Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/x2XArOBHXrLC-3FJ3y6DSlP7Buc.roa
File: x2XArOBHXrLC-3FJ3y6DSlP7Buc.roa (raw, json)
Hash identifier: 6yE8LgtPNc+LRIeauNyF3Qxuw3pGGX1+KOvDD0yS074=
Subject key identifier: C7:65:C0:AC:E0:47:5E:B2:C2:FB:71:49:DF:2E:83:4A:53:FB:06:E7
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01942369E54FDD58FB90FE604C9216D81D39
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/x2XArOBHXrLC-3FJ3y6DSlP7Buc.roa
Signing time: Wed 01 Jan 2025 19:48:50 +0000
ROA not before: Wed 01 Jan 2025 19:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1239
IP address blocks: 46.3.190.0/24 maxlen: 24
46.3.208.0/21 maxlen: 21
46.3.220.0/23 maxlen: 23
46.3.230.0/23 maxlen: 23
46.3.248.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.252.0/24 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
46.232.69.0/24 maxlen: 24
46.232.112.0/20 maxlen: 22
149.126.226.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.246.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e5:4f:dd:58:fb:90:fe:60:4c:92:16:d8:1d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jan 1 19:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c765c0ace0475eb2c2fb7149df2e834a53fb06e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a7:5a:e8:00:e0:46:9c:53:ac:f7:65:6b:33:
31:0f:3a:60:41:01:c0:5e:9a:77:2a:a9:08:1d:ec:
ac:bd:07:45:15:a7:db:e4:3f:6c:04:d2:78:13:94:
05:25:c3:44:98:f1:f1:90:47:64:0d:3d:f0:bc:29:
b0:ad:e9:a7:58:aa:73:12:4a:c5:de:51:9b:ac:4b:
51:92:18:41:df:a0:ca:5f:90:fc:bc:6d:4f:46:41:
a2:84:53:57:67:a1:f6:c3:04:6d:a7:40:3d:0e:b3:
44:da:1c:b4:46:e8:c5:21:dc:50:15:a9:f7:4a:69:
48:d9:f5:d8:53:96:85:93:97:db:ad:10:41:db:d3:
04:a6:1d:57:77:fb:70:41:84:20:93:fd:0e:e7:31:
73:a9:0d:e5:07:56:ae:34:96:d9:53:9f:f4:39:c6:
a4:70:2c:87:dd:90:2f:df:26:25:c7:67:89:c1:2f:
48:f9:3d:e6:bf:e1:29:6d:82:02:15:52:e4:ea:28:
da:80:b5:97:ba:89:02:91:01:c9:87:22:d8:c6:80:
a8:35:25:51:ec:a6:bf:3f:e9:49:1c:44:28:c0:f9:
d2:51:26:2c:ed:00:5b:8e:89:b7:67:16:1f:5a:d8:
b6:e3:46:32:77:03:6d:5d:98:d5:1c:95:ee:65:e2:
e6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:65:C0:AC:E0:47:5E:B2:C2:FB:71:49:DF:2E:83:4A:53:FB:06:E7
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/x2XArOBHXrLC-3FJ3y6DSlP7Buc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.190.0/24
46.3.208.0/21
46.3.220.0/23
46.3.230.0/23
46.3.248.0/24
46.3.251.0-46.3.255.255
46.232.69.0/24
46.232.112.0/20
149.126.226.0/24
149.126.244.0/24
149.126.246.0-149.126.250.255
Signature Algorithm: sha256WithRSAEncryption
63:51:8d:8b:62:14:d9:91:d5:0f:2b:43:ba:dd:d9:54:21:36:
fd:4e:8f:0d:fc:fb:b4:bd:df:5c:89:e8:f7:68:bb:64:a3:0d:
fa:bf:88:6e:c1:49:37:2d:2a:87:66:2b:79:3e:fe:91:39:03:
72:9c:b7:ee:7f:d8:88:ff:33:20:43:81:5f:cb:36:0f:2a:23:
2d:5e:69:4d:bd:4b:27:8b:b7:3f:af:bf:9c:ef:92:f8:bc:2b:
2c:cf:81:10:bb:d2:e2:c1:83:32:e8:55:3f:ac:c6:20:9f:bf:
3a:92:33:79:88:47:db:2b:7b:b0:d1:7a:a0:6e:7b:30:6b:c5:
e9:db:7b:3b:46:4e:65:ab:86:51:db:a8:bd:e7:d5:50:ef:1c:
a9:ca:f5:ee:ba:3b:2d:70:56:6e:b3:5e:ee:44:56:27:94:8e:
e6:13:d3:81:98:17:86:7f:cf:aa:15:b4:44:2e:ce:13:e3:e2:
ae:19:fa:ea:36:1c:3b:13:9b:22:c2:b0:fe:d7:bd:48:d5:c9:
94:4f:3a:c9:66:ff:7f:e7:dc:8d:8f:7e:2d:cd:03:7c:70:cf:
68:0d:ac:d3:da:50:37:42:40:70:fa:3c:7d:c2:96:6f:df:f8:
11:bf:47:7e:b4:ee:48:e2:fc:1f:f9:37:1b:10:95:c9:4d:0e:
d5:40:df:0d
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZQjaeVP3Vj7kP5gTJIW2B05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwMTAxMTk0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzY1YzBhY2UwNDc1ZWIyYzJmYjcxNDlkZjJlODM0YTUzZmIwNmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6da6ADgRpxTrPdlazMxDzpgQQHA
Xpp3KqkIHeysvQdFFafb5D9sBNJ4E5QFJcNEmPHxkEdkDT3wvCmwremnWKpzEkrF
3lGbrEtRkhhB36DKX5D8vG1PRkGihFNXZ6H2wwRtp0A9DrNE2hy0RujFIdxQFan3
SmlI2fXYU5aFk5fbrRBB29MEph1Xd/twQYQgk/0O5zFzqQ3lB1auNJbZU5/0Ocak
cCyH3ZAv3yYlx2eJwS9I+T3mv+EpbYICFVLk6ijagLWXuokCkQHJhyLYxoCoNSVR
7Ka/P+lJHEQowPnSUSYs7QBbjom3ZxYfWti240YydwNtXZjVHJXuZeLm1wIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFMdlwKzgR16ywvtxSd8ug0pT+wbnMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEveDJYQXJPQkhYckxDLTNGSjN5NkRTbFA3QnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAATBRAwQALgO+AwQD
LgPQAwQBLgPcAwQBLgPmAwQALgP4MAsDBAAuA/sDAwIuAAMEAC7oRQMEBC7ocAME
AJV+4gMEAJV+9DAMAwQBlX72AwQAlX76MA0GCSqGSIb3DQEBCwUAA4IBAQBjUY2L
YhTZkdUPK0O63dlUITb9To8N/Pu0vd9ciej3aLtkow36v4huwUk3LSqHZit5Pv6R
OQNynLfuf9iI/zMgQ4FfyzYPKiMtXmlNvUsni7c/r7+c75L4vCssz4EQu9LiwYMy
6FU/rMYgn786kjN5iEfbK3uw0Xqgbnswa8Xp23s7Rk5lq4ZR26i959VQ7xypyvXu
ujstcFZus17uRFYnlI7mE9OBmBeGf8+qFbRELs4T4+KuGfrqNhw7E5siwrD+171I
1cmUTzrJZv9/59yNj34tzQN8cM9oDazT2lA3QkBw+jx9wpZv3/gRv0d+tO5I4vwf
+TcbEJXJTQ7VQN8N
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:48 2025 by rpki-client