Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/chSbwf1NApFW4xaiSsmLAfAcvB8.roa
File: chSbwf1NApFW4xaiSsmLAfAcvB8.roa (raw, json)
Hash identifier: zcSaj7dnZyhfM3OhCqYYPg+j5UGnNz8Pdsq3YZaVaLs=
Subject key identifier: 72:14:9B:C1:FD:4D:02:91:56:E3:16:A2:4A:C9:8B:01:F0:1C:BC:1F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194259013F6DD732AEF00597838F4CC32E1
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/chSbwf1NApFW4xaiSsmLAfAcvB8.roa
Signing time: Thu 02 Jan 2025 05:49:46 +0000
ROA not before: Thu 02 Jan 2025 05:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213963
IP address blocks: 146.120.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:90:13:f6:dd:73:2a:ef:00:59:78:38:f4:cc:32:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72149bc1fd4d029156e316a24ac98b01f01cbc1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fd:80:84:98:05:5d:ef:1e:d7:f9:97:0e:48:
67:8f:74:6d:a2:c3:a1:a9:1f:ac:f1:6a:36:a2:83:
bc:da:54:33:6c:bd:f9:3d:ea:ed:49:5d:d7:88:cc:
32:b1:1e:64:ac:f8:8f:2a:29:51:ca:d3:f6:74:39:
b3:6c:4f:89:0f:39:2b:b6:23:56:d8:33:5a:67:e8:
f6:e3:ed:ba:99:46:3a:94:6b:af:be:f0:56:84:ba:
4a:8c:6d:5b:be:73:46:63:45:e6:cf:2b:9b:35:cc:
1c:70:f8:12:b6:7f:49:5c:8e:4e:36:1f:60:31:b8:
6c:20:ee:bf:3d:28:4e:9f:29:d2:f4:9e:24:a7:58:
e4:04:c0:9f:5c:da:e9:96:0e:53:f3:32:70:01:c5:
c0:1d:ce:66:01:88:12:6e:5f:99:51:5b:57:eb:91:
22:67:0e:d5:d0:b9:13:86:08:0e:a4:b7:dd:5d:6f:
9a:20:3f:6a:6e:28:40:67:9c:fe:ef:1f:12:d4:1c:
fc:c3:12:21:9d:15:a8:12:18:34:3d:9c:79:27:69:
eb:3f:f7:0b:43:ac:72:c9:cf:80:4e:54:c7:1a:2f:
38:64:59:52:de:cd:d4:a8:20:28:68:c6:b9:55:86:
fe:47:d3:64:c4:af:85:a7:9b:07:00:9c:da:4c:18:
b5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:14:9B:C1:FD:4D:02:91:56:E3:16:A2:4A:C9:8B:01:F0:1C:BC:1F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/chSbwf1NApFW4xaiSsmLAfAcvB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.90.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:c4:d8:c2:cb:3c:59:52:6d:27:71:ce:59:0b:7f:a2:f4:4d:
af:30:36:c2:4d:14:b3:f7:99:68:81:7f:e9:d7:c8:e1:38:45:
c1:cb:07:46:95:9e:ad:df:70:5a:c9:e3:fb:ea:3a:19:51:b1:
6a:f8:39:4f:86:e1:66:fb:68:0d:71:01:c0:be:0c:24:1e:54:
a4:99:80:84:7d:7e:9f:9c:b2:2b:8e:db:fb:c9:df:9b:fd:e2:
2d:fb:bb:db:a7:64:90:ea:8e:0f:15:47:03:02:9c:8e:8f:83:
66:82:a8:4f:cf:74:99:70:82:6f:5e:3b:4e:38:f5:27:8f:81:
08:4b:b3:79:bb:9d:a2:fc:ec:27:6a:aa:7d:bc:e9:55:75:f9:
66:16:1b:88:48:db:fa:72:1d:72:e0:70:69:db:fc:69:72:0f:
6d:d2:61:28:c0:b3:63:d7:c8:57:66:36:f7:10:e9:18:ad:a1:
d3:a1:22:04:df:ee:4e:2d:d2:dc:96:df:31:3a:16:49:f6:0d:
bd:b9:e3:cd:00:d5:6f:ec:cc:1c:ea:e6:ce:a9:8a:96:29:d4:
ed:a1:fd:e6:2f:3a:05:d5:09:e3:10:f1:80:c0:23:58:6f:2a:
93:29:22:d2:3f:6c:9e:b0:f9:70:b5:f7:5d:61:25:ff:cf:12:
46:2d:4b:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlkBP23XMq7wBZeDj0zDLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE0OWJjMWZkNGQwMjkxNTZlMzE2YTI0YWM5OGIwMWYwMWNiYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf2AhJgFXe8e1/mXDkhnj3RtosOh
qR+s8Wo2ooO82lQzbL35PertSV3XiMwysR5krPiPKilRytP2dDmzbE+JDzkrtiNW
2DNaZ+j24+26mUY6lGuvvvBWhLpKjG1bvnNGY0XmzyubNcwccPgStn9JXI5ONh9g
MbhsIO6/PShOnynS9J4kp1jkBMCfXNrplg5T8zJwAcXAHc5mAYgSbl+ZUVtX65Ei
Zw7V0LkThggOpLfdXW+aID9qbihAZ5z+7x8S1Bz8wxIhnRWoEhg0PZx5J2nrP/cL
Q6xyyc+ATlTHGi84ZFlS3s3UqCAoaMa5VYb+R9NkxK+Fp5sHAJzaTBi1XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHIUm8H9TQKRVuMWokrJiwHwHLwfMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvY2hTYndmMU5BcEZXNHhhaVNzbUxBZkFjdkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknhaMA0G
CSqGSIb3DQEBCwUAA4IBAQAfxNjCyzxZUm0ncc5ZC3+i9E2vMDbCTRSz95logX/p
18jhOEXBywdGlZ6t33BayeP76joZUbFq+DlPhuFm+2gNcQHAvgwkHlSkmYCEfX6f
nLIrjtv7yd+b/eIt+7vbp2SQ6o4PFUcDApyOj4NmgqhPz3SZcIJvXjtOOPUnj4EI
S7N5u52i/Ownaqp9vOlVdflmFhuISNv6ch1y4HBp2/xpcg9t0mEowLNj18hXZjb3
EOkYraHToSIE3+5OLdLclt8xOhZJ9g29uePNANVv7Mwc6ubOqYqWKdTtof3mLzoF
1QnjEPGAwCNYbyqTKSLSP2yesPlwtfddYSX/zxJGLUvp
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:23 2025 by rpki-client