Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/L7oTZ235BsG8NmRNpO9GnYl64fU.roa
File: L7oTZ235BsG8NmRNpO9GnYl64fU.roa (raw, json)
Hash identifier: hURSNGk2xJY0GpFH16GzP5/cRYP3PvCrGKdpNPYLac0=
Subject key identifier: 2F:BA:13:67:6D:F9:06:C1:BC:36:64:4D:A4:EF:46:9D:89:7A:E1:F5
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01942369E9BF3CC1321DB33EA201A988C508
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/L7oTZ235BsG8NmRNpO9GnYl64fU.roa
Signing time: Wed 01 Jan 2025 19:48:51 +0000
ROA not before: Wed 01 Jan 2025 19:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33991
IP address blocks: 46.3.116.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e9:bf:3c:c1:32:1d:b3:3e:a2:01:a9:88:c5:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 1 19:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fba13676df906c1bc36644da4ef469d897ae1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:04:a1:bd:d8:07:39:b5:c0:b1:48:78:23:7d:
4b:d8:ba:11:58:de:a3:21:06:00:1d:9e:0a:a4:e4:
2a:6e:04:cd:f8:0e:5a:6c:b6:12:86:a1:dd:f6:e4:
44:9c:dd:6c:47:4a:49:7f:28:d9:0c:af:d4:d1:6a:
84:b4:79:ce:b7:b8:33:cd:9c:93:e1:74:ce:72:f5:
dd:dd:e6:26:a7:3b:5d:9b:eb:ea:a6:de:ea:f5:66:
01:c8:1a:32:fe:4a:8b:53:d5:8a:c6:a8:61:5e:24:
fd:8c:ba:4d:fe:39:54:87:f1:4f:42:10:c9:fb:cd:
73:97:57:c4:00:bb:65:ce:ab:96:a6:e1:78:b8:2a:
f3:14:07:c9:ca:4c:16:d0:c3:70:bf:c9:6c:8c:0a:
63:47:62:e0:a4:44:3f:49:de:65:6c:38:7e:d6:c4:
5b:62:0d:dc:c4:e1:18:31:0c:3d:63:0c:7e:b4:94:
3b:a0:31:b9:18:e2:f5:a4:b3:3e:a4:a0:f5:25:bc:
d0:c5:77:97:04:0c:1b:41:21:8a:c0:0e:bb:34:16:
99:4d:ee:27:21:a6:04:9c:e6:d4:b1:75:26:91:3f:
d5:f2:77:d9:41:0d:17:e2:4f:51:17:0d:43:19:d3:
90:3a:21:bb:dd:a1:b4:20:a7:24:3e:fd:20:12:b4:
d1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:BA:13:67:6D:F9:06:C1:BC:36:64:4D:A4:EF:46:9D:89:7A:E1:F5
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/L7oTZ235BsG8NmRNpO9GnYl64fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.116.0/22
Signature Algorithm: sha256WithRSAEncryption
78:8f:a7:36:bc:78:fe:a9:a9:86:e1:3c:d3:14:45:46:6f:c6:
48:35:ea:5d:2d:3d:81:92:75:71:fa:9e:43:a3:13:42:42:4c:
c3:79:86:d0:3d:2e:a9:66:5f:55:ea:4b:e7:da:e0:ac:ee:6b:
f0:2d:be:c2:1d:e7:d7:93:ce:b3:0d:6c:75:97:97:ce:2f:f3:
35:65:eb:40:fd:fe:bb:0e:e6:b4:9b:31:04:a6:cc:bf:d6:5c:
31:2a:69:0e:ff:57:42:63:63:28:1a:f2:88:45:c8:fc:7d:0b:
ec:62:05:92:df:22:e3:a8:d1:72:72:3f:a9:61:36:a2:0a:df:
bc:b6:17:32:62:d9:ad:41:54:2d:15:d7:a6:85:08:04:4f:42:
da:da:c9:79:c9:e5:60:72:9e:80:f7:45:c1:56:8c:84:65:5e:
ae:3c:e2:2a:70:0f:f4:c9:79:60:86:5e:86:96:3a:ec:c5:98:
bd:25:33:e6:5d:39:7d:e3:1b:3c:ba:97:0f:42:af:e5:11:66:
da:c2:68:e7:ec:90:96:3d:d7:13:d3:48:4f:70:e1:d7:95:6d:
29:9a:39:73:ab:92:42:f7:19:cf:cf:ad:3e:59:fd:29:85:7b:
1e:00:02:e9:65:66:01:9b:8c:f6:c4:1b:e1:a2:87:a8:0f:f6:
f5:d4:86:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaem/PMEyHbM+ogGpiMUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwMTAxMTk0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmJhMTM2NzZkZjkwNmMxYmMzNjY0NGRhNGVmNDY5ZDg5N2FlMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wShvdgHObXAsUh4I31L2LoRWN6j
IQYAHZ4KpOQqbgTN+A5abLYShqHd9uREnN1sR0pJfyjZDK/U0WqEtHnOt7gzzZyT
4XTOcvXd3eYmpztdm+vqpt7q9WYByBoy/kqLU9WKxqhhXiT9jLpN/jlUh/FPQhDJ
+81zl1fEALtlzquWpuF4uCrzFAfJykwW0MNwv8lsjApjR2LgpEQ/Sd5lbDh+1sRb
Yg3cxOEYMQw9Ywx+tJQ7oDG5GOL1pLM+pKD1JbzQxXeXBAwbQSGKwA67NBaZTe4n
IaYEnObUsXUmkT/V8nfZQQ0X4k9RFw1DGdOQOiG73aG0IKckPv0gErTRfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC+6E2dt+QbBvDZkTaTvRp2JeuH1MB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvTDdvVFoyMzVCc0c4Tm1STnBPOUduWWw2NGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLgN0MA0G
CSqGSIb3DQEBCwUAA4IBAQB4j6c2vHj+qamG4TzTFEVGb8ZINepdLT2BknVx+p5D
oxNCQkzDeYbQPS6pZl9V6kvn2uCs7mvwLb7CHefXk86zDWx1l5fOL/M1ZetA/f67
Dua0mzEEpsy/1lwxKmkO/1dCY2MoGvKIRcj8fQvsYgWS3yLjqNFycj+pYTaiCt+8
thcyYtmtQVQtFdemhQgET0La2sl5yeVgcp6A90XBVoyEZV6uPOIqcA/0yXlghl6G
ljrsxZi9JTPmXTl94xs8upcPQq/lEWbawmjn7JCWPdcT00hPcOHXlW0pmjlzq5JC
9xnPz60+Wf0phXseAALpZWYBm4z2xBvhooeoD/b11IZb
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:56 2025 by rpki-client