Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/42BmTsViJXz2WqlV4_io6K3VIjk.roa
File: 42BmTsViJXz2WqlV4_io6K3VIjk.roa (raw, json)
Hash identifier: 2MyAlESNR6eqmGKBHGCnds8446wWXVt2CWU4C9xt8MM=
Subject key identifier: E3:60:66:4E:C5:62:25:7C:F6:5A:A9:55:E3:F8:A8:E8:AD:D5:22:39
Certificate issuer: /CN=597a01de87e011803f890ae17749020f995f140c
Certificate serial: 019422FBA8CF0B918DF7705700139A9161D1
Authority key identifier: 59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/42BmTsViJXz2WqlV4_io6K3VIjk.roa
Signing time: Wed 01 Jan 2025 17:48:25 +0000
ROA not before: Wed 01 Jan 2025 17:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2773
IP address blocks: 164.18.0.0/24 maxlen: 24
164.18.1.0/24 maxlen: 24
164.18.2.0/23 maxlen: 23
164.18.4.0/22 maxlen: 22
164.18.8.0/22 maxlen: 22
164.18.12.0/22 maxlen: 22
164.18.65.0/24 maxlen: 24
164.18.128.0/23 maxlen: 23
164.18.160.0/24 maxlen: 24
164.18.161.0/24 maxlen: 24
164.18.162.0/24 maxlen: 24
164.18.164.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a8:cf:0b:91:8d:f7:70:57:00:13:9a:91:61:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597a01de87e011803f890ae17749020f995f140c
Validity
Not Before: Jan 1 17:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e360664ec562257cf65aa955e3f8a8e8add52239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b5:5e:17:42:4b:05:43:c7:f7:b5:d1:87:b2:
50:9d:60:bb:ff:07:dc:d2:c3:e3:d5:04:96:e7:ce:
4d:21:31:76:12:06:4e:ad:dd:09:76:f7:ca:7a:1e:
80:9e:8d:c0:06:cb:80:55:be:1e:fa:93:f1:77:10:
5b:f5:89:02:a6:c8:c2:fa:92:b8:dd:50:23:e4:69:
ec:42:36:c9:1d:d3:c8:a8:50:d6:c1:93:09:5c:54:
cb:ac:e3:df:ce:a5:98:bb:32:fa:cf:db:8b:13:73:
18:e3:c9:9c:7a:bd:a3:06:74:e8:de:fe:e9:47:d2:
57:d8:92:08:71:94:6d:8a:1d:3c:12:8c:54:8c:72:
f9:1c:04:80:37:c1:e2:0b:3f:74:c8:44:5b:11:e7:
c7:c2:d5:54:64:8a:3e:8c:99:88:30:51:e0:ee:1c:
fa:55:27:d8:0d:99:5d:54:f4:d6:af:e6:5e:d6:67:
d5:b7:5e:c8:04:8b:e5:1e:e8:67:ec:f4:d3:d1:28:
04:4e:68:5a:b0:78:88:bd:24:34:f7:db:7f:68:58:
e5:c9:ef:7f:4f:d9:a0:d8:c7:1b:34:e7:4e:12:c2:
9b:5a:bb:63:0f:69:14:be:ee:8c:c0:5a:c1:78:78:
34:9d:9a:f2:e1:53:c4:40:71:c2:e5:4e:bd:13:ed:
a4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:60:66:4E:C5:62:25:7C:F6:5A:A9:55:E3:F8:A8:E8:AD:D5:22:39
X509v3 Authority Key Identifier:
keyid:59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/42BmTsViJXz2WqlV4_io6K3VIjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.18.0.0/20
164.18.65.0/24
164.18.128.0/23
164.18.160.0-164.18.162.255
164.18.164.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:ec:c4:81:e8:2a:50:41:01:03:ac:fb:cb:d6:d1:39:8d:f9:
f2:ce:fe:03:e3:94:8b:1e:0f:66:09:3f:2d:a2:ca:00:53:af:
06:13:eb:47:0e:9b:f6:e3:02:f8:74:20:1b:e4:8d:34:4f:29:
84:a3:71:64:08:82:15:1d:b5:c3:3f:40:5f:64:84:e1:f0:a3:
7c:b7:93:d9:ff:9d:90:ea:05:fb:5a:28:f6:82:af:61:94:f7:
93:29:45:d0:d6:d4:53:e0:aa:6c:0a:3b:a2:7c:bd:73:8d:5f:
76:79:33:8b:2c:5e:3d:37:f9:b9:8a:57:ff:e8:88:79:3e:ed:
ea:b4:86:1e:5a:2a:7c:ba:fd:69:89:73:13:fb:65:61:a2:91:
fc:8a:f0:a2:a7:6c:b2:04:e0:df:60:2a:94:02:59:93:55:fe:
5d:9d:20:f5:41:96:da:7c:78:b9:de:3e:3a:5f:29:7b:62:bc:
77:fc:aa:44:49:80:52:d2:88:da:e6:f4:76:14:88:64:58:e8:
da:f0:7b:cf:65:3d:78:e2:30:78:d7:b1:b1:f7:0f:30:b6:04:
67:d3:e5:cc:d5:10:a4:a6:d6:3a:c2:38:0a:4b:42:65:c8:b5:
2e:3d:31:e9:24:38:07:ee:f2:cf:0e:00:f2:c9:50:7a:69:2e:
fb:76:c7:09
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQi+6jPC5GN93BXABOakWHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2EwMWRlODdlMDExODAzZjg5MGFlMTc3NDkwMjBmOTk1
ZjE0MGMwHhcNMjUwMTAxMTc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzYwNjY0ZWM1NjIyNTdjZjY1YWE5NTVlM2Y4YThlOGFkZDUyMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7VeF0JLBUPH97XRh7JQnWC7/wfc
0sPj1QSW585NITF2EgZOrd0JdvfKeh6Ano3ABsuAVb4e+pPxdxBb9YkCpsjC+pK4
3VAj5GnsQjbJHdPIqFDWwZMJXFTLrOPfzqWYuzL6z9uLE3MY48mcer2jBnTo3v7p
R9JX2JIIcZRtih08EoxUjHL5HASAN8HiCz90yERbEefHwtVUZIo+jJmIMFHg7hz6
VSfYDZldVPTWr+Ze1mfVt17IBIvlHuhn7PTT0SgETmhasHiIvSQ099t/aFjlye9/
T9mg2McbNOdOEsKbWrtjD2kUvu6MwFrBeHg0nZry4VPEQHHC5U69E+2k/wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFONgZk7FYiV89lqpVeP4qOit1SI5MB8GA1UdIwQY
MBaAFFl6Ad6H4BGAP4kK4XdJAg+ZXxQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMt
NzM1MzNkZTA5OWMzLzEvNDJCbVRzVmlKWHoyV3FsVjRfaW82SzNWSWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMtNzM1MzNkZTA5OWMz
LzEvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEpBIAAwQA
pBJBAwQBpBKAMAwDBAWkEqADBACkEqIDBACkEqQwDQYJKoZIhvcNAQELBQADggEB
AMrsxIHoKlBBAQOs+8vW0TmN+fLO/gPjlIseD2YJPy2iygBTrwYT60cOm/bjAvh0
IBvkjTRPKYSjcWQIghUdtcM/QF9khOHwo3y3k9n/nZDqBftaKPaCr2GU95MpRdDW
1FPgqmwKO6J8vXONX3Z5M4ssXj03+bmKV//oiHk+7eq0hh5aKny6/WmJcxP7ZWGi
kfyK8KKnbLIE4N9gKpQCWZNV/l2dIPVBltp8eLnePjpfKXtivHf8qkRJgFLSiNrm
9HYUiGRY6Nrwe89lPXjiMHjXsbH3DzC2BGfT5czVEKSm1jrCOApLQmXItS49Mekk
OAfu8s8OAPLJUHppLvt2xwk=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:31 2025 by rpki-client