Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/8pM-r5LoIOv4t3NcWu-eNZEw7II.roa
File: 8pM-r5LoIOv4t3NcWu-eNZEw7II.roa (raw, json)
Hash identifier: 2Z/aZfR0MgKnd2mOOQmRvzNhJFLcyrSUao3u1vhHVXM=
Subject key identifier: F2:93:3E:AF:92:E8:20:EB:F8:B7:73:5C:5A:EF:9E:35:91:30:EC:82
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01942369F53D90BA56D25CE03104E3B66B2B
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/8pM-r5LoIOv4t3NcWu-eNZEw7II.roa
Signing time: Wed 01 Jan 2025 19:48:54 +0000
ROA not before: Wed 01 Jan 2025 19:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207636
IP address blocks: 46.3.20.0/24 maxlen: 24
46.3.21.0/24 maxlen: 24
46.3.22.0/24 maxlen: 24
46.3.23.0/24 maxlen: 24
46.3.85.0/24 maxlen: 24
46.3.128.0/24 maxlen: 24
46.3.129.0/24 maxlen: 24
46.3.131.0/24 maxlen: 24
46.3.192.0/19 maxlen: 19
46.3.224.0/19 maxlen: 19
46.3.237.0/24 maxlen: 24
46.232.8.0/22 maxlen: 22
46.232.12.0/22 maxlen: 22
80.243.128.0/20 maxlen: 24
149.126.194.0/24 maxlen: 24
149.126.199.0/24 maxlen: 24
149.126.209.0/24 maxlen: 24
149.126.211.0/24 maxlen: 24
149.126.212.0/24 maxlen: 24
149.126.227.0/24 maxlen: 24
149.126.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f5:3d:90:ba:56:d2:5c:e0:31:04:e3:b6:6b:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 1 19:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2933eaf92e820ebf8b7735c5aef9e359130ec82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cc:92:e7:e0:06:4c:a7:b4:33:8a:cd:40:97:
73:a0:a1:0a:ce:e8:8f:23:61:b6:a0:14:4b:11:e2:
d4:2a:5d:d6:65:cc:d2:c8:c0:29:08:5a:1e:a5:98:
a8:44:bc:d2:e0:c3:53:b9:ca:5c:0a:58:09:72:ff:
5e:17:ae:40:16:b1:0a:b5:bd:09:7a:25:4a:04:21:
c1:59:7c:31:20:65:2b:88:de:10:52:fe:7e:e6:17:
1d:83:3b:eb:9e:b4:ef:94:fa:2d:15:0b:f6:fd:93:
16:60:e7:02:8e:28:f6:b5:ef:46:00:97:ea:7f:1d:
7c:20:da:5c:d5:f6:6b:59:be:66:14:da:97:06:e0:
b2:1b:3b:c3:78:13:bb:f6:10:56:ad:38:d4:c6:58:
5a:fd:31:2d:ee:17:17:1a:8a:be:f5:bd:97:a9:3d:
0e:22:62:03:5b:20:f0:39:e7:45:a6:4e:29:b6:5f:
d0:6c:e4:37:cc:be:91:ec:91:2f:b5:fa:3d:b8:a3:
b1:d7:23:ee:48:36:8b:a5:43:35:9d:2b:b7:3f:72:
dc:ea:2c:43:7c:8e:56:8e:30:7e:2d:7d:77:4d:6a:
5a:48:27:c2:b1:fb:ba:66:ce:9e:9c:cd:d2:67:13:
33:f5:f2:5a:0c:bd:4b:c0:22:32:d9:5b:66:75:69:
fd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:93:3E:AF:92:E8:20:EB:F8:B7:73:5C:5A:EF:9E:35:91:30:EC:82
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/8pM-r5LoIOv4t3NcWu-eNZEw7II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.20.0/22
46.3.85.0/24
46.3.128.0/23
46.3.131.0/24
46.3.192.0/18
46.232.8.0/21
80.243.128.0/20
149.126.194.0/24
149.126.199.0/24
149.126.209.0/24
149.126.211.0-149.126.212.255
149.126.227.0/24
149.126.241.0/24
Signature Algorithm: sha256WithRSAEncryption
67:11:17:b4:cc:83:5c:b8:7c:8e:f0:ae:ed:d4:20:aa:b3:7e:
af:25:dd:51:7a:88:1c:cf:75:b4:50:49:9c:1c:cf:18:83:89:
d5:f7:69:a1:98:a4:ff:8d:d9:5c:be:84:12:2e:6e:00:02:ff:
44:48:8e:ef:fc:46:99:1b:63:e3:ac:a2:6a:7d:33:93:f0:c4:
0d:44:38:6e:ae:ba:d1:c2:dd:a8:4c:3d:b6:bc:1b:70:6f:3e:
79:05:de:eb:4e:8a:18:0f:11:45:69:8f:ae:19:ea:d0:bb:19:
26:2f:9d:27:7f:19:36:06:c8:12:ea:c2:da:0f:b7:01:2c:05:
f5:ca:46:18:37:93:c9:d0:9e:3b:05:a4:63:fc:a6:99:82:64:
8d:f2:b9:fb:7c:e1:b8:99:af:42:5d:54:78:03:7d:2d:08:2b:
cd:1b:4e:aa:8d:88:d4:98:02:d6:7a:39:ee:6a:82:cc:e3:14:
7f:d2:95:d9:56:2c:ce:77:b2:ed:3e:58:aa:fc:39:29:95:85:
66:41:d5:3f:f8:0c:5b:b4:70:5e:64:51:22:45:11:78:18:a4:
7f:21:48:21:4b:89:5e:dc:e4:67:40:4e:f2:1c:ca:60:f2:05:
16:2e:81:f0:52:14:63:0d:06:27:26:f2:e3:8a:dd:48:f9:71:
09:92:1e:59
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZQjafU9kLpW0lzgMQTjtmsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwMTAxMTk0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjkzM2VhZjkyZTgyMGViZjhiNzczNWM1YWVmOWUzNTkxMzBlYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMyS5+AGTKe0M4rNQJdzoKEKzuiP
I2G2oBRLEeLUKl3WZczSyMApCFoepZioRLzS4MNTucpcClgJcv9eF65AFrEKtb0J
eiVKBCHBWXwxIGUriN4QUv5+5hcdgzvrnrTvlPotFQv2/ZMWYOcCjij2te9GAJfq
fx18INpc1fZrWb5mFNqXBuCyGzvDeBO79hBWrTjUxlha/TEt7hcXGoq+9b2XqT0O
ImIDWyDwOedFpk4ptl/QbOQ3zL6R7JEvtfo9uKOx1yPuSDaLpUM1nSu3P3Lc6ixD
fI5WjjB+LX13TWpaSCfCsfu6Zs6enM3SZxMz9fJaDL1LwCIy2VtmdWn9kwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFPKTPq+S6CDr+LdzXFrvnjWRMOyCMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvOHBNLXI1TG9JT3Y0dDNOY1d1LWVOWkV3N0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQCLgMUAwQA
LgNVAwQBLgOAAwQALgODAwQGLgPAAwQDLugIAwQEUPOAAwQAlX7CAwQAlX7HAwQA
lX7RMAwDBACVftMDBACVftQDBACVfuMDBACVfvEwDQYJKoZIhvcNAQELBQADggEB
AGcRF7TMg1y4fI7wru3UIKqzfq8l3VF6iBzPdbRQSZwczxiDidX3aaGYpP+N2Vy+
hBIubgAC/0RIju/8RpkbY+Osomp9M5PwxA1EOG6uutHC3ahMPba8G3BvPnkF3utO
ihgPEUVpj64Z6tC7GSYvnSd/GTYGyBLqwtoPtwEsBfXKRhg3k8nQnjsFpGP8ppmC
ZI3yuft84biZr0JdVHgDfS0IK80bTqqNiNSYAtZ6Oe5qgszjFH/SldlWLM53su0+
WKr8OSmVhWZB1T/4DFu0cF5kUSJFEXgYpH8hSCFLiV7c5GdATvIcymDyBRYugfBS
FGMNBicm8uOK3Uj5cQmSHlk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:10 2025 by rpki-client