Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3AWjkF69_yuIw6TRwPr4fvd9D8g.roa
File: 3AWjkF69_yuIw6TRwPr4fvd9D8g.roa (raw, json)
Hash identifier: G4zYC/kXuCEw/bOc3o8CSb2MPr6zfLByKTeGJolJbdI=
Subject key identifier: DC:05:A3:90:5E:BD:FF:2B:88:C3:A4:D1:C0:FA:F8:7E:F7:7D:0F:C8
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095A6C21812F904148132FDCA1FEBA0
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3AWjkF69_yuIw6TRwPr4fvd9D8g.roa
Signing time: Mon 02 Jan 2023 03:45:33 +0000
ROA not before: Mon 02 Jan 2023 03:45:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208087
IP address blocks: 146.120.246.0/23 maxlen: 24
146.120.158.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:a6:c2:18:12:f9:04:14:81:32:fd:ca:1f:eb:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc05a3905ebdff2b88c3a4d1c0faf87ef77d0fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cf:57:df:30:d1:3a:26:5b:b7:63:a1:6e:73:
26:58:22:ba:48:12:ee:6f:bb:c5:9f:a8:99:7c:49:
f7:44:94:9b:f4:d3:22:bc:51:d8:74:3b:ca:27:69:
02:47:7f:90:53:05:c3:da:3e:a4:30:db:17:4c:d1:
0f:64:c9:a9:01:15:4c:ce:df:4d:5f:30:f0:46:c2:
6e:48:5c:9f:e8:91:3c:4f:81:fc:72:08:4d:15:4d:
29:0f:6e:67:5c:0f:d5:7d:fe:ba:b9:68:ad:82:e9:
22:25:97:ae:dd:b9:8e:01:dc:24:40:3c:87:36:50:
96:b2:e6:97:f4:33:a3:6b:2c:65:d5:b1:cf:07:7a:
b7:5e:45:d4:e1:90:88:3a:e6:2f:c2:32:16:92:87:
64:9e:bf:ed:d2:a3:64:37:52:83:05:cd:ce:b4:36:
61:78:c1:05:cc:59:98:fd:a2:de:14:ab:2d:03:6f:
10:d4:f1:70:14:cb:d8:a4:cc:a3:56:25:4f:24:f0:
10:41:bb:7d:9f:ca:b7:fb:20:34:67:e5:0e:57:fe:
60:50:60:39:7c:40:96:98:d3:b3:07:32:b2:8e:45:
32:94:47:f9:1b:ad:c2:2b:17:61:90:26:2b:38:fa:
de:8b:a2:e3:81:a2:a5:60:95:21:1f:68:ba:67:f8:
60:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:05:A3:90:5E:BD:FF:2B:88:C3:A4:D1:C0:FA:F8:7E:F7:7D:0F:C8
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/3AWjkF69_yuIw6TRwPr4fvd9D8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.158.0/23
146.120.246.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:fe:19:7b:e1:94:fc:66:b5:7a:54:3f:b7:96:d9:46:ff:9a:
3f:3f:d1:66:1d:c5:ef:56:da:7d:0a:f6:82:e1:2e:fa:53:b6:
10:a6:96:aa:15:54:57:75:c8:65:77:40:93:be:8a:e9:d3:45:
05:10:58:eb:d9:0e:95:3e:51:f2:c0:1b:c8:eb:35:bf:65:20:
39:ae:21:2f:92:f7:a3:c4:e1:a7:36:d5:c8:41:c8:3e:b5:b1:
ee:6e:3c:3b:1c:e6:5f:8c:7e:0f:01:45:f7:ca:53:30:5b:e3:
d7:a3:f5:08:86:5c:10:98:aa:15:86:3d:c8:bf:88:6b:72:aa:
47:af:a4:1d:55:79:79:47:54:a1:eb:39:fb:cb:4a:4a:b8:99:
11:77:f4:7b:e0:ab:5e:1d:a8:bf:52:7e:d8:53:40:d1:e4:f2:
a2:32:3c:15:b8:ec:d0:22:26:f1:aa:f3:77:99:01:73:c0:37:
c6:be:9a:42:cc:b7:f1:d8:17:40:7b:cb:de:6b:fa:f5:aa:9c:
6e:b2:4c:c1:59:7b:78:ab:7b:a8:54:74:e3:73:71:01:b9:73:
b2:d5:6f:87:2f:c0:7c:4f:c6:67:35:ad:5c:f8:b1:81:ea:d2:
0e:f4:83:ca:7b:c2:67:9f:a0:62:2a:cc:a2:b4:cc:5b:60:e7:
e9:ed:5a:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwlabCGBL5BBSBMv3KH+ugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzA1YTM5MDVlYmRmZjJiODhjM2E0ZDFjMGZhZjg3ZWY3N2QwZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi89X3zDROiZbt2OhbnMmWCK6SBLu
b7vFn6iZfEn3RJSb9NMivFHYdDvKJ2kCR3+QUwXD2j6kMNsXTNEPZMmpARVMzt9N
XzDwRsJuSFyf6JE8T4H8cghNFU0pD25nXA/Vff66uWitgukiJZeu3bmOAdwkQDyH
NlCWsuaX9DOjayxl1bHPB3q3XkXU4ZCIOuYvwjIWkodknr/t0qNkN1KDBc3OtDZh
eMEFzFmY/aLeFKstA28Q1PFwFMvYpMyjViVPJPAQQbt9n8q3+yA0Z+UOV/5gUGA5
fECWmNOzBzKyjkUylEf5G63CKxdhkCYrOPrei6LjgaKlYJUhH2i6Z/hg4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNwFo5Bevf8riMOk0cD6+H73fQ/IMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvM0FXamtGNjlfeXVJdzZUUndQcjRmdmQ5RDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBknieAwQB
knj2MA0GCSqGSIb3DQEBCwUAA4IBAQA6/hl74ZT8ZrV6VD+3ltlG/5o/P9FmHcXv
Vtp9CvaC4S76U7YQppaqFVRXdchld0CTvorp00UFEFjr2Q6VPlHywBvI6zW/ZSA5
riEvkvejxOGnNtXIQcg+tbHubjw7HOZfjH4PAUX3ylMwW+PXo/UIhlwQmKoVhj3I
v4hrcqpHr6QdVXl5R1Sh6zn7y0pKuJkRd/R74KteHai/Un7YU0DR5PKiMjwVuOzQ
IibxqvN3mQFzwDfGvppCzLfx2BdAe8vea/r1qpxuskzBWXt4q3uoVHTjc3EBuXOy
1W+HL8B8T8ZnNa1c+LGB6tIO9IPKe8Jnn6BiKsyitMxbYOfp7VrX
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:53:30 2025 by rpki-client