Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1n0YFml1kHArFRzp857JeUFTVBc.roa
File: 1n0YFml1kHArFRzp857JeUFTVBc.roa (raw, json)
Hash identifier: PujEVOUs/EJEYfmgFqm2ZrY4wWaU+1fk2C4GE9QqUGo=
Subject key identifier: D6:7D:18:16:69:75:90:70:2B:15:1C:E9:F3:9E:C9:79:41:53:54:17
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01943C79711162B65CAEDB047029693A99DB
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1n0YFml1kHArFRzp857JeUFTVBc.roa
Signing time: Mon 06 Jan 2025 16:36:19 +0000
ROA not before: Mon 06 Jan 2025 16:36:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213624
IP address blocks: 146.120.200.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3c:79:71:11:62:b6:5c:ae:db:04:70:29:69:3a:99:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 6 16:36:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d67d1816697590702b151ce9f39ec97941535417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:34:0b:0f:72:0f:b9:65:f4:e9:ee:cd:ab:d5:
9a:a4:32:2d:0c:4d:a6:0e:02:fa:bc:c5:4a:16:e4:
70:d2:d9:32:14:42:cf:17:21:90:ff:d2:01:b0:a4:
4e:f4:ba:6f:a5:77:c8:cb:10:ac:d4:00:2a:da:08:
88:be:aa:87:4b:49:a2:f9:aa:4a:86:ff:e3:b3:b7:
5d:ca:01:d6:f1:c5:12:ed:1d:a8:8c:bb:f1:9e:83:
1e:62:b9:42:0f:bf:13:d6:7a:28:c2:54:74:81:d9:
0e:22:58:eb:ff:97:3e:ae:25:72:e7:3d:3b:33:e7:
33:31:b5:d4:5e:4f:88:f3:2c:43:82:d8:49:20:68:
b1:7f:a0:ae:12:a4:76:e7:88:c7:62:3f:af:19:36:
a4:8b:4c:59:93:c7:d5:37:3c:f7:53:10:7c:09:5d:
ae:a7:7b:7c:15:55:74:80:e3:3f:fa:c9:e2:9c:81:
27:a2:7a:b5:cb:ca:18:d2:c4:1e:1b:45:72:a3:58:
8b:b7:b8:30:d8:93:6d:7d:4b:6e:88:d2:e3:f7:6d:
3a:ee:9a:08:a6:a2:30:54:8e:91:ba:b9:26:7e:17:
b1:ee:70:13:b1:f4:82:db:85:eb:9f:d8:91:9a:4b:
1a:0e:e0:eb:06:f9:5d:ec:16:b4:d6:96:86:e8:0a:
49:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:7D:18:16:69:75:90:70:2B:15:1C:E9:F3:9E:C9:79:41:53:54:17
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1n0YFml1kHArFRzp857JeUFTVBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.200.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:9b:15:d9:0d:2d:fa:42:70:d6:b5:7d:e2:da:f8:08:bf:6a:
56:70:1d:31:45:40:ab:e6:aa:d6:6d:a5:39:f5:d7:40:0e:6c:
cb:57:35:ac:82:df:57:0f:6a:b9:89:c6:6d:de:e7:28:8b:5d:
a5:43:54:c3:d6:45:1d:c0:69:34:e3:a3:fd:98:35:d3:0b:6e:
16:77:05:4f:e5:b2:f2:40:3b:f8:62:7f:d9:47:e9:f3:50:7f:
c8:1f:99:22:ab:3c:5c:55:83:65:e7:98:89:32:4f:94:c0:5b:
6f:9d:c2:73:7c:d3:8a:d5:7c:ff:cf:8c:63:9b:4c:7e:d8:26:
96:9d:ed:48:0e:3f:6f:a2:90:96:77:0f:b8:a1:3f:1d:09:12:
a7:ed:bb:94:20:0d:a0:ba:93:56:18:7d:0e:6f:89:b5:c1:2c:
14:df:ab:db:4d:c5:ff:05:73:60:ff:b0:c6:7e:88:cf:1b:ef:
92:eb:06:b5:87:d9:4c:c1:7a:dd:4c:0b:42:af:e9:39:c0:74:
d7:82:34:74:11:2e:35:7c:66:73:61:80:7d:c3:26:2c:26:36:
92:22:be:b2:8f:da:72:12:ff:27:b4:bc:67:32:c5:65:c1:95:
ac:10:bf:60:42:63:8b:75:c8:4b:b9:25:e2:5f:27:9d:45:79:
96:bf:b9:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ8eXERYrZcrtsEcClpOpnbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTA2MTYzNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjdkMTgxNjY5NzU5MDcwMmIxNTFjZTlmMzllYzk3OTQxNTM1NDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTQLD3IPuWX06e7Nq9WapDItDE2m
DgL6vMVKFuRw0tkyFELPFyGQ/9IBsKRO9LpvpXfIyxCs1AAq2giIvqqHS0mi+apK
hv/js7ddygHW8cUS7R2ojLvxnoMeYrlCD78T1noowlR0gdkOIljr/5c+riVy5z07
M+czMbXUXk+I8yxDgthJIGixf6CuEqR254jHYj+vGTaki0xZk8fVNzz3UxB8CV2u
p3t8FVV0gOM/+sninIEnonq1y8oY0sQeG0Vyo1iLt7gw2JNtfUtuiNLj92067poI
pqIwVI6Rurkmfhex7nATsfSC24Xrn9iRmksaDuDrBvld7Ba01paG6ApJ9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZ9GBZpdZBwKxUc6fOeyXlBU1QXMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMW4wWUZtbDFrSEFyRlJ6cDg1N0plVUZUVkJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCknjIMA0G
CSqGSIb3DQEBCwUAA4IBAQBLmxXZDS36QnDWtX3i2vgIv2pWcB0xRUCr5qrWbaU5
9ddADmzLVzWsgt9XD2q5icZt3ucoi12lQ1TD1kUdwGk046P9mDXTC24WdwVP5bLy
QDv4Yn/ZR+nzUH/IH5kiqzxcVYNl55iJMk+UwFtvncJzfNOK1Xz/z4xjm0x+2CaW
ne1IDj9vopCWdw+4oT8dCRKn7buUIA2gupNWGH0Ob4m1wSwU36vbTcX/BXNg/7DG
fojPG++S6wa1h9lMwXrdTAtCr+k5wHTXgjR0ES41fGZzYYB9wyYsJjaSIr6yj9py
Ev8ntLxnMsVlwZWsEL9gQmOLdchLuSXiXyedRXmWv7kh
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:27 2025 by rpki-client