Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aXja0Pn_r086P5K0UmQhJjdeikY.roa
File: aXja0Pn_r086P5K0UmQhJjdeikY.roa (raw, json)
Hash identifier: PIAAkwX0ZhtFXf0VLICv1OpWY5rgLgP2shaJUul27ig=
Subject key identifier: 69:78:DA:D0:F9:FF:AF:4F:3A:3F:92:B4:52:64:21:26:37:5E:8A:46
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709521A2004264AA2A87228F4824DB10
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aXja0Pn_r086P5K0UmQhJjdeikY.roa
Signing time: Mon 02 Jan 2023 03:44:59 +0000
ROA not before: Mon 02 Jan 2023 03:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42518
IP address blocks: 146.120.64.0/20 maxlen: 24
146.120.80.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:21:a2:00:42:64:aa:2a:87:22:8f:48:24:db:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6978dad0f9ffaf4f3a3f92b452642126375e8a46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b3:c1:8b:3c:78:0e:bb:0a:43:f2:c4:81:6c:
4a:4b:31:a4:8c:37:65:5d:99:86:2e:f6:a3:bc:74:
66:9e:7e:a6:8b:73:a5:a3:ab:7b:46:45:fb:e8:45:
a4:99:3c:df:f6:34:c6:39:82:64:90:18:0e:36:40:
95:45:ee:74:41:2d:f9:f6:d8:d0:2c:da:59:06:76:
98:8d:76:33:d0:0d:d5:54:9e:78:c9:1f:37:d0:9c:
5a:62:95:c7:6a:2f:a3:17:df:28:17:59:29:d6:96:
39:eb:8b:1c:98:98:71:c4:b1:2f:c2:2f:b2:e8:b6:
9e:be:a2:4e:9a:0d:85:f4:2f:11:4a:79:d7:ea:4e:
ae:ce:01:c1:39:a5:f2:d9:d9:17:68:8f:d8:62:ca:
9e:dd:e8:84:ac:7a:56:bd:b5:54:ee:19:85:a7:fc:
94:a0:05:6a:18:1e:b8:a2:a7:6c:a2:26:04:d9:6e:
ee:3e:42:63:88:be:fb:92:9f:22:b2:94:93:33:c5:
7c:5e:9f:7b:23:f0:36:5a:75:f2:41:e8:6b:77:be:
2b:07:c2:66:d1:9a:4d:42:2b:64:3d:6e:9c:67:35:
8e:38:e7:bf:0b:76:17:25:9b:f8:37:91:43:b0:0f:
99:37:b5:c7:86:97:28:c6:27:2c:7d:2d:72:82:6d:
1b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:78:DA:D0:F9:FF:AF:4F:3A:3F:92:B4:52:64:21:26:37:5E:8A:46
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/aXja0Pn_r086P5K0UmQhJjdeikY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.64.0-146.120.87.255
Signature Algorithm: sha256WithRSAEncryption
50:29:83:78:9b:39:f5:ad:a1:e6:ff:75:97:47:7f:e2:ce:aa:
e6:2d:24:ba:18:0a:ed:e5:0a:86:b6:88:2f:55:4f:48:b6:c5:
01:be:fd:3a:29:8b:81:29:06:ca:71:e5:ff:9b:5a:02:a9:69:
2f:e9:2f:69:f6:fa:00:36:5c:3e:45:be:7b:8a:83:51:a6:70:
cf:60:74:ed:a0:fe:52:fd:a1:2d:66:19:7e:25:1e:45:f0:47:
f8:bd:ca:74:2b:0c:24:55:ba:4e:13:79:f0:37:53:81:5c:03:
aa:5a:43:8f:f5:3e:45:71:d4:f2:54:55:01:95:83:1f:1a:0d:
c0:34:18:32:71:1e:3a:da:44:b6:30:af:e0:53:b9:e5:00:0e:
90:e6:16:d3:70:20:f9:f8:07:d5:09:5b:6f:2c:fe:ad:88:f7:
e7:e3:5c:b5:ec:e7:bf:e7:13:c5:84:72:c0:23:39:cc:86:67:
23:4e:d9:af:06:75:12:91:00:9e:91:63:4c:0d:19:ba:1f:d8:
25:ea:64:38:b0:48:47:0d:7a:20:9e:63:44:59:a3:99:6c:c0:
17:9d:27:2c:8f:61:c5:f2:a3:b7:43:52:59:2d:18:6d:55:bd:
d8:95:8c:62:f2:6d:89:b8:7c:55:34:c7:97:1e:3b:16:33:50:
af:f3:79:e2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwlSGiAEJkqiqHIo9IJNsQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc4ZGFkMGY5ZmZhZjRmM2EzZjkyYjQ1MjY0MjEyNjM3NWU4YTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7PBizx4DrsKQ/LEgWxKSzGkjDdl
XZmGLvajvHRmnn6mi3Olo6t7RkX76EWkmTzf9jTGOYJkkBgONkCVRe50QS359tjQ
LNpZBnaYjXYz0A3VVJ54yR830JxaYpXHai+jF98oF1kp1pY564scmJhxxLEvwi+y
6LaevqJOmg2F9C8RSnnX6k6uzgHBOaXy2dkXaI/YYsqe3eiErHpWvbVU7hmFp/yU
oAVqGB64oqdsoiYE2W7uPkJjiL77kp8ispSTM8V8Xp97I/A2WnXyQehrd74rB8Jm
0ZpNQitkPW6cZzWOOOe/C3YXJZv4N5FDsA+ZN7XHhpcoxicsfS1ygm0b/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGl42tD5/69POj+StFJkISY3XopGMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvYVhqYTBQbl9yMDg2UDVLMFVtUWhKamRlaWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAaSeEAD
BAOSeFAwDQYJKoZIhvcNAQELBQADggEBAFApg3ibOfWtoeb/dZdHf+LOquYtJLoY
Cu3lCoa2iC9VT0i2xQG+/Topi4EpBspx5f+bWgKpaS/pL2n2+gA2XD5FvnuKg1Gm
cM9gdO2g/lL9oS1mGX4lHkXwR/i9ynQrDCRVuk4TefA3U4FcA6paQ4/1PkVx1PJU
VQGVgx8aDcA0GDJxHjraRLYwr+BTueUADpDmFtNwIPn4B9UJW28s/q2I9+fjXLXs
57/nE8WEcsAjOcyGZyNO2a8GdRKRAJ6RY0wNGbof2CXqZDiwSEcNeiCeY0RZo5ls
wBedJyyPYcXyo7dDUlktGG1VvdiVjGLybYm4fFU0x5ceOxYzUK/zeeI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:39:09 2025 by rpki-client