Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Lil3XtCQAXpAzeUI4NCHVT25sAY.roa
File: Lil3XtCQAXpAzeUI4NCHVT25sAY.roa (raw, json)
Hash identifier: YBP7Bn08pWuriqJJvLgtj19o9TNDYKcGpAGnJtk1qoQ=
Subject key identifier: 2E:29:77:5E:D0:90:01:7A:40:CD:E5:08:E0:D0:87:55:3D:B9:B0:06
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709551C4922274518C0B3A7314ADBBC8
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Lil3XtCQAXpAzeUI4NCHVT25sAY.roa
Signing time: Mon 02 Jan 2023 03:45:12 +0000
ROA not before: Mon 02 Jan 2023 03:45:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51503
IP address blocks: 146.120.232.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:51:c4:92:22:74:51:8c:0b:3a:73:14:ad:bb:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e29775ed090017a40cde508e0d087553db9b006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9f:1b:02:07:9f:69:ee:1b:62:57:d8:03:3f:
2b:74:e5:ff:e5:97:55:04:f7:c1:81:6e:2a:bf:da:
82:a3:1b:5b:53:56:86:b3:89:8f:b0:74:05:2e:03:
41:e0:b5:4f:67:4f:a3:c7:18:96:72:65:f0:c3:bc:
ff:c3:1b:2a:ab:86:28:25:67:2d:44:d6:e6:1c:b8:
49:52:2c:26:d3:90:d5:a0:f8:1e:72:4b:bf:fe:d4:
9b:db:79:5c:7b:c7:1a:4e:0b:8b:15:fa:53:03:b0:
5d:48:c3:55:72:fb:98:1b:1b:12:d9:44:5b:ae:96:
be:17:bc:24:fd:82:cb:8d:75:62:18:5b:07:59:2d:
48:0c:64:f4:9e:8a:40:3e:43:8e:41:0c:ce:53:3b:
0d:59:7d:86:ee:a3:85:9c:bd:c3:32:3b:df:71:f0:
f2:26:b4:17:22:51:d5:f2:cd:77:f6:7a:28:77:87:
a1:0a:d5:5e:86:de:c6:42:49:e4:1f:07:34:73:5b:
8a:d6:2c:e7:3c:68:5b:3a:7b:ca:bf:b7:32:66:dc:
46:d0:25:2e:12:54:0d:e9:b4:ea:93:0d:15:b8:07:
55:76:1f:f9:84:8c:ed:cc:a9:08:69:d0:42:fd:59:
a8:1f:af:7a:62:5a:21:43:3a:33:c9:38:cb:4a:c3:
ef:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:29:77:5E:D0:90:01:7A:40:CD:E5:08:E0:D0:87:55:3D:B9:B0:06
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Lil3XtCQAXpAzeUI4NCHVT25sAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.232.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:04:9a:2b:b8:b7:6a:ee:80:94:b9:59:d6:91:7b:1f:af:ed:
98:c3:c6:8c:7d:06:e3:b1:35:38:71:70:c1:27:3d:f5:0c:26:
61:46:5a:ad:2b:d0:90:dd:0d:8c:d0:f3:48:bf:6e:ca:7d:12:
6b:9a:7b:ad:a0:bd:79:18:e9:92:6c:f7:22:89:0f:f0:0f:10:
3a:53:2d:1d:ee:09:b8:e7:f6:ca:f3:93:7c:b8:d0:0e:e9:01:
11:63:d1:39:e2:81:7b:c5:ec:ab:93:71:88:eb:c2:43:84:55:
45:a9:9f:92:3e:18:e8:e2:67:c9:b5:1f:e2:d9:40:83:d7:fd:
a6:90:34:c3:62:01:04:e0:00:97:05:22:43:84:e0:7d:36:1e:
70:8a:c8:2a:4f:d1:5c:9f:34:d3:25:5d:ed:a3:e0:71:19:18:
ff:fd:41:fa:2b:1d:e5:b4:c2:f2:86:5e:d8:3b:88:aa:f1:4b:
7b:91:95:58:b8:ac:bf:08:76:d3:a1:e4:8b:4f:a0:b7:10:28:
ae:5a:b5:7a:0b:a8:df:94:e0:1d:b6:05:91:3b:b6:d4:bc:ed:
0f:95:1a:c4:82:e0:44:3b:1b:2d:04:33:f1:1b:49:89:0b:6d:
48:6d:ef:36:5b:43:46:50:59:24:24:45:e1:19:8b:bd:a7:0b:
b8:5f:fd:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlVHEkiJ0UYwLOnMUrbvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTI5Nzc1ZWQwOTAwMTdhNDBjZGU1MDhlMGQwODc1NTNkYjliMDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz58bAgefae4bYlfYAz8rdOX/5ZdV
BPfBgW4qv9qCoxtbU1aGs4mPsHQFLgNB4LVPZ0+jxxiWcmXww7z/wxsqq4YoJWct
RNbmHLhJUiwm05DVoPgecku//tSb23lce8caTguLFfpTA7BdSMNVcvuYGxsS2URb
rpa+F7wk/YLLjXViGFsHWS1IDGT0nopAPkOOQQzOUzsNWX2G7qOFnL3DMjvfcfDy
JrQXIlHV8s139nood4ehCtVeht7GQknkHwc0c1uK1iznPGhbOnvKv7cyZtxG0CUu
ElQN6bTqkw0VuAdVdh/5hIztzKkIadBC/VmoH696YlohQzozyTjLSsPvawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4pd17QkAF6QM3lCODQh1U9ubAGMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTGlsM1h0Q1FBWHBBemVVSTROQ0hWVDI1c0FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBknjoMA0G
CSqGSIb3DQEBCwUAA4IBAQBKBJoruLdq7oCUuVnWkXsfr+2Yw8aMfQbjsTU4cXDB
Jz31DCZhRlqtK9CQ3Q2M0PNIv27KfRJrmnutoL15GOmSbPciiQ/wDxA6Uy0d7gm4
5/bK85N8uNAO6QERY9E54oF7xeyrk3GI68JDhFVFqZ+SPhjo4mfJtR/i2UCD1/2m
kDTDYgEE4ACXBSJDhOB9Nh5wisgqT9FcnzTTJV3to+BxGRj//UH6Kx3ltMLyhl7Y
O4iq8Ut7kZVYuKy/CHbToeSLT6C3ECiuWrV6C6jflOAdtgWRO7bUvO0PlRrEguBE
OxstBDPxG0mJC21Ibe82W0NGUFkkJEXhGYu9pwu4X/2J
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:13 2025 by rpki-client