Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/RifWhf925P_a9N_Z52_zhYjdz08.roa
File: RifWhf925P_a9N_Z52_zhYjdz08.roa (raw, json)
Hash identifier: /iXeknEoc9U0eH8ZuDY1RjSBFgpXgXRz0tvYfz6orWk=
Subject key identifier: 46:27:D6:85:FF:76:E4:FF:DA:F4:DF:D9:E7:6F:F3:85:88:DD:CF:4F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A380B9FE726A6F649C000B1CFC9A4
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/RifWhf925P_a9N_Z52_zhYjdz08.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201012
IP address blocks: 146.158.48.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:38:0b:9f:e7:26:a6:f6:49:c0:00:b1:cf:c9:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4627d685ff76e4ffdaf4dfd9e76ff38588ddcf4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:05:61:2f:b3:b1:d3:ac:a9:37:91:b3:73:e2:
20:bb:d2:28:18:74:18:b5:15:92:d3:d9:60:4d:40:
c5:bc:85:a2:e9:b8:a2:96:dc:ec:af:c4:21:16:fb:
74:ef:a4:46:21:a9:c6:bb:03:6d:9f:9a:7e:40:13:
22:96:94:ec:e2:ac:9c:13:db:b6:0b:27:11:c6:97:
06:b9:3a:90:82:ff:77:37:42:3e:af:77:c1:1e:7c:
cb:fd:3a:05:48:2d:88:57:2a:a9:ed:4c:ff:fc:7a:
8e:82:40:0e:dc:f7:ba:16:fb:95:f1:1e:16:ae:2b:
09:a8:06:8c:ad:b4:dc:07:7a:b1:c4:eb:63:33:07:
0f:e4:4f:61:06:74:67:9f:d3:fc:c9:7c:b5:b4:89:
44:25:4b:0c:40:dd:fc:8e:45:e0:7b:be:6a:e9:43:
c9:41:49:b7:5a:bd:d9:bf:1f:2c:7b:e3:2f:70:b4:
4c:a6:19:98:4d:d9:5d:a9:c1:80:97:45:6f:87:3f:
f8:eb:f9:3b:42:92:c8:4d:15:88:56:38:21:5b:a8:
10:87:50:b1:da:19:d4:88:a4:bb:6c:76:96:64:9b:
21:ea:09:6d:43:78:02:79:d7:75:8d:92:a2:d5:ac:
23:b4:0b:19:f3:7a:3d:54:c6:63:fd:d5:06:b2:fa:
33:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:27:D6:85:FF:76:E4:FF:DA:F4:DF:D9:E7:6F:F3:85:88:DD:CF:4F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/RifWhf925P_a9N_Z52_zhYjdz08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.158.48.0/21
Signature Algorithm: sha256WithRSAEncryption
8f:bd:6e:f0:d6:a7:88:c1:ad:50:c7:71:f0:95:65:f6:42:b9:
b9:d4:c3:cd:a9:fc:ee:84:32:e1:fa:df:ea:65:60:b9:1c:64:
9a:11:53:31:ef:a9:b1:c3:43:79:69:89:a1:86:23:2b:04:20:
5c:3a:ac:17:ce:96:a4:44:1e:25:75:11:fa:da:ba:75:64:dd:
4d:e8:24:67:7b:f1:fd:00:5d:da:88:ac:85:f8:0b:50:ca:c5:
b6:87:2d:f9:5d:fc:7a:50:3c:04:1d:23:f8:8e:76:9f:e1:27:
6e:6f:bb:10:31:48:1a:7c:4f:e0:24:3a:08:7d:49:87:5f:65:
15:58:f5:59:07:83:cf:46:ad:43:8c:fe:16:c1:bd:e9:90:7f:
16:a3:1f:21:b7:c3:a9:a2:e9:e3:ff:26:1d:8f:73:20:dc:3a:
ca:d7:eb:eb:d0:8a:8d:d3:8b:58:5a:b8:91:5a:d8:1c:c7:0d:
b1:61:81:d4:45:5e:d9:86:b0:be:3c:15:a4:67:c0:c4:2e:44:
44:d6:39:5d:c8:37:ab:50:2e:3d:3b:92:0d:a6:4c:07:11:11:
96:e4:15:94:e5:fd:a8:04:0d:0a:67:84:67:49:7a:ea:ff:f4:
fa:b9:37:ca:2c:81:23:ca:7c:aa:e7:13:c5:c4:50:1a:ff:99:
3c:34:b5:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKjgLn+cmpvZJwACxz8mkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjI3ZDY4NWZmNzZlNGZmZGFmNGRmZDllNzZmZjM4NTg4ZGRjZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAVhL7Ox06ypN5Gzc+Igu9IoGHQY
tRWS09lgTUDFvIWi6biiltzsr8QhFvt076RGIanGuwNtn5p+QBMilpTs4qycE9u2
CycRxpcGuTqQgv93N0I+r3fBHnzL/ToFSC2IVyqp7Uz//HqOgkAO3Pe6FvuV8R4W
risJqAaMrbTcB3qxxOtjMwcP5E9hBnRnn9P8yXy1tIlEJUsMQN38jkXge75q6UPJ
QUm3Wr3Zvx8se+MvcLRMphmYTdldqcGAl0Vvhz/46/k7QpLITRWIVjghW6gQh1Cx
2hnUiKS7bHaWZJsh6gltQ3gCedd1jZKi1awjtAsZ83o9VMZj/dUGsvozoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEYn1oX/duT/2vTf2edv84WI3c9PMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUmlmV2hmOTI1UF9hOU5fWjUyX3poWWpkejA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDkp4wMA0G
CSqGSIb3DQEBCwUAA4IBAQCPvW7w1qeIwa1Qx3HwlWX2Qrm51MPNqfzuhDLh+t/q
ZWC5HGSaEVMx76mxw0N5aYmhhiMrBCBcOqwXzpakRB4ldRH62rp1ZN1N6CRne/H9
AF3aiKyF+AtQysW2hy35Xfx6UDwEHSP4jnaf4Sdub7sQMUgafE/gJDoIfUmHX2UV
WPVZB4PPRq1DjP4Wwb3pkH8Wox8ht8Opounj/yYdj3Mg3DrK1+vr0IqN04tYWriR
Wtgcxw2xYYHURV7ZhrC+PBWkZ8DELkRE1jldyDerUC49O5INpkwHERGW5BWU5f2o
BA0KZ4RnSXrq//T6uTfKLIEjynyq5xPFxFAa/5k8NLUR
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:06:04 2025 by rpki-client