Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/j5UoRt8FcIXCd7P1WWsEoQPsR5w.roa
File: j5UoRt8FcIXCd7P1WWsEoQPsR5w.roa (raw, json)
Hash identifier: D6wQChYpxFxlnm5U5UL5Fn4TYpHUZycWthiCHusatfI=
Subject key identifier: 8F:95:28:46:DF:05:70:85:C2:77:B3:F5:59:6B:04:A1:03:EC:47:9C
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258F8D93AD141695BA38AEBB9B7188C8
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/j5UoRt8FcIXCd7P1WWsEoQPsR5w.roa
Signing time: Thu 02 Jan 2025 05:49:12 +0000
ROA not before: Thu 02 Jan 2025 05:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20688
IP address blocks: 146.120.0.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:8d:93:ad:14:16:95:ba:38:ae:bb:9b:71:88:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f952846df057085c277b3f5596b04a103ec479c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:13:69:1d:a7:00:7c:69:d2:a7:1c:49:b5:5a:
4a:38:2c:74:99:ec:8a:41:04:f0:a8:69:d8:53:32:
f9:f8:9b:fb:e1:4f:b8:18:71:98:8f:8a:f0:ae:07:
a0:b4:d5:d4:8d:e0:30:c7:43:d8:ac:51:8a:6b:8b:
8f:70:cb:65:99:a8:4c:03:ed:eb:7c:99:1b:b4:3e:
e2:dd:0b:19:0f:41:a3:a3:e5:34:24:09:24:56:95:
ee:eb:f1:3b:61:b7:78:14:ed:a7:0a:a4:89:71:33:
c5:49:f2:23:b8:77:03:96:38:9e:84:68:15:b4:6b:
bc:e1:cd:f1:e1:df:c2:48:b1:a1:13:64:0a:eb:ef:
24:b0:64:4e:19:de:cb:92:dc:46:3f:e3:e5:44:eb:
c8:9d:fa:2f:94:24:35:03:14:5a:e1:5d:aa:8e:76:
d4:83:71:c0:d8:0e:59:99:d4:c7:f1:03:22:c7:e3:
0a:df:a7:46:b3:54:e7:65:8c:be:af:71:de:6e:9b:
49:95:b2:9b:68:a8:0a:9c:45:9b:5d:ba:70:8d:44:
77:b0:2a:56:03:43:06:15:19:4a:51:95:f5:8f:6d:
86:85:d5:7e:71:43:23:68:3a:b8:f7:f0:f9:07:ea:
bb:db:56:57:ac:e4:29:06:d6:31:5c:d7:37:9b:1a:
03:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:95:28:46:DF:05:70:85:C2:77:B3:F5:59:6B:04:A1:03:EC:47:9C
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/j5UoRt8FcIXCd7P1WWsEoQPsR5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.0.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:b7:77:9a:e9:db:bd:0f:b8:89:53:46:98:9c:8e:28:d6:2c:
46:18:14:4e:8f:c9:d5:23:e6:ec:f5:42:4d:09:f1:8e:36:6f:
fe:eb:cf:e8:f7:fe:db:d5:ab:02:c6:29:04:d3:11:26:48:35:
e1:81:d9:4f:67:d9:25:26:62:a9:c4:50:5c:1d:92:7a:60:5a:
c8:32:e1:3f:a0:b3:41:99:29:b1:45:72:44:96:e6:fb:ca:09:
02:99:84:e9:64:0e:c9:8e:67:81:c4:72:76:12:af:38:e7:f9:
a1:59:d5:f7:cb:2d:5f:15:d1:78:ea:65:2b:6d:5d:7b:52:e7:
cd:82:b2:dc:bc:94:5f:a9:14:a3:38:fa:97:a2:a6:ef:15:80:
1f:a2:ba:0c:2d:b9:d9:f6:69:f1:17:4c:dc:79:6b:92:88:7e:
a4:56:11:66:14:44:8c:61:cc:e3:ab:cd:de:7a:d1:7f:65:4a:
cb:90:d7:37:6d:10:db:87:79:5c:27:4f:e2:8d:7f:e0:b7:be:
3b:12:b7:ef:8f:f7:16:4b:5a:e0:04:5f:a3:d7:df:8a:06:58:
86:a9:31:d5:3d:06:7a:4d:6a:05:32:67:2c:79:1e:fa:4f:d8:
ec:ea:e8:b2:8f:ad:88:a7:d3:52:0b:24:a5:68:ac:72:08:3b:
5e:ef:3c:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj42TrRQWlbo4rrubcYjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjk1Mjg0NmRmMDU3MDg1YzI3N2IzZjU1OTZiMDRhMTAzZWM0NzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxNpHacAfGnSpxxJtVpKOCx0meyK
QQTwqGnYUzL5+Jv74U+4GHGYj4rwrgegtNXUjeAwx0PYrFGKa4uPcMtlmahMA+3r
fJkbtD7i3QsZD0Gjo+U0JAkkVpXu6/E7Ybd4FO2nCqSJcTPFSfIjuHcDljiehGgV
tGu84c3x4d/CSLGhE2QK6+8ksGROGd7LktxGP+PlROvInfovlCQ1AxRa4V2qjnbU
g3HA2A5ZmdTH8QMix+MK36dGs1TnZYy+r3HebptJlbKbaKgKnEWbXbpwjUR3sCpW
A0MGFRlKUZX1j22GhdV+cUMjaDq49/D5B+q721ZXrOQpBtYxXNc3mxoD3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI+VKEbfBXCFwnez9VlrBKED7EecMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvajVVb1J0OEZjSVhDZDdQMVdXc0VvUVBzUjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDkngAMA0G
CSqGSIb3DQEBCwUAA4IBAQBrt3ea6du9D7iJU0aYnI4o1ixGGBROj8nVI+bs9UJN
CfGONm/+68/o9/7b1asCxikE0xEmSDXhgdlPZ9klJmKpxFBcHZJ6YFrIMuE/oLNB
mSmxRXJElub7ygkCmYTpZA7JjmeBxHJ2Eq845/mhWdX3yy1fFdF46mUrbV17UufN
grLcvJRfqRSjOPqXoqbvFYAforoMLbnZ9mnxF0zceWuSiH6kVhFmFESMYczjq83e
etF/ZUrLkNc3bRDbh3lcJ0/ijX/gt747Erfvj/cWS1rgBF+j19+KBliGqTHVPQZ6
TWoFMmcseR76T9js6uiyj62Ip9NSCySlaKxyCDte7zxm
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:12 2025 by rpki-client