Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/6959c2-ee0b-42bd-b42d-bf7fdc29be6d/1/kNkve0DWqsxuZGfRw4MD6gUk5xQ.roa
File: kNkve0DWqsxuZGfRw4MD6gUk5xQ.roa (raw, json)
Hash identifier: nu7jCVp7DZqb0PWegWdN83WZlLGheJCh4HcM4SujuTU=
Subject key identifier: 90:D9:2F:7B:40:D6:AA:CC:6E:64:67:D1:C3:83:03:EA:05:24:E7:14
Certificate issuer: /CN=9caf9a0d78a6811cd1686deb117788af866c8091
Certificate serial: 018511A26451796EDF3228159B2A40AE75AE
Authority key identifier: 9C:AF:9A:0D:78:A6:81:1C:D1:68:6D:EB:11:77:88:AF:86:6C:80:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nK-aDXimgRzRaG3rEXeIr4ZsgJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/6959c2-ee0b-42bd-b42d-bf7fdc29be6d/1/kNkve0DWqsxuZGfRw4MD6gUk5xQ.roa
Signing time: Wed 14 Dec 2022 17:15:33 +0000
ROA not before: Wed 14 Dec 2022 17:15:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204895
IP address blocks: 46.148.208.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:11:a2:64:51:79:6e:df:32:28:15:9b:2a:40:ae:75:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9caf9a0d78a6811cd1686deb117788af866c8091
Validity
Not Before: Dec 14 17:15:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90d92f7b40d6aacc6e6467d1c38303ea0524e714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:36:9b:95:51:bc:96:9f:d2:53:4e:e2:45:11:
f5:3c:98:25:2d:51:a5:3f:13:9b:7d:0e:6f:94:27:
b1:20:ab:62:1b:be:ca:2d:38:88:34:b1:53:d1:ba:
0c:74:51:28:11:ca:6a:57:55:12:43:2d:65:2c:e9:
a1:d2:f3:fd:82:e2:5d:7a:77:88:26:c3:22:9a:83:
ed:00:36:1f:0c:77:cc:92:46:4a:92:08:a7:a4:55:
33:f5:7d:99:21:8e:2c:5a:5c:8a:ff:c5:10:c2:b9:
c9:1e:96:f9:c2:72:ca:34:2c:ab:25:c5:84:d8:0b:
70:a9:13:47:41:9f:94:9f:bf:55:19:54:31:92:a4:
b3:48:d8:47:0a:dd:b7:f7:62:1c:95:e6:d2:e9:3c:
da:69:0a:d8:95:af:35:e1:50:d9:91:7a:c6:fd:b6:
dc:25:03:cc:78:64:a6:2f:f8:1b:4d:d8:68:ab:29:
79:5a:f8:bb:af:ad:4a:16:b0:09:f4:23:52:b2:92:
21:d2:19:90:c8:c0:d7:16:32:39:f0:d2:02:d7:a7:
7b:fd:17:0a:c5:34:65:18:4f:24:2c:59:70:50:c1:
e4:d4:c7:c6:c9:d1:08:ae:f2:05:e9:bb:41:fd:f8:
16:59:c9:0a:a3:2d:35:fe:09:0f:80:b4:e3:4d:f3:
6a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D9:2F:7B:40:D6:AA:CC:6E:64:67:D1:C3:83:03:EA:05:24:E7:14
X509v3 Authority Key Identifier:
keyid:9C:AF:9A:0D:78:A6:81:1C:D1:68:6D:EB:11:77:88:AF:86:6C:80:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nK-aDXimgRzRaG3rEXeIr4ZsgJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/6959c2-ee0b-42bd-b42d-bf7fdc29be6d/1/kNkve0DWqsxuZGfRw4MD6gUk5xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/6959c2-ee0b-42bd-b42d-bf7fdc29be6d/1/nK-aDXimgRzRaG3rEXeIr4ZsgJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.208.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:e3:f2:fc:da:6d:13:a2:f8:f5:bc:1e:f2:f2:6e:5e:86:11:
4b:5e:2d:bd:8e:b6:9e:3d:83:aa:ef:83:7c:8c:cb:f3:e2:e9:
71:10:c5:05:a0:3a:1a:09:18:45:91:ca:44:05:03:27:f5:95:
e9:01:a6:a9:61:80:ed:53:eb:ee:7c:fe:97:66:cf:dd:5f:72:
5c:81:13:02:70:50:70:a1:8a:7f:ac:8c:04:5d:d6:55:18:9b:
92:32:cb:e9:2d:00:42:67:bb:fa:ed:cd:f8:6c:ee:e9:26:47:
2c:c7:9b:52:43:db:54:4d:49:13:bb:d1:3e:bf:10:ad:89:0f:
e3:bb:50:77:56:98:18:11:f8:30:c2:8a:11:2d:bd:d0:02:92:
f4:e6:47:fc:a2:ee:a3:d7:eb:fd:74:55:0d:fb:8a:e3:48:48:
c0:fb:a0:b5:ff:41:2a:4b:13:54:c0:89:1d:e5:5e:4d:5d:01:
29:ed:c1:4f:c2:6b:33:ec:45:49:70:76:2d:7e:ed:41:94:3d:
4f:85:57:ef:97:a6:a9:7f:fb:e6:64:74:d4:dc:4b:01:25:c2:
32:f4:53:60:f4:91:d0:03:aa:be:fb:14:83:67:4d:c9:51:2b:
8d:2a:dd:f6:f1:b8:8b:b9:e6:b9:4a:d0:4c:8c:68:75:c4:39:
1f:1d:7b:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYURomRReW7fMigVmypArnWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYWY5YTBkNzhhNjgxMWNkMTY4NmRlYjExNzc4OGFmODY2
YzgwOTEwHhcNMjIxMjE0MTcxNTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQ5MmY3YjQwZDZhYWNjNmU2NDY3ZDFjMzgzMDNlYTA1MjRlNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDablVG8lp/SU07iRRH1PJglLVGl
PxObfQ5vlCexIKtiG77KLTiINLFT0boMdFEoEcpqV1USQy1lLOmh0vP9guJdeneI
JsMimoPtADYfDHfMkkZKkginpFUz9X2ZIY4sWlyK/8UQwrnJHpb5wnLKNCyrJcWE
2AtwqRNHQZ+Un79VGVQxkqSzSNhHCt2392IclebS6TzaaQrYla814VDZkXrG/bbc
JQPMeGSmL/gbTdhoqyl5Wvi7r61KFrAJ9CNSspIh0hmQyMDXFjI58NIC16d7/RcK
xTRlGE8kLFlwUMHk1MfGydEIrvIF6btB/fgWWckKoy01/gkPgLTjTfNqvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDZL3tA1qrMbmRn0cODA+oFJOcUMB8GA1UdIwQY
MBaAFJyvmg14poEc0Wht6xF3iK+GbICRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkstYURYaW1nUnpSYUczckVYZUlyNFpzZ0pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC82OTU5YzItZWUwYi00MmJkLWI0MmQt
YmY3ZmRjMjliZTZkLzEva05rdmUwRFdxc3h1WkdmUnc0TUQ2Z1VrNXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC82OTU5YzItZWUwYi00MmJkLWI0MmQtYmY3ZmRjMjliZTZk
LzEvbkstYURYaW1nUnpSYUczckVYZUlyNFpzZ0pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLpTQMA0G
CSqGSIb3DQEBCwUAA4IBAQBa4/L82m0Tovj1vB7y8m5ehhFLXi29jraePYOq74N8
jMvz4ulxEMUFoDoaCRhFkcpEBQMn9ZXpAaapYYDtU+vufP6XZs/dX3JcgRMCcFBw
oYp/rIwEXdZVGJuSMsvpLQBCZ7v67c34bO7pJkcsx5tSQ9tUTUkTu9E+vxCtiQ/j
u1B3VpgYEfgwwooRLb3QApL05kf8ou6j1+v9dFUN+4rjSEjA+6C1/0EqSxNUwIkd
5V5NXQEp7cFPwmsz7EVJcHYtfu1BlD1PhVfvl6apf/vmZHTU3EsBJcIy9FNg9JHQ
A6q++xSDZ03JUSuNKt328biLuea5StBMjGh1xDkfHXsA
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:21:26 2025 by rpki-client