Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/ch8trsgWWRRABytxu9lTDIXApFM.roa
File: ch8trsgWWRRABytxu9lTDIXApFM.roa (raw, json)
Hash identifier: ZRmecqf+OAMr2qR+GTmj4cjUEH84OhUejoTZTcjm28c=
Subject key identifier: 72:1F:2D:AE:C8:16:59:14:40:07:2B:71:BB:D9:53:0C:85:C0:A4:53
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01942369E71F8117D0806EB29FCFF843CA61
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/ch8trsgWWRRABytxu9lTDIXApFM.roa
Signing time: Wed 01 Jan 2025 19:48:50 +0000
ROA not before: Wed 01 Jan 2025 19:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6461
IP address blocks: 46.232.4.0/23 maxlen: 24
149.126.195.0/24 maxlen: 24
149.126.198.0/24 maxlen: 24
149.126.201.0/24 maxlen: 24
149.126.202.0/24 maxlen: 24
149.126.204.0/24 maxlen: 24
149.126.205.0/24 maxlen: 24
149.126.208.0/24 maxlen: 24
149.126.210.0/24 maxlen: 24
149.126.214.0/24 maxlen: 24
149.126.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e7:1f:81:17:d0:80:6e:b2:9f:cf:f8:43:ca:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 1 19:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=721f2daec816591440072b71bbd9530c85c0a453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8d:47:ef:c1:5c:36:23:98:a8:51:cf:e0:71:
09:df:2b:82:69:e1:5b:f2:b2:58:f1:3b:f0:96:4d:
d3:4b:59:1a:24:9b:89:8a:53:08:f6:9a:ec:6d:5c:
3e:06:3c:b6:2f:d7:d5:99:c6:70:6a:8b:5e:95:1d:
18:33:b6:75:7b:6b:2f:1c:be:3c:d9:e4:a6:b1:84:
97:ab:30:a2:58:74:4e:f5:cd:cc:bb:82:fa:5e:7d:
a3:b5:79:69:23:7b:6b:10:df:5f:b7:94:f0:b1:a0:
3c:82:0e:27:e7:33:4f:74:30:2b:9e:ef:0e:0a:45:
ab:d2:87:2b:97:31:8f:9d:41:ed:dd:aa:87:bd:3a:
22:44:8b:7b:ac:c3:cf:1e:3f:c6:8b:f9:37:4f:7d:
82:42:f2:68:fd:f3:64:46:72:a8:f6:56:17:c0:85:
6f:f1:0a:88:68:a0:ad:1c:2c:40:2d:bc:47:fd:f4:
e9:9a:f1:a9:77:1d:b9:6a:28:14:66:fb:a2:71:41:
6d:a6:1e:9e:cb:94:ed:ce:55:85:34:d2:95:f5:33:
60:08:28:fd:05:20:be:e5:ae:5b:a0:65:8f:cd:01:
66:48:b4:eb:67:0b:bb:11:b3:35:26:e2:ed:b6:9d:
3b:9b:53:5a:1f:e9:f6:b4:17:98:3b:ac:e4:94:dd:
5c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1F:2D:AE:C8:16:59:14:40:07:2B:71:BB:D9:53:0C:85:C0:A4:53
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/ch8trsgWWRRABytxu9lTDIXApFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.4.0/23
149.126.195.0/24
149.126.198.0/24
149.126.201.0-149.126.202.255
149.126.204.0/23
149.126.208.0/24
149.126.210.0/24
149.126.214.0/24
149.126.225.0/24
Signature Algorithm: sha256WithRSAEncryption
31:1d:6b:ec:3d:01:27:23:52:e9:f2:17:03:91:04:6c:b1:b1:
0f:d7:00:a4:01:87:cb:dd:ac:d1:bb:6a:dc:9c:e1:11:6a:79:
f9:a0:a2:c1:2f:29:53:90:05:fb:9b:c1:8b:ff:03:41:0c:bc:
44:b7:b7:a7:36:df:f6:fc:80:d7:36:cf:99:27:1c:28:ce:d0:
05:18:e0:b1:25:d1:89:14:9a:7c:6e:80:15:f0:93:60:46:e5:
b3:ed:28:d2:d1:9d:70:3a:b5:92:08:55:b4:c7:25:bf:bf:ff:
a5:75:bd:66:01:69:22:6c:61:02:c7:d9:ab:aa:9f:61:a9:5c:
cf:d5:62:5c:b3:60:20:fa:82:53:5c:5a:96:25:b9:73:ad:fd:
04:00:d4:4c:1d:7d:0e:c0:dd:08:80:72:3b:0e:48:8f:04:60:
b9:66:d8:11:25:c9:04:8e:3c:d6:b9:d6:83:c6:b2:ce:08:98:
68:88:aa:53:a7:e5:e7:85:05:96:32:82:e3:d5:d0:1c:cc:a9:
82:cb:2f:01:98:0e:44:1c:b5:f6:19:1e:64:5b:97:d8:8a:8b:
b6:58:32:d2:1f:a2:2b:17:0f:08:b0:9a:b9:d6:7d:53:4d:0e:
69:fd:43:84:80:c5:cc:ba:05:23:6d:c1:97:8f:de:e4:3d:5f:
33:24:74:08
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZQjaecfgRfQgG6yn8/4Q8phMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwMTAxMTk0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjFmMmRhZWM4MTY1OTE0NDAwNzJiNzFiYmQ5NTMwYzg1YzBhNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwo1H78FcNiOYqFHP4HEJ3yuCaeFb
8rJY8Tvwlk3TS1kaJJuJilMI9prsbVw+Bjy2L9fVmcZwaotelR0YM7Z1e2svHL48
2eSmsYSXqzCiWHRO9c3Mu4L6Xn2jtXlpI3trEN9ft5TwsaA8gg4n5zNPdDArnu8O
CkWr0ocrlzGPnUHt3aqHvToiRIt7rMPPHj/Gi/k3T32CQvJo/fNkRnKo9lYXwIVv
8QqIaKCtHCxALbxH/fTpmvGpdx25aigUZvuicUFtph6ey5TtzlWFNNKV9TNgCCj9
BSC+5a5boGWPzQFmSLTrZwu7EbM1JuLttp07m1NaH+n2tBeYO6zklN1cUQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFHIfLa7IFlkUQAcrcbvZUwyFwKRTMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvY2g4dHJzZ1dXUlJBQnl0eHU5bFRESVhBcEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQBLugEAwQA
lX7DAwQAlX7GMAwDBACVfskDBACVfsoDBAGVfswDBACVftADBACVftIDBACVftYD
BACVfuEwDQYJKoZIhvcNAQELBQADggEBADEda+w9AScjUunyFwORBGyxsQ/XAKQB
h8vdrNG7atyc4RFqefmgosEvKVOQBfubwYv/A0EMvES3t6c23/b8gNc2z5knHCjO
0AUY4LEl0YkUmnxugBXwk2BG5bPtKNLRnXA6tZIIVbTHJb+//6V1vWYBaSJsYQLH
2auqn2GpXM/VYlyzYCD6glNcWpYluXOt/QQA1EwdfQ7A3QiAcjsOSI8EYLlm2BEl
yQSOPNa51oPGss4ImGiIqlOn5eeFBZYyguPV0BzMqYLLLwGYDkQctfYZHmRbl9iK
i7ZYMtIfoisXDwiwmrnWfVNNDmn9Q4SAxcy6BSNtwZeP3uQ9XzMkdAg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:10 2025 by rpki-client