Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DFXX4nmdOCjVa8DJroKWyz34qFc.roa
File: DFXX4nmdOCjVa8DJroKWyz34qFc.roa (raw, json)
Hash identifier: eaNELiFzAoN1ZRgqMDVhQXDQEJAvpjI4y3hEN98kku8=
Subject key identifier: 0C:55:D7:E2:79:9D:38:28:D5:6B:C0:C9:AE:82:96:CB:3D:F8:A8:57
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018570952B9190EBFDC44CE9D471AA81C544
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DFXX4nmdOCjVa8DJroKWyz34qFc.roa
Signing time: Mon 02 Jan 2023 03:45:02 +0000
ROA not before: Mon 02 Jan 2023 03:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44340
IP address blocks: 146.120.174.0/24 maxlen: 24
146.120.174.0/23 maxlen: 23
146.120.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:2b:91:90:eb:fd:c4:4c:e9:d4:71:aa:81:c5:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c55d7e2799d3828d56bc0c9ae8296cb3df8a857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cf:3b:b2:ab:7d:91:40:7f:48:13:dd:18:ef:
d9:90:7a:99:2d:ea:ea:d0:4f:b4:fa:c6:a5:77:31:
bf:34:8e:d1:8d:95:a6:68:04:9f:3f:64:4c:bb:f3:
5a:f5:e1:95:3a:7c:86:fe:ee:07:37:50:87:4c:42:
d0:23:bc:3e:68:fd:04:e9:24:9f:a0:19:e5:eb:21:
00:f0:eb:a9:90:43:2c:7a:b8:83:d1:07:fb:b2:13:
1b:79:6e:ab:58:53:07:af:a3:e7:cd:03:e6:ef:5a:
eb:6d:2e:3a:39:32:90:53:89:0d:78:77:27:12:ff:
e5:36:93:43:f1:32:ef:d5:fc:3d:c6:d1:28:96:a7:
89:95:3d:f0:66:e3:3a:0f:fa:f9:db:0b:35:69:2b:
bf:e2:22:34:26:08:d7:50:79:2b:4a:22:8a:b5:c1:
33:4a:ff:c7:b0:7e:57:0e:43:08:97:8b:8b:81:5b:
3f:3d:56:49:20:c6:34:bc:ca:89:bc:2c:28:44:f9:
bf:46:f9:73:d8:b1:56:53:13:b5:37:eb:da:95:d2:
37:d6:5c:6d:e6:8f:a4:87:39:ce:7a:a9:7f:ee:a9:
39:be:10:ca:8f:2c:d3:5d:dc:31:b2:bf:6a:a5:72:
20:78:42:7d:91:ce:56:95:7b:0c:3b:1b:be:41:4a:
43:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:55:D7:E2:79:9D:38:28:D5:6B:C0:C9:AE:82:96:CB:3D:F8:A8:57
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/DFXX4nmdOCjVa8DJroKWyz34qFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.174.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:3c:6b:9c:89:25:fe:03:ed:3b:be:20:67:07:57:ea:06:ea:
db:c9:5f:9f:71:9f:fd:b9:0f:d5:c4:e8:ea:c2:49:a3:b6:8b:
aa:79:5c:04:e4:02:2b:00:c7:14:42:f4:24:e7:51:25:73:6e:
19:04:c8:db:ae:0b:b3:0c:3e:1d:4a:3d:ea:05:33:4f:fd:c4:
f0:c1:95:52:f6:db:16:32:a5:5f:33:aa:2f:1c:67:66:5e:68:
27:79:9c:25:f1:33:5c:f7:cd:f0:d3:e3:12:7e:62:73:2a:47:
98:19:e3:e1:ed:05:66:2a:0d:1b:1f:87:2e:a3:c0:8a:d1:b2:
db:c2:59:31:d1:61:39:3e:59:58:0f:95:e5:9a:df:21:8f:10:
5e:92:89:8c:50:18:99:45:f4:52:ea:21:4d:51:10:59:d0:0b:
eb:a1:c4:88:ae:c7:3e:45:10:be:85:a1:af:f2:51:65:81:f0:
a9:17:ea:c6:dd:af:3d:bd:f6:f8:92:0c:9d:8c:ef:8e:34:a4:
5b:14:35:4c:58:3c:86:ee:89:dd:78:92:60:f3:2c:81:ec:c2:
39:f2:91:ae:83:17:f7:78:25:ae:31:39:ca:20:0a:3b:99:19:
b7:06:5a:4b:88:06:86:5f:6f:52:25:5d:0e:63:8a:56:0a:cd:
f7:e5:34:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlSuRkOv9xEzp1HGqgcVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzU1ZDdlMjc5OWQzODI4ZDU2YmMwYzlhZTgyOTZjYjNkZjhhODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj887sqt9kUB/SBPdGO/ZkHqZLerq
0E+0+saldzG/NI7RjZWmaASfP2RMu/Na9eGVOnyG/u4HN1CHTELQI7w+aP0E6SSf
oBnl6yEA8OupkEMseriD0Qf7shMbeW6rWFMHr6PnzQPm71rrbS46OTKQU4kNeHcn
Ev/lNpND8TLv1fw9xtEolqeJlT3wZuM6D/r52ws1aSu/4iI0JgjXUHkrSiKKtcEz
Sv/HsH5XDkMIl4uLgVs/PVZJIMY0vMqJvCwoRPm/Rvlz2LFWUxO1N+valdI31lxt
5o+khznOeql/7qk5vhDKjyzTXdwxsr9qpXIgeEJ9kc5WlXsMOxu+QUpDuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxV1+J5nTgo1WvAya6Clss9+KhXMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvREZYWDRubWRPQ2pWYThESnJvS1d5ejM0cUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkniuMA0G
CSqGSIb3DQEBCwUAA4IBAQCiPGuciSX+A+07viBnB1fqBurbyV+fcZ/9uQ/VxOjq
wkmjtouqeVwE5AIrAMcUQvQk51Elc24ZBMjbrguzDD4dSj3qBTNP/cTwwZVS9tsW
MqVfM6ovHGdmXmgneZwl8TNc983w0+MSfmJzKkeYGePh7QVmKg0bH4cuo8CK0bLb
wlkx0WE5PllYD5Xlmt8hjxBekomMUBiZRfRS6iFNURBZ0AvrocSIrsc+RRC+haGv
8lFlgfCpF+rG3a89vfb4kgydjO+ONKRbFDVMWDyG7ondeJJg8yyB7MI58pGugxf3
eCWuMTnKIAo7mRm3BlpLiAaGX29SJV0OY4pWCs335TRl
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:36 2025 by rpki-client