Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Sc4Gtt_hcpccycBPJ6tr__ZH7QQ.roa
File: Sc4Gtt_hcpccycBPJ6tr__ZH7QQ.roa (raw, json)
Hash identifier: MleKgoOmj51T3TFr5HJrtAOa+Nlds1XP6PIgT5F/8wE=
Subject key identifier: 49:CE:06:B6:DF:E1:72:97:1C:C9:C0:4F:27:AB:6B:FF:F6:47:ED:04
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018A6AC81FA8946948DF8464754220B8254B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Sc4Gtt_hcpccycBPJ6tr__ZH7QQ.roa
Signing time: Wed 06 Sep 2023 13:56:54 +0000
ROA not before: Wed 06 Sep 2023 13:56:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41124
IP address blocks: 146.120.176.0/22 maxlen: 24
93.171.64.0/21 maxlen: 24
92.253.208.0/22 maxlen: 24
146.158.64.0/22 maxlen: 24
31.148.140.0/22 maxlen: 24
146.120.200.0/22 maxlen: 24
95.47.32.0/22 maxlen: 24
146.120.124.0/22 maxlen: 24
95.46.232.0/21 maxlen: 24
95.47.192.0/22 maxlen: 24
146.120.152.0/22 maxlen: 24
146.158.24.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:c8:1f:a8:94:69:48:df:84:64:75:42:20:b8:25:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Sep 6 13:56:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49ce06b6dfe172971cc9c04f27ab6bfff647ed04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cd:24:06:51:09:57:de:28:37:33:e7:58:e0:
8e:c5:2a:ca:f0:db:a5:62:17:43:27:2a:cd:ab:72:
5d:8d:06:00:e5:bc:c7:0e:b0:8a:7b:1b:2d:4f:ad:
0d:7e:07:85:29:54:c6:21:0b:39:5c:87:d7:19:93:
17:2b:32:e0:4f:e0:2a:20:8e:43:2a:b5:7c:29:a7:
b8:81:eb:4b:2f:ab:7b:b9:8b:6d:db:b3:8b:83:a0:
9c:b5:94:51:03:82:27:39:66:e8:bb:15:6d:5f:7e:
35:e0:20:c0:7c:5e:70:0b:4a:ae:f5:b4:75:9d:0e:
34:d5:11:47:df:d0:d2:e7:d8:9a:32:d5:6a:36:54:
a3:70:9b:64:99:c0:29:50:09:ee:aa:ae:41:d6:e6:
ef:fc:19:af:fc:f8:54:0d:80:52:a4:0a:04:73:f1:
8c:66:64:4e:5e:3d:1d:a5:e3:85:6d:63:b0:d1:0e:
68:e5:7b:c1:43:33:68:8e:91:09:92:d1:b5:91:11:
32:1a:36:64:a2:30:95:28:07:8a:c9:da:29:dc:13:
0c:d8:94:a2:bb:79:c5:38:b0:b1:05:bc:04:34:39:
10:3f:27:53:56:7f:57:fc:70:3c:37:14:76:3b:f0:
c4:08:ed:df:4b:4f:ed:e4:c1:f4:5d:b2:1c:94:23:
1e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CE:06:B6:DF:E1:72:97:1C:C9:C0:4F:27:AB:6B:FF:F6:47:ED:04
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Sc4Gtt_hcpccycBPJ6tr__ZH7QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.140.0/22
92.253.208.0/22
93.171.64.0/21
95.46.232.0/21
95.47.32.0/22
95.47.192.0/22
146.120.124.0/22
146.120.152.0/22
146.120.176.0/22
146.120.200.0/22
146.158.24.0/22
146.158.64.0/22
Signature Algorithm: sha256WithRSAEncryption
29:28:88:4d:42:64:06:18:62:b0:fe:de:24:a8:58:12:ec:4f:
65:f4:8f:99:dd:75:8c:e2:9c:c1:8c:2e:63:2d:21:13:e3:ce:
0b:7f:05:e1:80:1c:6a:04:19:bf:9f:1e:bc:42:4a:3b:9e:74:
dd:91:8a:0c:ad:42:c0:62:c9:3f:57:c1:cb:be:5e:58:83:58:
43:8e:aa:ab:b1:87:55:21:79:e2:d3:61:2e:16:35:37:3d:35:
11:09:b9:c1:d0:d0:7a:e2:35:ea:95:75:76:87:ed:9c:0c:04:
0a:f8:62:d5:2a:f5:0c:a8:fa:d0:44:2b:a3:ab:ea:44:93:34:
60:c3:f0:7f:7b:43:ba:97:b3:29:05:8b:31:ea:8c:66:7a:aa:
81:30:9f:71:bc:d2:6e:8f:ac:77:d3:70:0d:2f:f1:ad:88:ef:
08:c8:ad:7a:61:7a:2c:e1:4a:bf:9d:6e:8a:8c:7a:bb:07:f6:
16:08:48:09:16:18:ce:fa:3f:20:84:f7:d3:e5:2e:a6:bc:36:
a5:7e:c5:52:fb:2b:33:cc:74:a6:21:58:13:8f:a5:ad:85:da:
32:75:e9:92:23:58:ac:d2:d3:19:94:95:fe:4b:cf:4f:16:ba:
40:0e:00:83:e4:5d:4f:ee:39:89:3b:80:5b:aa:ce:f6:3e:3f:
cb:08:88:13
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYpqyB+olGlI34RkdUIguCVLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwOTA2MTM1NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWNlMDZiNmRmZTE3Mjk3MWNjOWMwNGYyN2FiNmJmZmY2NDdlZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgc0kBlEJV94oNzPnWOCOxSrK8Nul
YhdDJyrNq3JdjQYA5bzHDrCKexstT60NfgeFKVTGIQs5XIfXGZMXKzLgT+AqII5D
KrV8Kae4getLL6t7uYtt27OLg6CctZRRA4InOWbouxVtX3414CDAfF5wC0qu9bR1
nQ401RFH39DS59iaMtVqNlSjcJtkmcApUAnuqq5B1ubv/Bmv/PhUDYBSpAoEc/GM
ZmROXj0dpeOFbWOw0Q5o5XvBQzNojpEJktG1kREyGjZkojCVKAeKydop3BMM2JSi
u3nFOLCxBbwENDkQPydTVn9X/HA8NxR2O/DECO3fS0/t5MH0XbIclCMehQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEnOBrbf4XKXHMnATyera//2R+0EMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvU2M0R3R0X2hjcGNjeWNCUEo2dHJfX1pIN1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCH5SMAwQC
XP3QAwQDXatAAwQDXy7oAwQCXy8gAwQCXy/AAwQCknh8AwQCkniYAwQCkniwAwQC
knjIAwQCkp4YAwQCkp5AMA0GCSqGSIb3DQEBCwUAA4IBAQApKIhNQmQGGGKw/t4k
qFgS7E9l9I+Z3XWM4pzBjC5jLSET484LfwXhgBxqBBm/nx68Qko7nnTdkYoMrULA
Ysk/V8HLvl5Yg1hDjqqrsYdVIXni02EuFjU3PTURCbnB0NB64jXqlXV2h+2cDAQK
+GLVKvUMqPrQRCujq+pEkzRgw/B/e0O6l7MpBYsx6oxmeqqBMJ9xvNJuj6x303AN
L/GtiO8IyK16YXos4Uq/nW6KjHq7B/YWCEgJFhjO+j8ghPfT5S6mvDalfsVS+ysz
zHSmIVgTj6WthdoydemSI1is0tMZlJX+S89PFrpADgCD5F1P7jmJO4Bbqs72Pj/L
CIgT
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:46:22 2025 by rpki-client