Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YKuOq7mIxTBCQUQeOfNc_8N1PT4.roa
File: YKuOq7mIxTBCQUQeOfNc_8N1PT4.roa (raw, json)
Hash identifier: MfqkLZi3XNhrfCDtsTdjGQn0GheeRg/Nda3cpkMkKjE=
Subject key identifier: 60:AB:8E:AB:B9:88:C5:30:42:41:44:1E:39:F3:5C:FF:C3:75:3D:3E
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 279B5B9C
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YKuOq7mIxTBCQUQeOfNc_8N1PT4.roa
Signing time: Sat 01 Jan 2022 16:08:25 +0000
ROA not before: Sat 01 Jan 2022 16:08:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47551
IP address blocks: 146.120.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 664492956 (0x279b5b9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60ab8eabb988c5304241441e39f35cffc3753d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c3:6b:a7:25:46:79:c4:21:05:6f:f1:8f:64:
4a:21:30:46:d1:8b:a6:5f:34:86:fd:03:cb:cb:e3:
6d:f6:c3:c2:ae:a2:35:1c:e3:a4:91:d9:f2:ef:5d:
c0:79:83:ab:bc:f6:2d:e3:be:c9:4d:8a:b1:75:18:
9b:09:74:99:d6:47:71:f3:30:74:8f:4e:d5:24:10:
ca:70:7a:9a:84:e6:fd:1c:5c:32:e4:70:79:f8:70:
33:bc:8d:3b:62:8e:d3:3e:44:e7:93:72:27:7d:39:
7f:b5:79:36:57:c3:20:42:a3:e5:5e:38:79:45:ac:
fd:4b:8b:bb:06:c9:67:e5:f9:43:11:7c:1e:43:c1:
64:06:79:3b:79:52:ae:2a:72:26:1c:5a:ea:52:5a:
e7:56:13:a2:ae:29:a1:f5:b7:d8:e6:8c:12:a2:a4:
69:63:15:86:b3:be:bf:8c:bf:63:00:d5:66:6f:5c:
70:4a:35:28:8b:1d:32:9b:e0:26:6c:d9:c1:43:25:
7d:5d:8b:d5:01:09:21:e0:a5:40:48:f9:a6:08:81:
d2:f9:5e:f2:b1:32:0a:70:b9:f4:65:9b:33:89:9b:
89:75:81:30:7d:bb:ea:36:12:1b:87:6a:72:33:09:
b8:50:73:7e:43:3d:9e:ce:0e:72:e0:74:fd:ca:1f:
e5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AB:8E:AB:B9:88:C5:30:42:41:44:1E:39:F3:5C:FF:C3:75:3D:3E
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/YKuOq7mIxTBCQUQeOfNc_8N1PT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.252.0/22
Signature Algorithm: sha256WithRSAEncryption
15:dc:f0:78:ca:0b:fa:f1:24:4b:fd:c9:61:bf:18:29:1e:a0:
1a:72:7e:18:32:f7:df:39:f0:14:91:8e:8d:c1:fd:0e:3b:5e:
b6:01:ba:c9:a7:ce:25:22:5b:a0:8f:89:85:fb:75:19:1f:f8:
a2:34:fb:e9:a9:3e:4e:5c:b8:de:61:ed:e7:65:59:2f:45:79:
59:be:7f:43:9d:f4:12:93:f0:13:8f:26:e6:6d:fb:d2:ea:1a:
a2:1d:ed:ee:d1:e2:62:70:3e:a7:5a:be:46:20:e5:ca:70:ff:
58:9d:d4:6d:b7:8f:56:8b:22:9e:33:7d:94:ed:6d:4e:7e:3f:
d0:20:88:23:11:44:95:49:b5:c5:99:0c:fe:70:c0:d0:84:41:
b8:15:1b:d9:72:a4:7e:27:ec:15:a3:0e:c4:cc:c9:72:8f:aa:
29:87:47:ef:84:38:4c:05:d9:65:fc:e0:93:92:45:e5:0a:b5:
37:c1:23:96:91:2f:62:58:b1:99:dd:57:b8:ea:52:aa:56:9c:
99:29:bf:26:ab:7a:fa:81:e6:db:58:7d:e3:1e:49:e4:c8:9e:
e0:9e:33:0d:57:ca:b3:05:c3:bf:da:71:75:ca:5e:28:14:27:
f3:af:49:50:c6:df:fb:56:4a:13:34:69:fe:83:25:a5:ba:25:
e3:39:5c:50
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJ5tbnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDgyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjBhYjhlYWJiOTg4
YzUzMDQyNDE0NDFlMzlmMzVjZmZjMzc1M2QzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOfDa6clRnnEIQVv8Y9kSiEwRtGLpl80hv0Dy8vjbfbDwq6i
NRzjpJHZ8u9dwHmDq7z2LeO+yU2KsXUYmwl0mdZHcfMwdI9O1SQQynB6moTm/Rxc
MuRwefhwM7yNO2KO0z5E55NyJ305f7V5NlfDIEKj5V44eUWs/UuLuwbJZ+X5QxF8
HkPBZAZ5O3lSripyJhxa6lJa51YToq4pofW32OaMEqKkaWMVhrO+v4y/YwDVZm9c
cEo1KIsdMpvgJmzZwUMlfV2L1QEJIeClQEj5pgiB0vle8rEyCnC59GWbM4mbiXWB
MH276jYSG4dqcjMJuFBzfkM9ns4OcuB0/cof5dMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRgq46ruYjFMEJBRB4581z/w3U9PjAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L1lLdU9xN21JeFRCQ1FVUWVPZk5jXzhOMVBUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApJ4/DANBgkqhkiG9w0BAQsFAAOC
AQEAFdzweMoL+vEkS/3JYb8YKR6gGnJ+GDL33znwFJGOjcH9DjtetgG6yafOJSJb
oI+Jhft1GR/4ojT76ak+Tly43mHt52VZL0V5Wb5/Q530EpPwE48m5m370uoaoh3t
7tHiYnA+p1q+RiDlynD/WJ3UbbePVosinjN9lO1tTn4/0CCIIxFElUm1xZkM/nDA
0IRBuBUb2XKkfifsFaMOxMzJco+qKYdH74Q4TAXZZfzgk5JF5Qq1N8EjlpEvYlix
md1XuOpSqlacmSm/Jqt6+oHm21h94x5J5Mie4J4zDVfKswXDv9pxdcpeKBQn869J
UMbf+1ZKEzRp/oMlpbol4zlcUA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:10 2025 by rpki-client