Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/39hcDQmUhIe8OGxcHWpoaDdbMGU.roa
File: 39hcDQmUhIe8OGxcHWpoaDdbMGU.roa (raw, json)
Hash identifier: rRdJzGfgXaqkEHZxwWtoW4zZkK3BQ2OqaWPQFSLFIiw=
Subject key identifier: DF:D8:5C:0D:09:94:84:87:BC:38:6C:5C:1D:6A:68:68:37:5B:30:65
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A4551220246B2F724DF0ED4AA6004
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/39hcDQmUhIe8OGxcHWpoaDdbMGU.roa
Signing time: Tue 02 Jan 2024 12:33:36 +0000
ROA not before: Tue 02 Jan 2024 12:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206115
IP address blocks: 146.120.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:45:51:22:02:46:b2:f7:24:df:0e:d4:aa:60:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfd85c0d09948487bc386c5c1d6a6868375b3065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f8:b9:89:4c:63:a6:99:48:5e:50:1e:0b:66:
53:52:c1:c4:c4:3b:32:db:88:31:f7:d7:eb:9b:3d:
ce:55:eb:64:c4:ea:a4:f4:57:29:52:92:26:b2:9e:
1b:11:65:73:77:7d:ec:75:45:58:1d:04:43:36:85:
5c:b2:79:c7:d5:70:e4:17:7a:da:f8:e6:c2:1c:39:
b9:f3:f2:e4:87:8c:79:88:fe:63:7c:5c:b4:7b:f9:
37:6a:a4:a3:e8:62:06:ae:08:f9:91:85:cd:ec:3f:
30:6e:c9:c2:b0:4b:21:3d:4d:0e:14:94:d2:33:a2:
de:8a:2d:83:1c:43:a5:f5:ad:28:f6:b2:1a:57:0a:
7d:e4:3e:93:4a:38:ea:a2:f5:fb:e3:1c:21:1d:c6:
82:a0:a1:d3:e1:8c:7f:fb:ed:67:e7:0a:31:10:0d:
f9:ea:69:f4:29:92:a2:90:62:48:08:f4:11:8a:81:
92:cf:2c:ff:cb:d0:b5:3a:fb:85:9d:b4:26:f6:10:
b3:ac:32:45:70:86:45:c5:88:73:19:e1:86:54:77:
a7:3f:ed:9d:5d:1c:19:df:84:d4:73:54:fe:ab:72:
8c:fd:99:29:84:c2:8a:22:5b:1f:a4:45:af:15:12:
9e:3a:aa:ee:e7:48:ed:55:35:2c:e9:8b:79:1f:35:
6d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D8:5C:0D:09:94:84:87:BC:38:6C:5C:1D:6A:68:68:37:5B:30:65
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/39hcDQmUhIe8OGxcHWpoaDdbMGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.88.0/24
Signature Algorithm: sha256WithRSAEncryption
53:3d:c3:68:40:51:99:8a:6a:69:d4:b9:a1:d0:1a:ba:db:b6:
21:5c:4b:5b:6a:d7:46:a4:68:d4:47:8f:c1:df:92:64:83:af:
f7:4b:e3:7a:18:85:b5:18:a0:24:a8:e9:13:30:cb:2a:b5:01:
c5:44:49:be:f6:15:49:dc:e2:19:bb:44:87:07:0b:fd:19:b0:
b7:e7:88:a9:d5:db:5d:8a:9d:23:d3:23:8f:ca:a2:94:e5:b8:
56:c9:98:d0:f8:07:3f:06:20:69:a5:53:85:0d:42:79:52:d4:
b1:b1:82:6e:53:7a:84:e2:d9:9e:12:2a:ea:97:5e:ec:38:ae:
a0:2e:28:4d:10:ed:88:37:00:48:fb:bc:59:35:d0:5b:ae:72:
c8:0e:54:f2:0e:5a:f4:dc:31:06:f9:0c:a3:f9:f5:17:bf:b0:
37:3b:53:0b:a1:c7:0a:f2:7e:2f:fa:89:b2:a5:2a:8b:f2:1b:
9e:63:85:af:d3:1b:b2:ad:17:04:2e:48:ac:c6:6c:6b:b0:e4:
9c:20:82:a8:84:0e:e5:2a:c9:8e:58:34:e4:db:56:40:aa:37:
14:17:a7:83:ef:56:5e:b9:6e:1b:e4:8d:3d:e2:46:1c:e4:e5:
75:89:25:74:45:01:03:14:92:0b:ec:40:74:7d:2b:c3:a6:0c:
e1:e6:c4:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKkVRIgJGsvck3w7UqmAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQ4NWMwZDA5OTQ4NDg3YmMzODZjNWMxZDZhNjg2ODM3NWIzMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifi5iUxjpplIXlAeC2ZTUsHExDsy
24gx99frmz3OVetkxOqk9FcpUpImsp4bEWVzd33sdUVYHQRDNoVcsnnH1XDkF3ra
+ObCHDm58/Lkh4x5iP5jfFy0e/k3aqSj6GIGrgj5kYXN7D8wbsnCsEshPU0OFJTS
M6Leii2DHEOl9a0o9rIaVwp95D6TSjjqovX74xwhHcaCoKHT4Yx/++1n5woxEA35
6mn0KZKikGJICPQRioGSzyz/y9C1OvuFnbQm9hCzrDJFcIZFxYhzGeGGVHenP+2d
XRwZ34TUc1T+q3KM/ZkphMKKIlsfpEWvFRKeOqru50jtVTUs6Yt5HzVtQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/YXA0JlISHvDhsXB1qaGg3WzBlMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMzloY0RRbVVoSWU4T0d4Y0hXcG9hRGRiTUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknhYMA0G
CSqGSIb3DQEBCwUAA4IBAQBTPcNoQFGZimpp1Lmh0Bq627YhXEtbatdGpGjUR4/B
35Jkg6/3S+N6GIW1GKAkqOkTMMsqtQHFREm+9hVJ3OIZu0SHBwv9GbC354ip1dtd
ip0j0yOPyqKU5bhWyZjQ+Ac/BiBppVOFDUJ5UtSxsYJuU3qE4tmeEirql17sOK6g
LihNEO2INwBI+7xZNdBbrnLIDlTyDlr03DEG+Qyj+fUXv7A3O1MLoccK8n4v+omy
pSqL8hueY4Wv0xuyrRcELkisxmxrsOScIIKohA7lKsmOWDTk21ZAqjcUF6eD71Ze
uW4b5I094kYc5OV1iSV0RQEDFJIL7EB0fSvDpgzh5sT1
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:25 2025 by rpki-client