Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-fhQzsuS_QcynC1GT77SYTlPaT0.roa
File: 1-fhQzsuS_QcynC1GT77SYTlPaT0.roa (raw, json)
Hash identifier: Vw6BWJslqekI6U8qo/rNlmqCQqjJ1cftUZtJfZpS7nY=
Subject key identifier: F9:F8:50:CE:CB:92:FD:07:32:9C:2D:46:4F:BE:D2:61:39:4F:69:3D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FA9B75B0D134095C9D3009C420146
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-fhQzsuS_QcynC1GT77SYTlPaT0.roa
Signing time: Thu 02 Jan 2025 05:49:19 +0000
ROA not before: Thu 02 Jan 2025 05:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47231
IP address blocks: 146.120.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a9:b7:5b:0d:13:40:95:c9:d3:00:9c:42:01:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9f850cecb92fd07329c2d464fbed261394f693d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b3:cb:1d:40:1a:79:79:b5:88:3e:aa:6b:59:
7c:08:49:8d:d5:33:88:b5:0b:c7:a3:1f:09:e2:d1:
d8:f0:29:f8:03:96:4c:4e:d9:d3:e4:11:4c:8b:71:
fb:28:e0:5e:5c:ea:6c:e2:80:22:0c:b3:83:a4:ea:
2d:34:f1:24:2c:2b:6d:00:49:89:c6:3f:08:90:3a:
2d:a1:09:85:96:fb:9b:fb:5b:84:42:f1:af:f5:e0:
01:8a:90:cf:73:6e:1e:c0:62:5c:31:c2:09:f6:d6:
65:e1:01:8c:4f:44:4f:1a:a4:07:9d:08:16:c5:e7:
8d:f9:ce:76:cf:c1:f6:92:0a:62:02:de:dd:7b:1f:
f1:89:ab:58:1e:40:bb:c5:d6:70:f6:91:bc:65:43:
ce:a6:e7:c8:38:88:35:85:bb:fc:4e:ea:76:9b:ac:
49:70:d6:70:5f:49:60:3b:01:4f:ad:c3:26:c5:0b:
ab:15:7a:94:cf:d4:9b:fa:76:64:3a:48:ac:e7:6f:
a7:04:9c:d3:4c:72:39:57:72:37:04:69:d6:90:b6:
23:80:29:29:97:cd:2f:45:58:f5:5c:54:98:e2:74:
ca:df:14:6c:f5:77:d6:67:1b:95:72:e7:4e:00:ff:
1c:6c:5d:f6:65:e2:20:56:80:fc:55:5f:dd:60:f9:
6e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F8:50:CE:CB:92:FD:07:32:9C:2D:46:4F:BE:D2:61:39:4F:69:3D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-fhQzsuS_QcynC1GT77SYTlPaT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.221.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:cb:e5:3f:be:31:67:5c:15:5c:e0:48:76:00:78:cc:d4:a9:
a0:6b:d1:2e:78:c6:ed:9d:ac:6b:0b:75:64:c0:e6:bc:6d:10:
72:e7:e3:84:ab:fd:4f:67:46:2b:f2:96:ae:87:31:2b:80:f5:
25:e6:b8:50:0a:1e:8f:90:9f:13:aa:e6:b2:4f:f2:72:35:17:
ba:2e:a9:e8:0d:0a:cf:66:d5:f1:8e:40:ec:e2:6a:f8:d9:3b:
e4:73:35:fd:70:67:37:22:e0:ec:41:3b:c0:3a:b9:74:e4:97:
38:23:a9:d3:24:ec:6c:aa:2b:38:b0:2a:da:64:12:e3:41:01:
89:16:85:f3:2e:e3:8c:51:41:af:91:13:be:b8:ac:20:61:e5:
04:fb:f9:9d:ad:21:f0:2b:15:3d:12:28:17:8c:2d:13:11:7f:
71:6a:ad:fb:ec:16:64:54:5f:3b:ba:3a:bb:62:bd:11:84:e7:
4e:a1:8a:fe:5d:a1:ae:da:98:f2:e7:97:d1:c5:0f:12:fa:73:
d7:1a:ed:d9:7c:89:40:a6:e2:7d:e0:08:17:9c:9c:e2:e2:d3:
a6:62:14:a9:59:85:39:61:d2:44:a1:f0:c3:60:da:30:59:3b:
1b:76:29:d2:e2:74:0d:f0:9e:5f:48:63:09:7f:59:98:b9:5a:
75:c4:44:f8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlj6m3Ww0TQJXJ0wCcQgFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWY4NTBjZWNiOTJmZDA3MzI5YzJkNDY0ZmJlZDI2MTM5NGY2OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7PLHUAaeXm1iD6qa1l8CEmN1TOI
tQvHox8J4tHY8Cn4A5ZMTtnT5BFMi3H7KOBeXOps4oAiDLODpOotNPEkLCttAEmJ
xj8IkDotoQmFlvub+1uEQvGv9eABipDPc24ewGJcMcIJ9tZl4QGMT0RPGqQHnQgW
xeeN+c52z8H2kgpiAt7dex/xiatYHkC7xdZw9pG8ZUPOpufIOIg1hbv8Tup2m6xJ
cNZwX0lgOwFPrcMmxQurFXqUz9Sb+nZkOkis52+nBJzTTHI5V3I3BGnWkLYjgCkp
l80vRVj1XFSY4nTK3xRs9XfWZxuVcudOAP8cbF32ZeIgVoD8VV/dYPluQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPn4UM7Lkv0HMpwtRk++0mE5T2k9MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMS1maFF6c3VTX1FjeW5DMUdUNzdTWVRsUGFUMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJl
ZC8xL2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJJ43TAN
BgkqhkiG9w0BAQsFAAOCAQEAbcvlP74xZ1wVXOBIdgB4zNSpoGvRLnjG7Z2sawt1
ZMDmvG0QcufjhKv9T2dGK/KWrocxK4D1Jea4UAoej5CfE6rmsk/ycjUXui6p6A0K
z2bV8Y5A7OJq+Nk75HM1/XBnNyLg7EE7wDq5dOSXOCOp0yTsbKorOLAq2mQS40EB
iRaF8y7jjFFBr5ETvrisIGHlBPv5na0h8CsVPRIoF4wtExF/cWqt++wWZFRfO7o6
u2K9EYTnTqGK/l2hrtqY8ueX0cUPEvpz1xrt2XyJQKbifeAIF5yc4uLTpmIUqVmF
OWHSRKHww2DaMFk7G3Yp0uJ0DfCeX0hjCX9ZmLladcRE+A==
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:23:12 2025 by rpki-client