Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nGAaaXMKpGszwFFMVIPXQWHvtjA.roa
File: nGAaaXMKpGszwFFMVIPXQWHvtjA.roa (raw, json)
Hash identifier: G0jGdU+ux1/RzPh5jVGJ01m4U7T9wn5FWWInWMDNosE=
Subject key identifier: 9C:60:1A:69:73:0A:A4:6B:33:C0:51:4C:54:83:D7:41:61:EF:B6:30
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FF1D493FF343A1A11CAA1F711035D
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nGAaaXMKpGszwFFMVIPXQWHvtjA.roa
Signing time: Thu 02 Jan 2025 05:49:38 +0000
ROA not before: Thu 02 Jan 2025 05:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204514
IP address blocks: 146.158.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:f1:d4:93:ff:34:3a:1a:11:ca:a1:f7:11:03:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c601a69730aa46b33c0514c5483d74161efb630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:26:4b:28:ff:df:1e:e2:71:84:7b:24:ce:dd:
c3:e9:9e:48:ad:e7:8c:85:92:14:e0:20:64:8b:99:
f0:0d:b3:b7:16:c7:cf:8f:cd:e1:7b:cc:4e:06:10:
63:65:55:f0:17:91:7d:b2:37:71:01:52:01:73:0b:
56:40:d7:5d:50:e9:d5:4a:ef:15:05:db:8c:22:9e:
6e:8f:07:a0:f6:dc:8c:3d:de:e0:58:bd:e7:68:75:
38:e6:c6:13:ad:10:7e:86:90:4a:c7:2a:1b:73:d9:
9d:5b:fd:e4:07:c6:8d:ae:b4:88:40:85:60:d0:27:
72:2d:07:d6:02:77:1e:1e:0c:c1:d5:90:3d:f9:ae:
58:30:b1:e2:0a:65:cf:f9:cf:f3:f8:81:29:9b:73:
d2:42:88:2c:b2:95:e6:51:49:d0:1c:2c:ec:28:a3:
b3:65:d3:12:47:2c:cf:f5:a6:14:d9:57:2d:5a:cb:
b2:ab:d0:81:09:69:8d:76:36:da:e0:88:c7:5f:cf:
64:4a:41:22:47:ef:98:1f:c1:3e:f9:a3:a7:99:b5:
1b:62:c3:d2:93:ae:ce:e2:e9:77:44:2a:16:8a:3c:
35:4f:95:a9:c8:dc:0d:81:cc:f3:c6:91:45:36:a6:
99:e1:6f:82:a8:da:c2:05:5c:8c:57:ec:d0:9f:e2:
64:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:60:1A:69:73:0A:A4:6B:33:C0:51:4C:54:83:D7:41:61:EF:B6:30
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/nGAaaXMKpGszwFFMVIPXQWHvtjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.158.79.0/24
Signature Algorithm: sha256WithRSAEncryption
11:dd:3d:29:39:7e:1d:98:ea:4e:21:b9:e6:20:8f:67:91:c2:
32:ca:37:8f:8d:fe:4e:8b:e9:d9:ed:36:da:fa:c1:33:ad:17:
16:f6:c2:14:c3:2b:24:66:34:42:88:e4:d0:8b:86:c8:15:78:
5a:c9:91:5a:20:53:3e:35:0d:f7:59:2e:be:d4:a8:16:76:a0:
61:21:55:c6:83:da:bb:b5:1f:b1:36:84:65:07:83:5b:12:92:
f4:65:76:17:33:5f:36:6e:72:44:8d:a2:e1:92:aa:ed:1b:d3:
9a:e0:ef:d5:ba:73:7a:df:27:ad:3f:52:f1:ff:91:f2:0c:ec:
d3:a3:58:18:bb:1b:37:0d:ce:74:b8:be:1c:51:5f:9c:09:ab:
81:99:f7:ae:36:0c:88:c8:a9:b5:5a:25:7e:1f:10:d3:52:16:
ee:06:09:9d:2e:f2:80:92:cf:63:6a:61:c3:13:7e:29:71:cd:
18:65:77:10:75:a3:9f:ff:ff:00:73:4b:c6:a1:8f:a2:6c:13:
ed:01:90:22:46:39:e5:98:5c:62:50:69:8d:da:93:b9:ba:41:
58:21:4e:63:e9:ea:c8:69:20:e1:68:62:76:0b:86:56:b1:e0:
cf:ae:34:ca:59:ab:4a:6d:be:48:b8:d7:44:7d:71:89:5e:76:
cd:e3:26:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj/HUk/80OhoRyqH3EQNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzYwMWE2OTczMGFhNDZiMzNjMDUxNGM1NDgzZDc0MTYxZWZiNjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyZLKP/fHuJxhHskzt3D6Z5IreeM
hZIU4CBki5nwDbO3FsfPj83he8xOBhBjZVXwF5F9sjdxAVIBcwtWQNddUOnVSu8V
BduMIp5ujweg9tyMPd7gWL3naHU45sYTrRB+hpBKxyobc9mdW/3kB8aNrrSIQIVg
0CdyLQfWAnceHgzB1ZA9+a5YMLHiCmXP+c/z+IEpm3PSQogsspXmUUnQHCzsKKOz
ZdMSRyzP9aYU2VctWsuyq9CBCWmNdjba4IjHX89kSkEiR++YH8E++aOnmbUbYsPS
k67O4ul3RCoWijw1T5WpyNwNgczzxpFFNqaZ4W+CqNrCBVyMV+zQn+JkFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxgGmlzCqRrM8BRTFSD10Fh77YwMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbkdBYWFYTUtwR3N6d0ZGTVZJUFhRV0h2dGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkp5PMA0G
CSqGSIb3DQEBCwUAA4IBAQAR3T0pOX4dmOpOIbnmII9nkcIyyjePjf5Oi+nZ7Tba
+sEzrRcW9sIUwyskZjRCiOTQi4bIFXhayZFaIFM+NQ33WS6+1KgWdqBhIVXGg9q7
tR+xNoRlB4NbEpL0ZXYXM182bnJEjaLhkqrtG9Oa4O/VunN63yetP1Lx/5HyDOzT
o1gYuxs3Dc50uL4cUV+cCauBmfeuNgyIyKm1WiV+HxDTUhbuBgmdLvKAks9jamHD
E34pcc0YZXcQdaOf//8Ac0vGoY+ibBPtAZAiRjnlmFxiUGmN2pO5ukFYIU5j6erI
aSDhaGJ2C4ZWseDPrjTKWatKbb5IuNdEfXGJXnbN4yZ6
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:36:37 2025 by rpki-client