Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/VJw7EGWBHBTd5uBWzWCwc9b3x80.roa
File: VJw7EGWBHBTd5uBWzWCwc9b3x80.roa (raw, json)
Hash identifier: xudmjIWaWnVfVFq+1xRcHfkS3a7VrnckciKRykbmge8=
Subject key identifier: 54:9C:3B:10:65:81:1C:14:DD:E6:E0:56:CD:60:B0:73:D6:F7:C7:CD
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 019500255A0B5001C2EC4FB4B48F9A516035
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/VJw7EGWBHBTd5uBWzWCwc9b3x80.roa
Signing time: Thu 13 Feb 2025 16:30:02 +0000
ROA not before: Thu 13 Feb 2025 16:30:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25198
IP address blocks: 46.229.243.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
76.164.200.0/24 maxlen: 24
76.164.201.0/24 maxlen: 24
76.164.202.0/24 maxlen: 24
76.164.203.0/24 maxlen: 24
77.74.123.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
92.42.100.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
103.121.48.0/24 maxlen: 24
103.121.49.0/24 maxlen: 24
103.126.50.0/24 maxlen: 24
103.126.51.0/24 maxlen: 24
103.244.144.0/24 maxlen: 24
103.244.145.0/24 maxlen: 24
103.246.248.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
203.14.32.0/24 maxlen: 24
203.25.108.0/24 maxlen: 24
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200:3000::/36 maxlen: 36
2a12:3200:4000::/36 maxlen: 36
2a12:3200:5000::/36 maxlen: 36
2a12:3200:6000::/36 maxlen: 36
2a12:3200:7000::/36 maxlen: 36
2a12:3200:8000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:00:25:5a:0b:50:01:c2:ec:4f:b4:b4:8f:9a:51:60:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Feb 13 16:30:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=549c3b1065811c14dde6e056cd60b073d6f7c7cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:07:ea:c1:33:dd:69:e1:2a:1c:e9:5d:a4:d6:
b2:76:49:05:e1:f7:a0:fb:e1:b8:bc:de:55:ec:3c:
83:5c:47:3e:b6:00:e6:f4:54:b8:5f:1a:da:00:c9:
b6:86:18:f6:b3:07:d6:6d:bb:76:71:47:d8:5e:b5:
cc:d0:ee:c5:68:03:08:90:af:0a:f8:59:14:52:3c:
27:8b:5c:5f:99:ca:44:82:e8:dc:07:00:89:c2:2e:
f3:a4:1b:d0:2f:8b:12:7d:5a:bf:2f:17:09:f5:d4:
57:04:d3:ff:7f:a7:d4:d5:a4:d0:e2:c0:0a:6b:0b:
f9:43:5b:21:0d:d3:3f:7a:b3:9d:9a:a1:3e:1a:4d:
46:a5:20:4f:ba:d1:43:e0:ca:11:1c:c3:02:82:3f:
e0:48:33:a9:f2:ab:21:6d:1b:79:a5:36:42:3b:84:
60:69:1e:5c:36:04:69:3d:54:f2:ce:5c:ae:69:0e:
0d:04:d7:6c:96:9e:94:2d:13:46:9c:74:76:fe:55:
af:dc:76:22:33:46:ff:19:ac:21:bb:93:b0:1a:66:
74:be:e7:f9:8d:1e:56:18:37:8c:ca:ab:b1:f1:d1:
d9:df:99:b9:fe:cc:2c:ec:51:79:b8:ce:68:17:4e:
7b:e3:f8:94:fa:55:20:0d:bf:5e:d3:e1:cd:c4:f6:
81:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9C:3B:10:65:81:1C:14:DD:E6:E0:56:CD:60:B0:73:D6:F7:C7:CD
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/VJw7EGWBHBTd5uBWzWCwc9b3x80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.251.0/24
46.229.253.0/24
76.164.200.0/22
77.74.123.0/24
83.229.61.0/24
85.204.107.0/24
92.42.100.0/24
103.112.171.0/24
103.121.48.0/23
103.126.50.0/23
103.244.144.0/23
103.246.248.0/24
185.104.63.0/24
195.74.93.0/24
203.14.32.0/24
203.25.108.0/24
IPv6:
2a12:3200::-2a12:3200:8fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
06:4c:0b:d1:99:f7:ee:ab:48:8e:04:da:f4:42:97:0c:b9:80:
8a:28:52:0c:e9:35:60:9c:6a:de:db:3a:b3:87:06:8f:92:d1:
e3:c7:34:10:ac:04:82:6b:99:ac:5c:07:de:b9:47:44:ba:14:
59:9a:e2:2c:5d:ff:d1:dc:ed:3b:96:90:57:a8:ef:fa:e7:da:
64:43:38:19:97:97:57:7d:ef:4d:d0:17:d2:30:a9:49:09:ed:
8b:88:51:07:28:43:ef:be:3e:74:e7:75:59:99:e9:b6:2d:bf:
11:2e:f9:66:46:b0:5b:db:06:6a:9b:fb:8a:7d:78:57:b5:8a:
fa:f9:d7:fc:7a:47:f6:0b:48:36:23:37:0b:d7:4e:c3:ee:ec:
18:e3:69:a3:81:fc:91:13:27:23:8f:1c:97:0a:31:de:f9:64:
a4:5a:f6:ec:29:7e:19:8a:d4:29:8c:56:8d:0a:b8:1c:d7:8d:
d5:e8:df:73:c1:2a:77:7b:4c:3b:c6:81:5f:3c:35:d8:f5:8c:
5a:98:0b:76:e9:e7:78:81:52:bf:6b:49:21:cc:28:51:dc:2e:
30:3e:64:bf:ef:03:7a:a1:1e:d1:3c:c4:34:ef:f9:34:53:b0:
8f:a9:aa:4b:de:0a:a9:fc:c6:d8:04:59:a7:3b:6c:75:81:73:
db:07:cb:21
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZUAJVoLUAHC7E+0tI+aUWA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjUwMjEzMTYzMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDljM2IxMDY1ODExYzE0ZGRlNmUwNTZjZDYwYjA3M2Q2ZjdjN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwfqwTPdaeEqHOldpNaydkkF4feg
++G4vN5V7DyDXEc+tgDm9FS4XxraAMm2hhj2swfWbbt2cUfYXrXM0O7FaAMIkK8K
+FkUUjwni1xfmcpEgujcBwCJwi7zpBvQL4sSfVq/LxcJ9dRXBNP/f6fU1aTQ4sAK
awv5Q1shDdM/erOdmqE+Gk1GpSBPutFD4MoRHMMCgj/gSDOp8qshbRt5pTZCO4Rg
aR5cNgRpPVTyzlyuaQ4NBNdslp6ULRNGnHR2/lWv3HYiM0b/Gawhu5OwGmZ0vuf5
jR5WGDeMyqux8dHZ35m5/sws7FF5uM5oF0574/iU+lUgDb9e0+HNxPaBRwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFFScOxBlgRwU3ebgVs1gsHPW98fNMB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvVkp3N0VHV0JIQlRkNXVCV3pXQ3djOWIzeDgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBsBAIAATBmAwQALuXz
AwQALuX7AwQALuX9AwQCTKTIAwQATUp7AwQAU+U9AwQAVcxrAwQAXCpkAwQAZ3Cr
AwQBZ3kwAwQBZ34yAwQBZ/SQAwQAZ/b4AwQAuWg/AwQAw0pdAwQAyw4gAwQAyxls
MBYEAgACMBAwDgMEASoSMgMGBCoSMgCAMA0GCSqGSIb3DQEBCwUAA4IBAQAGTAvR
mffuq0iOBNr0QpcMuYCKKFIM6TVgnGre2zqzhwaPktHjxzQQrASCa5msXAfeuUdE
uhRZmuIsXf/R3O07lpBXqO/659pkQzgZl5dXfe9N0BfSMKlJCe2LiFEHKEPvvj50
53VZmem2Lb8RLvlmRrBb2wZqm/uKfXhXtYr6+df8ekf2C0g2IzcL107D7uwY42mj
gfyREycjjxyXCjHe+WSkWvbsKX4ZitQpjFaNCrgc143V6N9zwSp3e0w7xoFfPDXY
9YxamAt26ed4gVK/a0khzChR3C4wPmS/7wN6oR7RPMQ07/k0U7CPqapL3gqp/MbY
BFmnO2x1gXPbB8sh
-----END CERTIFICATE-----
Generated at Thu Apr 10 20:17:32 2025 by rpki-client