Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/JKKDvLn9OhTXtGbgVmYhpdR_27E.roa
File: JKKDvLn9OhTXtGbgVmYhpdR_27E.roa (raw, json)
Hash identifier: TnXGDmR+kzXpOYQK9JOsc9wBf8EBcb/Wet3rK2plm7c=
Subject key identifier: 24:A2:83:BC:B9:FD:3A:14:D7:B4:66:E0:56:66:21:A5:D4:7F:DB:B1
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01942369EED1E22792E1C1C0CC22DBBEABF1
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/JKKDvLn9OhTXtGbgVmYhpdR_27E.roa
Signing time: Wed 01 Jan 2025 19:48:52 +0000
ROA not before: Wed 01 Jan 2025 19:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48024
IP address blocks: 46.3.0.0/22 maxlen: 24
46.3.96.0/22 maxlen: 24
46.3.100.0/24 maxlen: 24
46.3.102.0/24 maxlen: 24
46.3.103.0/24 maxlen: 24
46.3.104.0/22 maxlen: 24
46.3.108.0/22 maxlen: 24
46.232.6.0/24 maxlen: 24
46.232.48.0/21 maxlen: 24
46.232.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ee:d1:e2:27:92:e1:c1:c0:cc:22:db:be:ab:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 1 19:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24a283bcb9fd3a14d7b466e0566621a5d47fdbb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fa:c7:cc:f4:1f:8e:63:ac:58:a8:b6:c3:b2:
2e:2e:5a:1d:34:10:7c:e1:cd:69:0f:5a:7e:97:39:
46:e5:0a:6d:98:98:4e:4b:59:28:cc:85:f6:38:98:
51:13:a1:48:de:9d:e1:4f:a4:aa:75:5b:40:6f:8e:
c5:3e:0e:a5:1f:bb:40:0f:04:1b:1b:6f:bc:76:0e:
fe:c9:18:04:ea:3e:0a:34:5e:6d:1b:fa:85:5b:cc:
62:b9:86:2b:63:36:9c:df:db:61:a8:aa:df:e9:f0:
c6:d2:c1:3b:4b:df:0f:ee:ba:86:f8:78:bf:9b:0e:
57:81:79:e8:0f:0e:ff:24:94:93:31:d0:b7:72:7c:
86:d3:6e:7a:49:ec:b7:13:15:a3:b3:77:cd:c0:0a:
52:68:7d:53:31:67:d2:bd:29:da:45:1e:cd:60:49:
81:fd:ab:f5:92:35:29:62:ab:ee:08:7d:1d:32:d4:
e6:5a:45:33:1d:b7:2b:22:40:44:78:f0:94:5e:aa:
6f:4d:69:8f:0e:28:ca:4d:e5:38:17:15:3a:4a:f2:
9a:2d:73:4c:19:39:cd:31:b8:6d:f0:5c:24:da:3e:
ba:43:7f:11:a4:7b:03:2b:a7:b6:1e:28:d3:ee:fd:
a5:2c:7b:5c:16:67:6f:fb:2c:8c:e3:4c:5b:ae:ff:
97:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A2:83:BC:B9:FD:3A:14:D7:B4:66:E0:56:66:21:A5:D4:7F:DB:B1
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/JKKDvLn9OhTXtGbgVmYhpdR_27E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.0.0/22
46.3.96.0-46.3.100.255
46.3.102.0-46.3.111.255
46.232.6.0/24
46.232.48.0/20
Signature Algorithm: sha256WithRSAEncryption
5c:02:5b:5a:b5:1c:51:7f:75:42:a2:c9:45:ab:49:a6:a7:e5:
d0:55:5d:92:c7:14:53:61:0e:08:5a:64:21:4b:0d:bf:b5:8e:
ab:7b:1f:f8:d5:9a:45:ff:b5:73:ed:fe:df:8a:8e:1c:0d:ce:
ec:68:54:e2:be:c2:f6:e1:a5:ab:14:29:cd:72:37:07:61:aa:
e8:8a:b9:6b:4e:35:84:7b:2c:21:3f:91:e2:9a:75:4c:47:da:
c0:e7:23:51:08:12:b1:ba:22:87:9e:6f:39:0b:c8:06:f3:6a:
4f:40:79:00:5b:65:2e:1c:36:ad:76:db:05:1d:61:8d:40:ba:
57:85:08:4e:99:4a:ee:29:87:a9:06:30:13:3f:2d:e2:d9:1b:
b8:3e:bc:20:20:11:2a:56:ce:80:97:30:22:12:d9:4c:e9:74:
0d:3f:75:78:c4:31:3f:9f:9b:38:b6:f2:68:b1:5f:08:e5:99:
78:e9:5c:1b:3b:90:97:42:e7:78:7c:3b:27:de:82:7d:bb:27:
32:b6:36:f2:1a:a3:f9:41:24:27:d2:38:9a:cf:eb:a5:05:72:
f6:9d:18:b2:62:0b:92:46:86:eb:90:21:e6:30:88:a4:c2:5f:
b2:4a:42:0b:b7:c9:11:02:e7:55:2e:25:55:2f:8a:85:6b:27:
eb:27:33:72
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQjae7R4ieS4cHAzCLbvqvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwMTAxMTk0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGEyODNiY2I5ZmQzYTE0ZDdiNDY2ZTA1NjY2MjFhNWQ0N2ZkYmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPrHzPQfjmOsWKi2w7IuLlodNBB8
4c1pD1p+lzlG5QptmJhOS1kozIX2OJhRE6FI3p3hT6SqdVtAb47FPg6lH7tADwQb
G2+8dg7+yRgE6j4KNF5tG/qFW8xiuYYrYzac39thqKrf6fDG0sE7S98P7rqG+Hi/
mw5XgXnoDw7/JJSTMdC3cnyG0256Sey3ExWjs3fNwApSaH1TMWfSvSnaRR7NYEmB
/av1kjUpYqvuCH0dMtTmWkUzHbcrIkBEePCUXqpvTWmPDijKTeU4FxU6SvKaLXNM
GTnNMbht8Fwk2j66Q38RpHsDK6e2HijT7v2lLHtcFmdv+yyM40xbrv+XPwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFCSig7y5/ToU17Rm4FZmIaXUf9uxMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvSktLRHZMbjlPaFRYdEdiZ1ZtWWhwZFJfMjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCLgMAMAwD
BAUuA2ADBAAuA2QwDAMEAS4DZgMEBC4DYAMEAC7oBgMEBC7oMDANBgkqhkiG9w0B
AQsFAAOCAQEAXAJbWrUcUX91QqLJRatJpqfl0FVdkscUU2EOCFpkIUsNv7WOq3sf
+NWaRf+1c+3+34qOHA3O7GhU4r7C9uGlqxQpzXI3B2Gq6Iq5a041hHssIT+R4pp1
TEfawOcjUQgSsboih55vOQvIBvNqT0B5AFtlLhw2rXbbBR1hjUC6V4UITplK7imH
qQYwEz8t4tkbuD68ICARKlbOgJcwIhLZTOl0DT91eMQxP5+bOLbyaLFfCOWZeOlc
GzuQl0LneHw7J96CfbsnMrY28hqj+UEkJ9I4ms/rpQVy9p0YsmILkkaG65Ah5jCI
pMJfskpCC7fJEQLnVS4lVS+KhWsn6yczcg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:32 2025 by rpki-client