Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/9ed76b-35a6-4a9d-9fa6-8517a8f355ae/1/cJykARzqOKe9uMgc8PFmUBa7sxc.roa
File: cJykARzqOKe9uMgc8PFmUBa7sxc.roa (raw, json)
Hash identifier: 5MZWo6mlRMkcqk95+uBmGKLKqHpo+sEmACVQEsSg9mA=
Subject key identifier: 70:9C:A4:01:1C:EA:38:A7:BD:B8:C8:1C:F0:F1:66:50:16:BB:B3:17
Certificate issuer: /CN=03196c89e554dbe4774522759906e2581a174694
Certificate serial: 0194221FEE30B6C809225F69B9BC61387F11
Authority key identifier: 03:19:6C:89:E5:54:DB:E4:77:45:22:75:99:06:E2:58:1A:17:46:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AxlsieVU2-R3RSJ1mQbiWBoXRpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/9ed76b-35a6-4a9d-9fa6-8517a8f355ae/1/cJykARzqOKe9uMgc8PFmUBa7sxc.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42893
IP address blocks: 146.66.160.0/19 maxlen: 19
146.66.192.0/20 maxlen: 20
178.252.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ee:30:b6:c8:09:22:5f:69:b9:bc:61:38:7f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03196c89e554dbe4774522759906e2581a174694
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=709ca4011cea38a7bdb8c81cf0f1665016bbb317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:09:d8:80:1c:fe:13:20:dc:69:2a:e5:66:ae:
3b:c1:6f:fe:04:06:5c:bf:23:fd:07:dc:c8:51:88:
27:ec:fc:41:a1:44:bc:6f:ff:d5:20:68:31:da:ea:
43:7e:5c:ea:d4:49:ae:36:4e:af:b6:7c:25:a9:ed:
d9:62:ec:e5:06:14:f5:db:db:3f:82:1d:58:3d:9f:
fd:c5:08:a3:f3:b8:d9:00:63:d0:43:94:fe:06:fd:
0c:6b:c8:10:bb:cf:1c:dd:e7:43:8c:a7:47:28:2f:
ed:99:d4:0a:26:a2:1e:4d:a9:a3:8c:b7:df:c8:ea:
4c:20:cb:53:46:42:de:1a:5b:7b:ea:ec:99:07:1d:
98:a7:61:8a:47:d7:eb:7a:5e:b2:21:a5:9c:e1:dd:
3f:f0:82:f0:5d:91:30:fb:13:1d:52:82:d5:11:5e:
aa:cc:60:2f:b8:a7:7f:e8:f4:c6:d3:cc:d5:28:97:
cb:6e:1f:e6:68:c9:25:07:55:e3:d1:a0:b2:f1:93:
1e:f4:28:43:52:b8:28:6a:37:93:2f:33:18:ec:a1:
9e:71:9e:e7:13:3a:3d:ae:88:07:2c:13:a3:d6:c7:
d1:20:81:e7:be:81:c5:f2:b3:d4:70:c9:de:ab:70:
32:81:9d:1f:56:91:5e:86:ff:9d:4f:6d:e4:e4:a4:
b9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:9C:A4:01:1C:EA:38:A7:BD:B8:C8:1C:F0:F1:66:50:16:BB:B3:17
X509v3 Authority Key Identifier:
keyid:03:19:6C:89:E5:54:DB:E4:77:45:22:75:99:06:E2:58:1A:17:46:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AxlsieVU2-R3RSJ1mQbiWBoXRpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9ed76b-35a6-4a9d-9fa6-8517a8f355ae/1/cJykARzqOKe9uMgc8PFmUBa7sxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9ed76b-35a6-4a9d-9fa6-8517a8f355ae/1/AxlsieVU2-R3RSJ1mQbiWBoXRpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.160.0-146.66.207.255
178.252.64.0/18
Signature Algorithm: sha256WithRSAEncryption
70:53:47:40:35:66:dc:90:b5:c2:c5:88:bc:fc:3e:6b:7c:0e:
6c:fd:a7:da:3f:eb:f6:31:36:4f:a4:f5:9e:b6:a3:cc:8e:2b:
47:37:6a:03:5a:44:31:2e:34:9f:f1:48:65:19:2c:90:88:14:
85:0c:03:35:7f:8f:55:91:40:90:bb:72:35:da:d9:17:58:e9:
02:98:de:38:90:05:8f:8f:f1:f4:82:ee:52:70:07:59:18:d1:
b5:5e:a7:ac:af:b7:6c:99:f4:10:e3:6e:86:55:b9:4e:e8:89:
76:27:d9:fa:c6:b1:35:62:ca:5d:1b:f4:92:40:1c:b6:5e:29:
d5:d2:cf:2b:93:50:61:df:6a:1d:f4:a4:dc:2b:a4:a2:f9:dc:
9d:97:2b:d2:59:e0:e2:59:30:98:89:de:d2:3a:d4:6f:f6:f0:
64:ed:6c:3e:0c:5f:dd:d5:ab:2e:d8:e0:3a:4b:16:24:f1:95:
00:a9:d3:2c:5b:8e:ea:06:4c:65:4c:4e:33:8c:7d:65:24:cd:
38:3d:60:7e:3f:41:a5:a4:cd:f2:f3:b5:60:ea:d0:57:45:db:
88:94:c1:99:a2:af:b0:53:c3:99:df:f0:98:4c:dd:70:da:b4:
c7:37:48:c4:52:58:e3:25:88:1f:c6:06:00:55:35:f4:c1:ee:
37:94:cb:ae
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQiH+4wtsgJIl9pubxhOH8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMTk2Yzg5ZTU1NGRiZTQ3NzQ1MjI3NTk5MDZlMjU4MWEx
NzQ2OTQwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDljYTQwMTFjZWEzOGE3YmRiOGM4MWNmMGYxNjY1MDE2YmJiMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAnYgBz+EyDcaSrlZq47wW/+BAZc
vyP9B9zIUYgn7PxBoUS8b//VIGgx2upDflzq1EmuNk6vtnwlqe3ZYuzlBhT129s/
gh1YPZ/9xQij87jZAGPQQ5T+Bv0Ma8gQu88c3edDjKdHKC/tmdQKJqIeTamjjLff
yOpMIMtTRkLeGlt76uyZBx2Yp2GKR9frel6yIaWc4d0/8ILwXZEw+xMdUoLVEV6q
zGAvuKd/6PTG08zVKJfLbh/maMklB1Xj0aCy8ZMe9ChDUrgoajeTLzMY7KGecZ7n
Ezo9rogHLBOj1sfRIIHnvoHF8rPUcMneq3AygZ0fVpFehv+dT23k5KS5/QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHCcpAEc6jinvbjIHPDxZlAWu7MXMB8GA1UdIwQY
MBaAFAMZbInlVNvkd0UidZkG4lgaF0aUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXhsc2llVlUyLVIzUlNKMW1RYmlXQm9YUnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85ZWQ3NmItMzVhNi00YTlkLTlmYTYt
ODUxN2E4ZjM1NWFlLzEvY0p5a0FSenFPS2U5dU1nYzhQRm1VQmE3c3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi85ZWQ3NmItMzVhNi00YTlkLTlmYTYtODUxN2E4ZjM1NWFl
LzEvQXhsc2llVlUyLVIzUlNKMW1RYmlXQm9YUnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAWSQqAD
BASSQsADBAay/EAwDQYJKoZIhvcNAQELBQADggEBAHBTR0A1ZtyQtcLFiLz8Pmt8
Dmz9p9o/6/YxNk+k9Z62o8yOK0c3agNaRDEuNJ/xSGUZLJCIFIUMAzV/j1WRQJC7
cjXa2RdY6QKY3jiQBY+P8fSC7lJwB1kY0bVep6yvt2yZ9BDjboZVuU7oiXYn2frG
sTViyl0b9JJAHLZeKdXSzyuTUGHfah30pNwrpKL53J2XK9JZ4OJZMJiJ3tI61G/2
8GTtbD4MX93Vqy7Y4DpLFiTxlQCp0yxbjuoGTGVMTjOMfWUkzTg9YH4/QaWkzfLz
tWDq0FdF24iUwZmir7BTw5nf8JhM3XDatMc3SMRSWOMliB/GBgBVNfTB7jeUy64=
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:31:19 2025 by rpki-client