Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/K8D0f0MUjk2sSjgTBOzezz6svLk.roa
File: K8D0f0MUjk2sSjgTBOzezz6svLk.roa (raw, json)
Hash identifier: FSZm3cJ6H7VZuIMVol8wOFUHDyxjWQVcYEfeyQ+/wc8=
Subject key identifier: 2B:C0:F4:7F:43:14:8E:4D:AC:4A:38:13:04:EC:DE:CF:3E:AC:BC:B9
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0187476CA7527A836D8C051A85D3958A3D88
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/K8D0f0MUjk2sSjgTBOzezz6svLk.roa
Signing time: Mon 03 Apr 2023 14:01:55 +0000
ROA not before: Mon 03 Apr 2023 14:01:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50576
IP address blocks: 146.120.185.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:6c:a7:52:7a:83:6d:8c:05:1a:85:d3:95:8a:3d:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Apr 3 14:01:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bc0f47f43148e4dac4a381304ecdecf3eacbcb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:78:3f:d5:0c:c9:35:b5:d6:08:63:85:e3:aa:
9a:5c:65:65:8e:5a:c4:ac:ae:2e:b4:6c:0c:d0:96:
b9:da:0f:c8:5d:01:0e:1b:e8:b9:f6:ef:c5:b3:13:
47:5d:18:fa:6b:5f:c6:06:48:71:a9:05:fd:4e:30:
d6:5a:c3:01:c6:37:c2:0b:76:7d:f0:0a:1d:28:f2:
da:bc:0b:c0:ab:7d:87:d8:33:9a:ca:56:44:8a:7c:
4b:99:9c:44:3e:08:a0:f4:01:f4:c6:c3:8d:28:22:
39:b0:93:6b:99:4f:ad:5f:c1:f6:5d:6b:c2:77:cc:
8d:a5:2e:d7:f6:c9:4e:ae:d4:96:c8:35:20:1f:79:
0e:a6:63:83:b0:91:fd:08:f2:fb:19:b7:7b:52:ed:
7e:0d:e0:22:ad:c5:fe:cb:85:f7:ed:94:70:66:bd:
90:9c:1d:ef:29:8b:9a:bb:92:74:19:67:2d:0e:b8:
58:ec:e6:ca:b8:db:65:e0:7c:d7:40:6d:9c:9e:f1:
96:45:24:b3:9b:cd:3e:04:83:07:c2:b9:94:e2:2d:
f5:ec:ab:b9:60:22:ae:65:74:10:53:cb:98:d3:fe:
7b:7c:a2:a7:b9:f4:42:dc:aa:2d:fe:4c:e1:33:05:
cf:e6:98:ce:58:8d:b1:39:65:30:72:90:f9:32:c4:
f7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C0:F4:7F:43:14:8E:4D:AC:4A:38:13:04:EC:DE:CF:3E:AC:BC:B9
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/K8D0f0MUjk2sSjgTBOzezz6svLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.185.0/24
Signature Algorithm: sha256WithRSAEncryption
71:59:59:ee:61:13:59:78:62:d9:29:15:5a:d9:a7:69:49:b2:
8d:08:b0:25:ee:0a:d3:83:7c:a0:e7:76:ea:82:70:38:03:5f:
8d:3e:7b:4f:25:fb:9e:76:ae:96:74:29:07:b3:2c:37:1e:63:
05:d1:68:4e:1d:a6:3b:b9:f3:ce:29:35:34:43:a8:4e:70:8b:
4d:0c:71:af:e7:15:4a:20:d6:8a:ce:e7:2c:d8:d9:33:a8:0a:
d0:02:20:1b:fd:5b:b6:75:b0:01:35:2c:4b:aa:97:b6:44:3c:
0f:ca:58:f0:02:37:11:dc:c0:15:a5:b6:ca:5c:fe:42:71:75:
6b:42:57:5d:80:f4:06:c9:5e:62:43:00:77:ac:4e:97:40:ad:
28:be:4c:51:ec:5d:9a:2a:e2:51:a0:16:f0:3f:ef:8f:cf:c0:
ee:7d:4e:69:03:e7:4d:1a:ab:9a:ce:29:46:22:84:86:82:c3:
68:89:80:df:db:c1:f2:ad:99:3c:a2:f9:a9:f8:7f:fa:2b:d1:
37:42:f8:60:13:04:98:3b:cc:f1:05:49:10:a9:e9:10:ca:e1:
fb:cf:17:47:13:8b:b6:e2:01:3d:bb:d5:06:60:e3:a1:70:ce:
0c:6d:67:cb:ad:de:a1:5a:eb:6d:c3:a6:26:f8:65:69:9b:a2:
3d:c0:ed:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdHbKdSeoNtjAUahdOVij2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwNDAzMTQwMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmMwZjQ3ZjQzMTQ4ZTRkYWM0YTM4MTMwNGVjZGVjZjNlYWNiY2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXg/1QzJNbXWCGOF46qaXGVljlrE
rK4utGwM0Ja52g/IXQEOG+i59u/FsxNHXRj6a1/GBkhxqQX9TjDWWsMBxjfCC3Z9
8AodKPLavAvAq32H2DOaylZEinxLmZxEPgig9AH0xsONKCI5sJNrmU+tX8H2XWvC
d8yNpS7X9slOrtSWyDUgH3kOpmODsJH9CPL7Gbd7Uu1+DeAircX+y4X37ZRwZr2Q
nB3vKYuau5J0GWctDrhY7ObKuNtl4HzXQG2cnvGWRSSzm80+BIMHwrmU4i317Ku5
YCKuZXQQU8uY0/57fKKnufRC3Kot/kzhMwXP5pjOWI2xOWUwcpD5MsT37wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvA9H9DFI5NrEo4EwTs3s8+rLy5MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSzhEMGYwTVVqazJzU2pnVEJPemV6ejZzdkxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkni5MA0G
CSqGSIb3DQEBCwUAA4IBAQBxWVnuYRNZeGLZKRVa2adpSbKNCLAl7grTg3yg53bq
gnA4A1+NPntPJfuedq6WdCkHsyw3HmMF0WhOHaY7ufPOKTU0Q6hOcItNDHGv5xVK
INaKzucs2NkzqArQAiAb/Vu2dbABNSxLqpe2RDwPyljwAjcR3MAVpbbKXP5CcXVr
QlddgPQGyV5iQwB3rE6XQK0ovkxR7F2aKuJRoBbwP++Pz8DufU5pA+dNGquazilG
IoSGgsNoiYDf28HyrZk8ovmp+H/6K9E3QvhgEwSYO8zxBUkQqekQyuH7zxdHE4u2
4gE9u9UGYOOhcM4MbWfLrd6hWuttw6Ym+GVpm6I9wO0g
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:31:49 2025 by rpki-client