Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/C50_a2SW4YnUYMJrr5Afw8I0HgI.roa
File: C50_a2SW4YnUYMJrr5Afw8I0HgI.roa (raw, json)
Hash identifier: TNrluYp0TFqbJMcRBRuC5FqOVY7++iFyEZ5HrscnKfo=
Subject key identifier: 0B:9D:3F:6B:64:96:E1:89:D4:60:C2:6B:AF:90:1F:C3:C2:34:1E:02
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 0194252165E787A5FF90681581F540D1E0B3
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/C50_a2SW4YnUYMJrr5Afw8I0HgI.roa
Signing time: Thu 02 Jan 2025 03:48:53 +0000
ROA not before: Thu 02 Jan 2025 03:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 158.120.49.0/24 maxlen: 24
158.120.51.0/24 maxlen: 24
158.120.53.0/24 maxlen: 24
158.120.55.0/24 maxlen: 24
158.120.57.0/24 maxlen: 24
158.120.59.0/24 maxlen: 24
158.120.61.0/24 maxlen: 24
158.120.63.0/24 maxlen: 24
192.46.184.0/21 maxlen: 21
192.46.184.0/22 maxlen: 22
192.46.188.0/24 maxlen: 24
192.46.200.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:65:e7:87:a5:ff:90:68:15:81:f5:40:d1:e0:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jan 2 03:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b9d3f6b6496e189d460c26baf901fc3c2341e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ae:67:d0:10:dc:a4:68:7c:5b:04:88:b4:ff:
e9:2b:de:7f:f6:f9:b8:24:47:ce:59:e6:d9:3c:14:
1c:4a:a6:19:e1:c9:66:1a:f9:76:2f:c5:d9:f4:d8:
ad:d3:70:a8:c4:fe:57:05:c1:be:e0:32:1e:3f:9b:
4a:cb:cc:ac:98:d0:66:9d:33:8e:db:81:f4:80:c0:
ef:a6:31:33:04:0d:4d:08:92:61:26:76:19:fa:c3:
9c:88:ea:d7:45:b5:a2:94:27:b9:80:f7:ba:90:17:
b4:02:2a:07:1a:e2:c3:69:01:44:bc:24:1c:ad:b9:
3d:60:73:97:39:b6:4d:af:cd:31:d8:88:16:21:71:
8e:3e:c3:09:ca:78:7a:62:9a:77:85:5f:c0:4f:86:
62:2a:4e:4a:f5:13:be:04:36:e2:3d:75:5b:97:df:
06:72:a8:b4:79:c9:cd:2d:94:4c:ec:53:3b:57:e0:
7f:d3:fc:91:e5:b6:4b:1a:18:cc:25:16:41:ab:7c:
4f:5d:47:29:5f:aa:1e:8e:6a:0c:34:41:7c:3b:01:
ba:79:08:5c:79:b8:5a:3e:40:f0:e8:83:21:f0:a6:
08:e7:54:e1:01:d1:fe:d0:6f:5a:8e:ad:f5:00:5c:
0e:cc:64:46:c9:74:c3:70:68:7d:37:fd:0e:81:53:
f6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:9D:3F:6B:64:96:E1:89:D4:60:C2:6B:AF:90:1F:C3:C2:34:1E:02
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/C50_a2SW4YnUYMJrr5Afw8I0HgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.120.49.0/24
158.120.51.0/24
158.120.53.0/24
158.120.55.0/24
158.120.57.0/24
158.120.59.0/24
158.120.61.0/24
158.120.63.0/24
192.46.184.0/21
192.46.200.0/22
Signature Algorithm: sha256WithRSAEncryption
90:cc:bd:21:64:ea:9a:29:ab:b7:3f:c7:9b:a1:a5:b6:5e:93:
1e:77:f3:6c:c9:b4:e2:57:34:ba:6e:af:80:5d:9c:e6:d7:38:
bd:2b:d0:9d:76:cc:39:ca:2b:6b:b7:69:c5:49:55:bd:f3:7e:
85:f1:fe:c9:d4:91:07:65:f4:e5:72:e3:9c:50:29:ee:e1:f7:
20:39:35:ed:4b:2d:07:ef:2d:b5:64:79:ca:74:0b:0b:3f:7a:
f0:dc:b1:df:c0:ed:05:9b:8e:bc:f8:cb:f8:07:b6:6e:3c:ee:
df:ac:13:09:ef:81:68:16:6e:96:d6:5d:07:ff:52:de:99:08:
13:90:ea:43:e1:aa:f2:14:a7:f1:21:27:f8:5b:8b:62:db:41:
7d:30:fa:19:84:33:62:03:d6:76:04:d6:0a:13:04:ad:ac:05:
0a:3f:ec:61:50:8a:57:55:3d:c1:cd:3e:b7:30:19:84:c8:2d:
d0:e7:ce:75:bb:9c:df:b1:f1:a2:a2:da:0f:02:b0:18:c6:31:
44:83:97:76:a5:fb:9e:70:ae:db:db:66:37:ee:c9:e6:d0:51:
8f:e7:74:b4:f2:28:0d:c6:57:0c:8a:be:05:4c:ce:f9:42:51:
5e:26:9a:a8:60:18:a7:40:b1:7c:69:99:d5:9a:d3:89:69:0d:
a7:9e:93:24
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQlIWXnh6X/kGgVgfVA0eCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjUwMTAyMDM0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjlkM2Y2YjY0OTZlMTg5ZDQ2MGMyNmJhZjkwMWZjM2MyMzQxZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAva5n0BDcpGh8WwSItP/pK95/9vm4
JEfOWebZPBQcSqYZ4clmGvl2L8XZ9Nit03CoxP5XBcG+4DIeP5tKy8ysmNBmnTOO
24H0gMDvpjEzBA1NCJJhJnYZ+sOciOrXRbWilCe5gPe6kBe0AioHGuLDaQFEvCQc
rbk9YHOXObZNr80x2IgWIXGOPsMJynh6Ypp3hV/AT4ZiKk5K9RO+BDbiPXVbl98G
cqi0ecnNLZRM7FM7V+B/0/yR5bZLGhjMJRZBq3xPXUcpX6oejmoMNEF8OwG6eQhc
ebhaPkDw6IMh8KYI51ThAdH+0G9ajq31AFwOzGRGyXTDcGh9N/0OgVP26QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAudP2tkluGJ1GDCa6+QH8PCNB4CMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvQzUwX2EyU1c0WW5VWU1KcnI1QWZ3OEkwSGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAnngxAwQA
nngzAwQAnng1AwQAnng3AwQAnng5AwQAnng7AwQAnng9AwQAnng/AwQDwC64AwQC
wC7IMA0GCSqGSIb3DQEBCwUAA4IBAQCQzL0hZOqaKau3P8eboaW2XpMed/NsybTi
VzS6bq+AXZzm1zi9K9Cddsw5yitrt2nFSVW9836F8f7J1JEHZfTlcuOcUCnu4fcg
OTXtSy0H7y21ZHnKdAsLP3rw3LHfwO0Fm468+Mv4B7ZuPO7frBMJ74FoFm6W1l0H
/1LemQgTkOpD4aryFKfxISf4W4ti20F9MPoZhDNiA9Z2BNYKEwStrAUKP+xhUIpX
VT3BzT63MBmEyC3Q5851u5zfsfGiotoPArAYxjFEg5d2pfuecK7b22Y37snm0FGP
53S08igNxlcMir4FTM75QlFeJpqoYBinQLF8aZnVmtOJaQ2nnpMk
-----END CERTIFICATE-----
Generated at Fri Apr 11 09:21:04 2025 by rpki-client