OF5NOmcJdA3ZG5j1WQaHtdWW2AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/0661d0-8478-44f3-92d2-f0cd98bd4d98/1/TVBkLaoLTbZvpjLbalS7glwR5v0.roa
Signing time: Wed 01 Jan 2025 15:47:48 +0000
ROA not before: Wed 01 Jan 2025 15:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201864
IP address blocks: 146.19.138.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:3c:16:9c:11:60:01:d5:92:98:b4:b5:4e:b7:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385e4d3a6709740dd91b98f5590687b5d596d806
Validity
Not Before: Jan 1 15:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d50642daa0b4db66fa632db6a54bb825c11e6fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:25:ad:4f:a5:b2:20:f7:51:49:f7:2a:ea:0b:
3e:a9:b4:0f:22:b7:24:89:97:68:e3:26:79:ca:f2:
09:62:30:85:b3:b8:33:89:e4:af:f3:a9:c1:20:a4:
60:6c:63:f6:49:54:50:64:9d:66:8b:9c:51:54:58:
4e:3c:d1:a9:88:6d:ea:b1:9f:f3:9a:e3:1c:d2:f8:
f3:c3:a0:2f:be:6f:94:1e:e8:03:1c:a8:ed:3f:51:
61:e3:30:bf:76:47:33:5b:c4:38:81:1f:45:2d:10:
07:8d:83:73:04:44:e1:0a:69:5e:86:f2:79:f8:89:
6b:e1:cf:66:10:56:81:ad:55:f9:f5:6b:48:9b:e1:
80:35:40:53:3f:69:e8:78:dc:06:6d:bb:14:f1:48:
73:c5:00:d5:2a:c2:88:63:0f:f3:b2:be:49:1d:14:
0b:0a:9e:e3:00:5c:4b:de:e2:13:c1:e8:74:b0:01:
b2:5c:9d:65:f1:f3:51:8f:28:48:53:a0:9e:df:51:
32:6f:d1:3a:fa:63:1e:5c:fb:02:8f:41:97:e0:48:
d6:77:ce:6f:73:b2:a2:4a:a5:19:48:81:8b:af:e2:
03:86:2b:87:41:e1:24:a1:f7:8a:ea:23:99:3a:87:
11:11:a0:d1:db:be:9f:b5:be:c6:df:ca:ab:4f:67:
c4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:50:64:2D:AA:0B:4D:B6:6F:A6:32:DB:6A:54:BB:82:5C:11:E6:FD
X509v3 Authority Key Identifier:
keyid:38:5E:4D:3A:67:09:74:0D:D9:1B:98:F5:59:06:87:B5:D5:96:D8:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OF5NOmcJdA3ZG5j1WQaHtdWW2AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0661d0-8478-44f3-92d2-f0cd98bd4d98/1/TVBkLaoLTbZvpjLbalS7glwR5v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0661d0-8478-44f3-92d2-f0cd98bd4d98/1/OF5NOmcJdA3ZG5j1WQaHtdWW2AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.138.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:ea:aa:d0:d4:0d:cb:a1:7b:9d:e6:6c:4d:a3:b4:c9:11:d9:
08:cf:3b:af:b2:72:da:73:76:99:06:f5:78:aa:c3:0b:d9:a3:
b8:3e:71:1c:3b:ef:9e:53:8f:36:b4:03:12:25:57:c8:a4:0f:
a8:14:0c:e7:21:b6:bf:96:e8:28:f4:5a:61:b7:76:39:02:b7:
8f:cd:e3:a3:c4:a7:d1:92:0b:cb:21:d4:fb:1f:51:f4:02:eb:
c4:a5:d7:55:53:85:57:40:e4:ae:bc:0f:7e:b2:ae:1d:0a:f2:
d1:4c:7b:bd:cf:3d:ec:ca:d8:0a:53:7a:30:a2:15:3a:d0:b7:
37:02:08:1e:e3:f7:46:bf:e0:d9:78:a9:26:3a:d9:a5:43:6c:
6b:31:fd:ec:41:cf:dd:c8:e2:0b:f4:e9:81:56:45:e1:bc:09:
2f:cb:20:0d:56:99:6a:b1:e3:c6:31:59:ef:20:5c:6c:92:87:
94:94:0c:da:8e:6e:8a:66:22:6f:d4:59:d0:73:03:76:2d:e7:
fa:9f:58:23:7d:88:e2:b3:2d:1d:6f:b5:4d:15:fd:be:8d:a8:
bd:5e:ac:f2:72:7f:cf:62:da:73:23:17:bc:d8:15:33:71:ce:
3f:29:8d:a5:93:d0:d0:c4:ca:1d:69:1d:85:83:ae:60:bc:b4:
c8:d8:9b:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijTwWnBFgAdWSmLS1TrdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWU0ZDNhNjcwOTc0MGRkOTFiOThmNTU5MDY4N2I1ZDU5
NmQ4MDYwHhcNMjUwMTAxMTU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDUwNjQyZGFhMGI0ZGI2NmZhNjMyZGI2YTU0YmI4MjVjMTFlNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSWtT6WyIPdRSfcq6gs+qbQPIrck
iZdo4yZ5yvIJYjCFs7gzieSv86nBIKRgbGP2SVRQZJ1mi5xRVFhOPNGpiG3qsZ/z
muMc0vjzw6Avvm+UHugDHKjtP1Fh4zC/dkczW8Q4gR9FLRAHjYNzBEThCmlehvJ5
+Ilr4c9mEFaBrVX59WtIm+GANUBTP2noeNwGbbsU8UhzxQDVKsKIYw/zsr5JHRQL
Cp7jAFxL3uITweh0sAGyXJ1l8fNRjyhIU6Ce31Eyb9E6+mMeXPsCj0GX4EjWd85v
c7KiSqUZSIGLr+IDhiuHQeEkofeK6iOZOocREaDR276ftb7G38qrT2fEYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1QZC2qC022b6Yy22pUu4JcEeb9MB8GA1UdIwQY
MBaAFDheTTpnCXQN2RuY9VkGh7XVltgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Y1Tk9tY0pkQTNaRzVqMVdRYUh0ZFdXMkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8wNjYxZDAtODQ3OC00NGYzLTkyZDIt
ZjBjZDk4YmQ0ZDk4LzEvVFZCa0xhb0xUYlp2cGpMYmFsUzdnbHdSNXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8wNjYxZDAtODQ3OC00NGYzLTkyZDItZjBjZDk4YmQ0ZDk4
LzEvT0Y1Tk9tY0pkQTNaRzVqMVdRYUh0ZFdXMkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOKMA0G
CSqGSIb3DQEBCwUAA4IBAQAv6qrQ1A3LoXud5mxNo7TJEdkIzzuvsnLac3aZBvV4
qsML2aO4PnEcO++eU482tAMSJVfIpA+oFAznIba/lugo9Fpht3Y5ArePzeOjxKfR
kgvLIdT7H1H0AuvEpddVU4VXQOSuvA9+sq4dCvLRTHu9zz3sytgKU3owohU60Lc3
Agge4/dGv+DZeKkmOtmlQ2xrMf3sQc/dyOIL9OmBVkXhvAkvyyANVplqsePGMVnv
IFxskoeUlAzajm6KZiJv1FnQcwN2Lef6n1gjfYjisy0db7VNFf2+jai9Xqzycn/P
YtpzIxe82BUzcc4/KY2lk9DQxModaR2Fg65gvLTI2JvP
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:51:13 2025 by rpki-client