Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/jBuFhdv85OaYjcNO1HL_wN1ZSC0.roa
File: jBuFhdv85OaYjcNO1HL_wN1ZSC0.roa (raw, json)
Hash identifier: 655Z5Je3fi4yW9FLCB2xlrpOs5iZ2yN3W9R7yndR/vw=
Subject key identifier: 8C:1B:85:85:DB:FC:E4:E6:98:8D:C3:4E:D4:72:FF:C0:DD:59:48:2D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FFD276FC1AC9715202583C71F2ED2
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/jBuFhdv85OaYjcNO1HL_wN1ZSC0.roa
Signing time: Thu 02 Jan 2025 05:49:40 +0000
ROA not before: Thu 02 Jan 2025 05:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208515
IP address blocks: 146.120.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:fd:27:6f:c1:ac:97:15:20:25:83:c7:1f:2e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c1b8585dbfce4e6988dc34ed472ffc0dd59482d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6a:7d:ca:ab:07:3e:27:3d:24:42:00:97:b8:
fb:c7:35:ec:9c:d8:84:a8:a8:08:4c:7e:df:57:b7:
96:f4:cf:0c:5d:ea:c3:e9:b1:86:c6:79:20:08:91:
5e:99:95:c5:1d:08:68:78:65:37:36:6f:87:b1:43:
ea:48:b3:4a:b6:fa:f7:ed:d7:7b:2c:00:e1:36:01:
3b:4f:77:e8:bd:69:4f:a6:9e:2b:be:7e:18:03:66:
ad:f3:fe:c9:08:3e:3c:b2:0f:fb:db:d2:b2:04:fa:
6f:91:d6:2d:35:22:1d:49:72:23:50:f8:e2:b4:9c:
03:39:cd:c4:d7:57:bd:88:b7:b5:d0:40:ca:6c:21:
74:46:f4:ef:e7:76:d7:e8:f4:c4:43:03:97:ea:71:
14:5f:2b:29:e0:d9:03:67:0c:8a:24:72:18:97:07:
cb:00:bb:ad:5b:1a:ed:c8:03:91:31:84:4d:42:16:
57:f3:02:96:09:27:c9:8f:ce:8b:3f:23:78:6a:1a:
bd:26:6e:e3:f9:b6:b7:f5:2f:52:38:c3:b3:81:f1:
64:68:3c:79:79:79:46:0c:b2:5c:bb:82:53:a5:57:
4b:ed:41:b0:f5:ea:2f:41:51:1b:2a:23:0e:15:d1:
37:ab:83:44:ef:f6:64:51:78:d5:30:7f:21:4b:2a:
6e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:1B:85:85:DB:FC:E4:E6:98:8D:C3:4E:D4:72:FF:C0:DD:59:48:2D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/jBuFhdv85OaYjcNO1HL_wN1ZSC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.120.241.0/24
Signature Algorithm: sha256WithRSAEncryption
03:37:6c:0a:8c:6d:63:74:cc:cc:3b:61:80:21:2d:a3:e1:b0:
53:37:08:88:dd:16:7e:7f:b4:10:3c:f8:5f:d6:de:44:62:32:
1d:ae:de:b4:91:4f:10:e8:f4:d4:c6:90:d8:89:9f:f4:23:95:
7b:fe:c2:cb:40:b1:6b:1d:65:c3:6f:05:2b:a4:6d:2a:a6:27:
93:a3:75:e2:fa:b7:87:ec:9c:1f:68:2c:a7:da:e4:d4:52:d6:
0d:30:0e:7b:41:3a:91:3a:ac:93:7f:e0:e8:39:15:52:88:1c:
3a:17:ce:4d:54:1b:02:d1:dc:9b:fb:d6:77:95:95:59:74:4f:
03:be:fa:c4:dc:93:1f:e0:dc:e1:48:26:b9:0c:1f:bc:a7:16:
56:69:2b:da:9f:19:79:a7:fc:41:88:06:dd:b4:e0:21:18:32:
bb:b1:9a:3e:c7:e5:91:28:b8:4e:d0:90:7e:59:10:1c:86:0e:
33:a3:a3:79:f3:cf:46:1a:95:fe:76:aa:01:ae:ea:7e:27:b2:
94:fc:25:1e:cd:05:62:8a:02:a2:0d:87:f3:c2:94:23:b3:99:
dd:c7:2f:13:9f:be:38:c6:a1:1b:4b:3f:56:b2:7d:37:a8:9f:
71:ff:0f:15:5b:83:11:39:f0:ad:18:d4:84:e6:55:05:45:3b:
df:c4:7f:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj/0nb8GslxUgJYPHHy7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzFiODU4NWRiZmNlNGU2OTg4ZGMzNGVkNDcyZmZjMGRkNTk0ODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWp9yqsHPic9JEIAl7j7xzXsnNiE
qKgITH7fV7eW9M8MXerD6bGGxnkgCJFemZXFHQhoeGU3Nm+HsUPqSLNKtvr37dd7
LADhNgE7T3fovWlPpp4rvn4YA2at8/7JCD48sg/729KyBPpvkdYtNSIdSXIjUPji
tJwDOc3E11e9iLe10EDKbCF0RvTv53bX6PTEQwOX6nEUXysp4NkDZwyKJHIYlwfL
ALutWxrtyAORMYRNQhZX8wKWCSfJj86LPyN4ahq9Jm7j+ba39S9SOMOzgfFkaDx5
eXlGDLJcu4JTpVdL7UGw9eovQVEbKiMOFdE3q4NE7/ZkUXjVMH8hSypugQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIwbhYXb/OTmmI3DTtRy/8DdWUgtMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvakJ1Rmhkdjg1T2FZamNOTzFITF93TjFaU0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjxMA0G
CSqGSIb3DQEBCwUAA4IBAQADN2wKjG1jdMzMO2GAIS2j4bBTNwiI3RZ+f7QQPPhf
1t5EYjIdrt60kU8Q6PTUxpDYiZ/0I5V7/sLLQLFrHWXDbwUrpG0qpieTo3Xi+reH
7JwfaCyn2uTUUtYNMA57QTqROqyTf+DoORVSiBw6F85NVBsC0dyb+9Z3lZVZdE8D
vvrE3JMf4NzhSCa5DB+8pxZWaSvanxl5p/xBiAbdtOAhGDK7sZo+x+WRKLhO0JB+
WRAchg4zo6N5889GGpX+dqoBrup+J7KU/CUezQViigKiDYfzwpQjs5ndxy8Tn744
xqEbSz9Wsn03qJ9x/w8VW4MROfCtGNSE5lUFRTvfxH+d
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:29 2025 by rpki-client