Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-72zb1MNU-mXRifAQZqM9Qg0K3w.roa
File: 1-72zb1MNU-mXRifAQZqM9Qg0K3w.roa (raw, json)
Hash identifier: hicJbda60uGqs9lDkMpoQnqnbvEcrqC40gFhRd7s570=
Subject key identifier: FB:BD:B3:6F:53:0D:53:E9:97:46:27:C0:41:9A:8C:F5:08:34:2B:7C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709525826EA2021C0F6ECDD0FB032C79
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-72zb1MNU-mXRifAQZqM9Qg0K3w.roa
Signing time: Mon 02 Jan 2023 03:45:00 +0000
ROA not before: Mon 02 Jan 2023 03:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43309
IP address blocks: 146.120.170.0/24 maxlen: 24
146.120.168.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:25:82:6e:a2:02:1c:0f:6e:cd:d0:fb:03:2c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbbdb36f530d53e9974627c0419a8cf508342b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b4:2b:b2:8f:d6:d4:96:b6:1e:b7:03:b7:9b:
0a:3b:a1:46:fc:91:db:ae:d9:c8:f9:91:8b:b7:ab:
a6:ba:9d:3d:88:ba:e0:ab:b7:fa:c8:d8:e3:e6:39:
6f:20:55:c4:69:7f:74:55:86:6b:6b:5b:0c:65:a2:
a7:a9:b1:b7:be:9d:5a:e3:44:0c:5d:fb:8c:2f:02:
04:f1:cc:a6:45:35:a0:2a:56:20:06:d8:81:22:90:
47:18:cf:fc:7e:75:7e:4a:d6:9d:4c:08:7d:bf:f8:
69:d5:b6:0c:d8:2f:ab:1e:0f:4f:ea:a0:ae:40:cf:
3d:4f:bd:04:77:9b:b1:6c:2c:62:a9:bc:34:a0:45:
72:7a:dc:49:77:c0:28:3a:a4:99:f0:f7:51:a8:70:
ea:83:ff:e2:04:86:9d:68:29:ce:e5:59:fa:a3:bb:
f6:e2:7b:db:45:59:46:5f:63:ce:65:0f:f4:55:7f:
6f:b4:ef:10:ce:77:7a:c7:f0:f7:cb:07:13:ae:a0:
e8:73:03:93:60:8b:a5:6c:97:b6:3d:2e:bf:8d:45:
27:95:55:8d:c1:9c:e0:c1:c5:36:b8:3e:e3:d9:51:
06:6d:49:a9:66:17:33:29:a7:19:70:8c:c6:e3:3a:
60:13:30:2e:e5:e7:be:ed:05:f8:1b:9c:51:c3:9c:
28:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:BD:B3:6F:53:0D:53:E9:97:46:27:C0:41:9A:8C:F5:08:34:2B:7C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-72zb1MNU-mXRifAQZqM9Qg0K3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.168.0-146.120.170.255
Signature Algorithm: sha256WithRSAEncryption
39:39:b3:55:8b:f9:70:b0:71:c9:53:14:22:b9:6e:4f:5e:5c:
50:c9:a7:1f:f3:8f:c0:63:5c:06:0a:01:72:16:ac:4a:7b:02:
84:3a:4b:80:24:82:f7:cc:e3:ca:4a:d5:3b:2a:33:e7:b2:e5:
cf:1b:0f:6c:66:9e:c2:21:20:d6:ea:8d:8f:35:d3:25:4e:89:
1c:d8:ab:c1:fd:ca:77:42:24:30:20:cd:96:a2:a0:8d:b4:e6:
57:d0:20:06:5f:80:fc:4e:05:5e:10:15:c1:95:8e:3f:39:f1:
95:7e:16:87:ba:c2:8a:a2:cd:cf:7e:19:af:e5:ee:07:21:96:
c1:d3:22:21:00:e5:1d:d9:05:39:48:5b:f6:d6:c9:8a:69:b0:
27:32:ea:78:68:10:26:ac:1e:15:44:7a:22:a2:e2:30:45:95:
c9:22:93:56:28:50:09:32:cf:0e:dc:10:46:c2:46:ac:d8:39:
24:6e:70:4d:dc:56:9f:bb:d4:60:22:65:5a:ab:1b:40:b6:ba:
f7:a2:a7:50:1d:b7:8f:08:2d:cf:52:15:8a:34:5d:84:4f:7e:
ae:01:a0:ed:bd:54:ef:26:c8:f9:c7:9e:97:0b:50:6a:39:33:
9c:50:72:43:d5:81:9e:e5:db:4e:04:39:28:70:dd:46:be:b6:
b6:e8:71:d5
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYVwlSWCbqICHA9uzdD7Ayx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmJkYjM2ZjUzMGQ1M2U5OTc0NjI3YzA0MTlhOGNmNTA4MzQyYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7Qrso/W1Ja2HrcDt5sKO6FG/JHb
rtnI+ZGLt6umup09iLrgq7f6yNjj5jlvIFXEaX90VYZra1sMZaKnqbG3vp1a40QM
XfuMLwIE8cymRTWgKlYgBtiBIpBHGM/8fnV+StadTAh9v/hp1bYM2C+rHg9P6qCu
QM89T70Ed5uxbCxiqbw0oEVyetxJd8AoOqSZ8PdRqHDqg//iBIadaCnO5Vn6o7v2
4nvbRVlGX2POZQ/0VX9vtO8Qznd6x/D3ywcTrqDocwOTYIulbJe2PS6/jUUnlVWN
wZzgwcU2uD7j2VEGbUmpZhczKacZcIzG4zpgEzAu5ee+7QX4G5xRw5woswIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPu9s29TDVPpl0YnwEGajPUINCt8MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMS03MnpiMU1OVS1tWFJpZkFRWnFNOVFnMEszdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJl
ZC8xL2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDknio
AwQAkniqMA0GCSqGSIb3DQEBCwUAA4IBAQA5ObNVi/lwsHHJUxQiuW5PXlxQyacf
84/AY1wGCgFyFqxKewKEOkuAJIL3zOPKStU7KjPnsuXPGw9sZp7CISDW6o2PNdMl
Tokc2KvB/cp3QiQwIM2WoqCNtOZX0CAGX4D8TgVeEBXBlY4/OfGVfhaHusKKos3P
fhmv5e4HIZbB0yIhAOUd2QU5SFv21smKabAnMup4aBAmrB4VRHoiouIwRZXJIpNW
KFAJMs8O3BBGwkas2DkkbnBN3Fafu9RgImVaqxtAtrr3oqdQHbePCC3PUhWKNF2E
T36uAaDtvVTvJsj5x56XC1BqOTOcUHJD1YGe5dtOBDkocN1Gvra26HHV
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:51:12 2025 by rpki-client