Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/02cMYD6D7DHTAnIIbG51WvgkTy4.roa
File: 02cMYD6D7DHTAnIIbG51WvgkTy4.roa (raw, json)
Hash identifier: RUDez8XB0YBvFAQT4SfhHzvBc8fwHVC209pjjednEjE=
Subject key identifier: D3:67:0C:60:3E:83:EC:31:D3:02:72:08:6C:6E:75:5A:F8:24:4F:2E
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570953035D2DD2BFDF902D47338B2505C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/02cMYD6D7DHTAnIIbG51WvgkTy4.roa
Signing time: Mon 02 Jan 2023 03:45:03 +0000
ROA not before: Mon 02 Jan 2023 03:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44835
IP address blocks: 146.120.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:30:35:d2:dd:2b:fd:f9:02:d4:73:38:b2:50:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3670c603e83ec31d30272086c6e755af8244f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:41:51:4b:6b:d0:c1:28:57:3b:75:0c:d8:60:
d8:b7:21:d9:11:a9:4c:1b:70:be:42:c0:eb:b7:af:
d3:30:52:03:de:48:2e:50:f5:27:4a:00:e6:ff:90:
21:20:4c:89:e7:13:29:f4:0b:71:d2:f1:ad:84:83:
2b:94:47:d0:05:b6:42:3b:8a:02:d4:7f:7f:87:8c:
31:32:cd:ae:e9:31:dd:5c:64:46:a3:7d:32:d4:39:
5d:cd:77:da:7a:d6:b4:72:21:ff:6e:75:cf:84:87:
f0:9f:57:35:f9:22:51:e7:99:b5:ce:3f:2a:71:71:
1e:6e:35:e6:07:50:e5:a6:aa:9d:f8:7b:da:f2:25:
35:2b:a3:6f:90:9b:16:a3:dc:e5:c3:1c:d7:04:47:
d1:4f:5b:13:55:af:3c:59:a2:13:be:91:77:aa:ba:
f9:7b:7a:9d:f6:63:05:f3:15:5a:7f:e4:51:9e:2c:
91:f3:24:a9:e9:8a:9f:40:08:42:ae:40:ed:96:4e:
26:b8:79:e3:8b:8f:0d:8a:a9:07:bd:e8:08:1f:c6:
f5:62:97:30:0c:82:24:da:c3:80:ca:40:95:10:1f:
39:9e:73:f3:de:e4:5f:13:30:ba:99:c1:81:8f:b0:
6b:51:d9:f8:20:f1:6c:79:89:6f:69:08:2a:23:1e:
2d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:67:0C:60:3E:83:EC:31:D3:02:72:08:6C:6E:75:5A:F8:24:4F:2E
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/02cMYD6D7DHTAnIIbG51WvgkTy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.224.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:66:1b:a1:4e:ad:95:1b:38:00:8f:2e:ec:b4:64:18:cf:59:
e7:93:72:91:da:92:a4:dd:9b:92:c8:64:1d:a4:5e:41:2a:43:
0f:12:60:0c:23:b0:d4:97:84:ef:27:32:9f:44:f1:9a:1d:c5:
45:c2:00:b1:fc:23:a3:0b:45:0e:23:a1:d8:69:39:70:4a:c7:
b4:46:4e:1d:0a:f3:10:6e:54:59:1f:52:03:d5:fa:db:e6:2e:
96:c6:66:79:6a:69:6c:89:af:9a:d5:3f:26:94:8f:4a:f1:5a:
48:f4:99:f4:5b:c0:1a:f1:cf:8d:d8:57:8b:95:e3:d2:06:e3:
2b:dc:28:3d:90:15:73:fc:85:19:3f:11:aa:5f:2b:fe:6b:70:
0e:32:c3:34:f5:f7:ba:96:34:01:02:a2:95:c3:8d:03:ab:b3:
0d:e2:16:1f:25:0d:e8:df:fa:28:4a:0b:a2:5a:bd:a1:14:40:
70:ad:1c:7e:5e:05:75:c8:5b:c0:58:02:ee:81:ab:00:1d:9d:
1b:e1:87:66:31:06:0c:e0:57:0d:fd:fe:4f:ff:cf:1b:b0:73:
e8:aa:bf:b6:9b:55:02:94:75:4b:70:da:53:6e:35:1b:f1:09:
9c:e8:0f:c7:e1:70:61:e9:bd:cf:12:d5:ba:0d:81:79:a5:11:
fb:a9:0c:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlTA10t0r/fkC1HM4slBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzY3MGM2MDNlODNlYzMxZDMwMjcyMDg2YzZlNzU1YWY4MjQ0ZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkFRS2vQwShXO3UM2GDYtyHZEalM
G3C+QsDrt6/TMFID3kguUPUnSgDm/5AhIEyJ5xMp9Atx0vGthIMrlEfQBbZCO4oC
1H9/h4wxMs2u6THdXGRGo30y1DldzXfaeta0ciH/bnXPhIfwn1c1+SJR55m1zj8q
cXEebjXmB1Dlpqqd+Hva8iU1K6NvkJsWo9zlwxzXBEfRT1sTVa88WaITvpF3qrr5
e3qd9mMF8xVaf+RRniyR8ySp6YqfQAhCrkDtlk4muHnji48NiqkHvegIH8b1Ypcw
DIIk2sOAykCVEB85nnPz3uRfEzC6mcGBj7BrUdn4IPFseYlvaQgqIx4tKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNNnDGA+g+wx0wJyCGxudVr4JE8uMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMDJjTVlENkQ3REhUQW5JSWJHNTFXdmdrVHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjgMA0G
CSqGSIb3DQEBCwUAA4IBAQB8ZhuhTq2VGzgAjy7stGQYz1nnk3KR2pKk3ZuSyGQd
pF5BKkMPEmAMI7DUl4TvJzKfRPGaHcVFwgCx/COjC0UOI6HYaTlwSse0Rk4dCvMQ
blRZH1ID1frb5i6WxmZ5amlsia+a1T8mlI9K8VpI9Jn0W8Aa8c+N2FeLlePSBuMr
3Cg9kBVz/IUZPxGqXyv+a3AOMsM09fe6ljQBAqKVw40Dq7MN4hYfJQ3o3/ooSgui
Wr2hFEBwrRx+XgV1yFvAWALugasAHZ0b4YdmMQYM4FcN/f5P/88bsHPoqr+2m1UC
lHVLcNpTbjUb8Qmc6A/H4XBh6b3PEtW6DYF5pRH7qQx4
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:41 2025 by rpki-client