Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Gj5m29lcASe4jmX9BtrRBrUN4yc.roa
File: Gj5m29lcASe4jmX9BtrRBrUN4yc.roa (raw, json)
Hash identifier: mZAVEMvHoKKP7t3mYz4kQMMzKJEZpnhCA+g3Z/c82R8=
Subject key identifier: 1A:3E:66:DB:D9:5C:01:27:B8:8E:65:FD:06:DA:D1:06:B5:0D:E3:27
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FFC5937465399E21972142769EB77
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Gj5m29lcASe4jmX9BtrRBrUN4yc.roa
Signing time: Thu 02 Jan 2025 05:49:40 +0000
ROA not before: Thu 02 Jan 2025 05:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208087
IP address blocks: 146.120.158.0/23 maxlen: 24
146.120.196.0/23 maxlen: 24
146.120.246.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:fc:59:37:46:53:99:e2:19:72:14:27:69:eb:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a3e66dbd95c0127b88e65fd06dad106b50de327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3c:e8:4b:1e:72:27:86:2e:e5:a9:e9:ea:f7:
62:82:b6:24:c2:2d:26:e8:e2:b4:a5:67:dc:0c:9e:
84:eb:b8:93:95:cc:eb:04:30:1c:09:d6:70:29:cb:
41:f7:9d:02:59:e6:88:e0:e5:bb:31:2d:53:31:1c:
34:3d:94:a6:cf:23:90:6d:b6:1b:58:45:de:45:99:
b9:f1:7d:9e:96:a6:68:8a:76:4d:e1:a2:83:bc:28:
18:35:4d:99:27:9e:53:10:67:62:35:42:b0:ed:3a:
58:0d:ff:fa:a9:98:ea:57:f6:db:40:dd:09:5f:6f:
30:fa:0b:e5:3c:e1:2f:f2:75:4f:b2:7e:e3:a6:b1:
bd:69:14:58:c7:c4:4a:40:c8:5b:a8:0b:ae:9d:ec:
b5:f9:53:bb:53:1a:be:02:1e:70:22:88:30:24:e2:
f7:51:6b:78:f4:29:10:a3:de:e9:6e:02:9b:71:ff:
1b:34:66:b2:8f:76:95:52:68:4c:e5:b1:fa:72:ef:
f0:c7:f1:9f:9b:66:f8:67:b5:09:66:76:95:13:5b:
c6:37:31:70:ca:82:5c:c3:9e:c3:12:c2:00:f0:3d:
e6:1c:3e:e1:75:b5:07:f3:50:29:10:88:8a:41:53:
18:cc:f0:74:5a:47:50:07:45:da:0f:1b:b6:98:bf:
2a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:3E:66:DB:D9:5C:01:27:B8:8E:65:FD:06:DA:D1:06:B5:0D:E3:27
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Gj5m29lcASe4jmX9BtrRBrUN4yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.158.0/23
146.120.196.0/23
146.120.246.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:88:79:a9:09:2b:77:c1:a0:f2:57:b7:08:41:c7:a1:dd:ac:
21:4b:2e:70:b9:c1:64:d5:d4:0d:ea:82:57:b4:ad:6f:b1:77:
af:07:1e:e7:1a:29:b9:ed:4e:f2:07:d2:c2:44:fc:e1:7f:bb:
f4:93:6b:ab:bb:77:b0:76:71:96:e3:3f:16:9e:98:86:b5:e9:
df:01:e2:94:48:30:dd:57:a1:91:f3:dc:8d:41:e6:3f:65:19:
35:61:8f:9d:67:67:3a:57:59:90:43:10:0c:f1:76:8e:6e:49:
0c:fa:be:08:f8:d9:f7:43:df:d7:cd:6d:fd:6f:df:c4:e5:d7:
ac:c3:bd:a0:af:7d:ad:ca:c7:50:d4:6b:cb:f6:47:00:f1:04:
f2:6d:d5:4f:c2:8c:bf:53:d0:ac:86:4e:34:8f:10:2e:e3:b3:
ea:5b:2d:a7:5f:31:6a:c9:94:76:23:3e:dd:09:4d:cf:fe:58:
4d:19:c7:3a:c6:a7:9d:76:e6:0a:8c:55:f6:0d:95:4f:5b:2e:
33:5b:ae:06:18:cb:29:69:0e:3c:96:bd:2f:4c:c6:ec:65:0c:
96:b2:5d:c1:0b:52:4d:75:05:16:ab:df:81:ae:8c:d9:3a:40:
f6:cb:02:e5:b7:2c:2f:45:4c:e0:2e:06:f4:49:1c:74:c1:3e:
0f:6d:b9:9b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlj/xZN0ZTmeIZchQnaet3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTNlNjZkYmQ5NWMwMTI3Yjg4ZTY1ZmQwNmRhZDEwNmI1MGRlMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszzoSx5yJ4Yu5anp6vdigrYkwi0m
6OK0pWfcDJ6E67iTlczrBDAcCdZwKctB950CWeaI4OW7MS1TMRw0PZSmzyOQbbYb
WEXeRZm58X2elqZoinZN4aKDvCgYNU2ZJ55TEGdiNUKw7TpYDf/6qZjqV/bbQN0J
X28w+gvlPOEv8nVPsn7jprG9aRRYx8RKQMhbqAuuney1+VO7Uxq+Ah5wIogwJOL3
UWt49CkQo97pbgKbcf8bNGayj3aVUmhM5bH6cu/wx/Gfm2b4Z7UJZnaVE1vGNzFw
yoJcw57DEsIA8D3mHD7hdbUH81ApEIiKQVMYzPB0WkdQB0XaDxu2mL8q9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBo+ZtvZXAEnuI5l/Qba0Qa1DeMnMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvR2o1bTI5bGNBU2U0am1YOUJ0clJCclVONHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBknieAwQB
knjEAwQBknj2MA0GCSqGSIb3DQEBCwUAA4IBAQCKiHmpCSt3waDyV7cIQceh3awh
Sy5wucFk1dQN6oJXtK1vsXevBx7nGim57U7yB9LCRPzhf7v0k2uru3ewdnGW4z8W
npiGtenfAeKUSDDdV6GR89yNQeY/ZRk1YY+dZ2c6V1mQQxAM8XaObkkM+r4I+Nn3
Q9/XzW39b9/E5desw72gr32tysdQ1GvL9kcA8QTybdVPwoy/U9Cshk40jxAu47Pq
Wy2nXzFqyZR2Iz7dCU3P/lhNGcc6xqedduYKjFX2DZVPWy4zW64GGMspaQ48lr0v
TMbsZQyWsl3BC1JNdQUWq9+BrozZOkD2ywLltywvRUzgLgb0SRx0wT4Pbbmb
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:44:10 2025 by rpki-client