Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/97T1FKP4AB1wFygDf_IjY6gh_W0.roa
File: 97T1FKP4AB1wFygDf_IjY6gh_W0.roa (raw, json)
Hash identifier: b+uL1I+CF8JWEeaj5CSinTGLvmB9uwh7dpcntKLQtgU=
Subject key identifier: F7:B4:F5:14:A3:F8:00:1D:70:17:28:03:7F:F2:23:63:A8:21:FD:6D
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 019426D863EAE3B6427D239B92AD42D7FD18
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/97T1FKP4AB1wFygDf_IjY6gh_W0.roa
Signing time: Thu 02 Jan 2025 11:48:22 +0000
ROA not before: Thu 02 Jan 2025 11:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 176.46.132.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.145.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:63:ea:e3:b6:42:7d:23:9b:92:ad:42:d7:fd:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 2 11:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7b4f514a3f8001d701728037ff22363a821fd6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6c:1e:98:86:40:84:6f:4a:d0:a9:da:87:46:
55:c1:a5:d8:a6:00:4d:cb:e2:cb:4a:75:47:16:b4:
5f:cf:67:d3:bf:6a:3d:99:71:70:27:37:1a:d9:eb:
5f:1b:60:37:18:b3:88:47:7b:aa:ff:65:20:e1:6f:
05:2f:22:8a:b5:cb:7d:a0:60:78:88:8a:00:8f:e4:
db:c2:02:ff:e8:45:a5:66:28:f6:0e:d4:b2:c0:40:
3f:92:76:b2:f0:4a:5f:4e:02:25:3c:93:22:5d:5b:
d7:a0:2d:ee:e5:12:17:4b:13:4f:26:19:5d:8c:ec:
7c:9f:08:e9:1a:42:ec:9a:95:bc:84:3c:a6:ab:8f:
97:cf:1e:34:98:b8:95:02:7d:e8:7e:23:d9:3c:e3:
5d:c5:46:2b:dd:61:7c:89:54:d3:5a:dd:fa:d8:d8:
a0:7a:99:69:44:3f:c1:af:9b:74:38:91:76:d2:17:
65:2f:90:19:38:9a:60:43:6e:46:d3:21:12:f6:2d:
f1:75:58:41:86:80:9e:ee:4e:e7:8b:f0:28:a0:78:
1e:c3:74:4c:39:20:c1:71:67:14:7b:ba:35:46:a0:
40:12:b4:fd:06:2a:da:22:a1:4e:ae:e1:ef:01:f0:
0f:8f:3a:a0:53:be:a4:29:55:43:dc:b7:8c:16:53:
81:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B4:F5:14:A3:F8:00:1D:70:17:28:03:7F:F2:23:63:A8:21:FD:6D
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/97T1FKP4AB1wFygDf_IjY6gh_W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.46.132.0/24
176.46.140.0/24
176.46.145.0/24
176.46.151.0/24
Signature Algorithm: sha256WithRSAEncryption
19:33:65:db:aa:32:5e:2c:55:01:b6:59:b7:a0:f6:57:bd:f3:
44:a7:53:a0:91:ec:29:85:b2:a8:1d:18:d2:3e:2f:11:36:73:
a8:08:11:93:d8:ca:fc:77:b7:b7:e5:68:ce:5b:f4:2a:1e:f5:
a3:22:d9:d0:32:86:46:17:6b:d1:1f:28:bf:e6:28:6f:1e:dd:
5d:c5:06:34:c4:a4:42:4f:c0:11:89:08:8c:7e:5c:12:37:a5:
4e:d7:3f:b0:69:7b:9f:cb:bd:61:85:2c:42:ee:f1:f3:18:02:
a3:90:d0:6d:55:f7:a3:f3:79:d7:10:80:1f:e8:6d:c9:44:00:
30:8a:8e:5a:e9:e6:e9:cb:dd:9a:72:cd:60:3f:44:04:40:c2:
ef:9f:24:e7:b1:1d:3f:51:e7:77:61:b9:9a:c9:4e:3b:ed:70:
df:eb:10:5f:99:07:91:2f:db:f4:f9:9b:f5:ce:28:72:37:55:
b8:a7:04:d2:42:3e:bb:27:d2:33:d6:ca:2e:28:38:a6:70:36:
ce:0c:9e:d7:ee:f6:f2:b5:f0:97:c5:d1:25:cc:bc:b1:0d:0e:
9d:9f:c2:cb:43:c2:97:95:d7:19:53:4a:04:d7:ff:17:a6:96:
e6:d8:01:7a:99:65:0e:91:71:73:93:b0:95:6d:61:8e:e9:fc:
1c:6f:bf:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQm2GPq47ZCfSObkq1C1/0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwMTAyMTE0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2I0ZjUxNGEzZjgwMDFkNzAxNzI4MDM3ZmYyMjM2M2E4MjFmZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWwemIZAhG9K0Knah0ZVwaXYpgBN
y+LLSnVHFrRfz2fTv2o9mXFwJzca2etfG2A3GLOIR3uq/2Ug4W8FLyKKtct9oGB4
iIoAj+TbwgL/6EWlZij2DtSywEA/knay8EpfTgIlPJMiXVvXoC3u5RIXSxNPJhld
jOx8nwjpGkLsmpW8hDymq4+Xzx40mLiVAn3ofiPZPONdxUYr3WF8iVTTWt362Nig
eplpRD/Br5t0OJF20hdlL5AZOJpgQ25G0yES9i3xdVhBhoCe7k7ni/AooHgew3RM
OSDBcWcUe7o1RqBAErT9BiraIqFOruHvAfAPjzqgU76kKVVD3LeMFlOBVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPe09RSj+AAdcBcoA3/yI2OoIf1tMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvOTdUMUZLUDRBQjF3RnlnRGZfSWpZNmdoX1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsC6EAwQA
sC6MAwQAsC6RAwQAsC6XMA0GCSqGSIb3DQEBCwUAA4IBAQAZM2XbqjJeLFUBtlm3
oPZXvfNEp1OgkewphbKoHRjSPi8RNnOoCBGT2Mr8d7e35WjOW/QqHvWjItnQMoZG
F2vRHyi/5ihvHt1dxQY0xKRCT8ARiQiMflwSN6VO1z+waXufy71hhSxC7vHzGAKj
kNBtVfej83nXEIAf6G3JRAAwio5a6ebpy92acs1gP0QEQMLvnyTnsR0/Ued3Ybma
yU477XDf6xBfmQeRL9v0+Zv1zihyN1W4pwTSQj67J9Iz1souKDimcDbODJ7X7vby
tfCXxdElzLyxDQ6dn8LLQ8KXldcZU0oE1/8Xppbm2AF6mWUOkXFzk7CVbWGO6fwc
b78E
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:14 2025 by rpki-client