Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8z7n4TAV9cfxDELzZv7fON4pqp8.roa
File: 8z7n4TAV9cfxDELzZv7fON4pqp8.roa (raw, json)
Hash identifier: dKrT7ncKFjPN0pt5P+vYsqe7BrkeMrL3M63RIVeJQh0=
Subject key identifier: F3:3E:E7:E1:30:15:F5:C7:F1:0C:42:F3:66:FE:DF:38:DE:29:AA:9F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F98B68CE19DE1D9132E4F8963C816
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8z7n4TAV9cfxDELzZv7fON4pqp8.roa
Signing time: Thu 02 Jan 2025 05:49:15 +0000
ROA not before: Thu 02 Jan 2025 05:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41917
IP address blocks: 146.120.101.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:98:b6:8c:e1:9d:e1:d9:13:2e:4f:89:63:c8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f33ee7e13015f5c7f10c42f366fedf38de29aa9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:9c:8d:1d:bb:77:b3:eb:e3:d8:33:61:98:b4:
eb:73:ce:a7:30:0a:f6:01:76:71:94:97:cd:d2:89:
ef:e7:34:c1:2a:e0:02:0b:d8:48:b4:1e:52:9d:5e:
1c:91:62:5d:f2:06:bd:d2:85:ee:af:5a:a0:b3:26:
69:fa:a1:d3:e2:35:30:e1:b0:cf:7a:26:fe:4f:1e:
e0:8a:c8:3d:b5:bf:a5:6a:d3:fa:64:37:c1:c3:3c:
49:cb:f1:64:8b:7d:63:e4:e5:9d:47:a4:d4:4f:5d:
86:cd:b2:3f:ce:bf:7c:5b:10:55:69:97:fa:a1:f1:
56:61:05:18:b2:fe:dd:6b:94:1c:bc:98:8b:84:47:
5f:ab:d2:3f:60:47:bc:16:2a:28:00:90:63:be:c0:
49:70:7e:7f:db:c3:9b:2d:84:20:13:80:a3:2e:ee:
8f:58:d4:dc:6b:0d:26:2a:2c:2f:44:5e:f6:dd:cf:
6c:ec:d3:95:54:24:9b:aa:a8:1c:f9:5c:ae:5a:95:
fc:af:d5:6a:fc:98:b2:69:c3:0c:c1:63:da:e9:e5:
f0:9f:be:be:be:7a:f5:9b:40:14:49:80:57:87:76:
5c:21:c3:5c:75:ac:0d:93:6c:00:9c:06:ec:22:29:
25:42:79:6c:2f:98:08:19:81:43:0a:90:b2:2f:df:
d6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3E:E7:E1:30:15:F5:C7:F1:0C:42:F3:66:FE:DF:38:DE:29:AA:9F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/8z7n4TAV9cfxDELzZv7fON4pqp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.101.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:63:5c:7c:bc:59:f8:68:85:b6:72:a8:9c:7f:a2:16:8b:1b:
0a:d0:c4:a2:d3:38:c3:db:14:77:5e:db:ad:71:5a:36:c5:cf:
db:30:5d:a6:b6:9b:3b:9b:1f:e9:26:14:73:22:dc:04:9b:71:
e1:6a:3f:e2:c5:da:74:f7:ae:1b:15:27:8d:cd:dc:37:5c:40:
03:cd:78:a5:e7:88:3b:85:f1:8d:bf:f4:fc:e1:7b:99:00:a4:
50:ba:9d:7d:7c:5f:cf:1f:6e:3e:bf:e6:84:a1:b2:70:9b:18:
d2:96:7a:56:6f:75:69:92:21:46:0d:96:60:e8:05:82:55:48:
57:c4:3e:7d:24:c4:f1:bc:f2:15:f4:3e:b9:a6:d4:39:81:4a:
6d:8a:52:dd:3d:4e:6f:22:33:19:d8:67:21:e7:2b:ee:36:53:
88:9c:f8:e5:ce:e1:24:96:4b:90:a5:57:29:2b:43:ec:89:f4:
74:0c:96:b5:05:18:82:06:63:de:71:3c:bd:21:8f:9d:78:a3:
94:a5:bb:4b:82:34:92:16:81:aa:66:55:fd:b8:f4:e2:49:3e:
d8:a6:81:a9:b3:d1:5f:e3:0e:f0:78:88:07:e7:b3:03:09:51:
6b:ce:dc:88:9f:71:66:a8:b4:de:ee:af:6c:4b:34:0f:11:a6:
ce:29:d8:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj5i2jOGd4dkTLk+JY8gWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNlZTdlMTMwMTVmNWM3ZjEwYzQyZjM2NmZlZGYzOGRlMjlhYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45yNHbt3s+vj2DNhmLTrc86nMAr2
AXZxlJfN0onv5zTBKuACC9hItB5SnV4ckWJd8ga90oXur1qgsyZp+qHT4jUw4bDP
eib+Tx7gisg9tb+latP6ZDfBwzxJy/Fki31j5OWdR6TUT12GzbI/zr98WxBVaZf6
ofFWYQUYsv7da5QcvJiLhEdfq9I/YEe8FiooAJBjvsBJcH5/28ObLYQgE4CjLu6P
WNTcaw0mKiwvRF723c9s7NOVVCSbqqgc+VyuWpX8r9Vq/JiyacMMwWPa6eXwn76+
vnr1m0AUSYBXh3ZcIcNcdawNk2wAnAbsIiklQnlsL5gIGYFDCpCyL9/WbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPM+5+EwFfXH8QxC82b+3zjeKaqfMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvOHo3bjRUQVY5Y2Z4REVMelp2N2ZPTjRwcXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknhlMA0G
CSqGSIb3DQEBCwUAA4IBAQAvY1x8vFn4aIW2cqicf6IWixsK0MSi0zjD2xR3Xtut
cVo2xc/bMF2mtps7mx/pJhRzItwEm3Hhaj/ixdp0964bFSeNzdw3XEADzXil54g7
hfGNv/T84XuZAKRQup19fF/PH24+v+aEobJwmxjSlnpWb3VpkiFGDZZg6AWCVUhX
xD59JMTxvPIV9D65ptQ5gUptilLdPU5vIjMZ2Gch5yvuNlOInPjlzuEklkuQpVcp
K0PsifR0DJa1BRiCBmPecTy9IY+deKOUpbtLgjSSFoGqZlX9uPTiST7YpoGps9Ff
4w7weIgH57MDCVFrztyIn3FmqLTe7q9sSzQPEabOKdg9
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:32 2025 by rpki-client