Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/XGdgxOrZAEASnwG-E4mJgIZXt9A.roa
File: XGdgxOrZAEASnwG-E4mJgIZXt9A.roa (raw, json)
Hash identifier: r7+Ew2fux06ZFhsm5QtmYCoespwgwuFRQ3Ky/AsDSy4=
Subject key identifier: 5C:67:60:C4:EA:D9:00:40:12:9F:01:BE:13:89:89:80:86:57:B7:D0
Certificate issuer: /CN=e8f40902a003d8fe6f7c7742eb47d70b50ade036
Certificate serial: 019424B3AC4AD4A0B47673B2AC6D57DA8693
Authority key identifier: E8:F4:09:02:A0:03:D8:FE:6F:7C:77:42:EB:47:D7:0B:50:AD:E0:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6PQJAqAD2P5vfHdC60fXC1Ct4DY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/XGdgxOrZAEASnwG-E4mJgIZXt9A.roa
Signing time: Thu 02 Jan 2025 01:49:01 +0000
ROA not before: Thu 02 Jan 2025 01:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56376
IP address blocks: 46.231.32.0/21 maxlen: 21
46.231.32.0/22 maxlen: 24
46.231.36.0/24 maxlen: 24
46.231.37.0/24 maxlen: 24
46.231.38.0/23 maxlen: 24
130.255.96.0/21 maxlen: 21
130.255.96.0/24 maxlen: 24
130.255.97.0/24 maxlen: 24
130.255.98.0/23 maxlen: 24
130.255.100.0/22 maxlen: 24
185.62.240.0/22 maxlen: 22
185.62.240.0/24 maxlen: 24
185.62.241.0/24 maxlen: 24
185.62.242.0/24 maxlen: 24
185.62.243.0/24 maxlen: 24
2a03:d100::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:ac:4a:d4:a0:b4:76:73:b2:ac:6d:57:da:86:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8f40902a003d8fe6f7c7742eb47d70b50ade036
Validity
Not Before: Jan 2 01:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c6760c4ead90040129f01be138989808657b7d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d3:5b:cd:89:b1:29:27:2d:59:90:46:28:96:
f8:01:ae:aa:9c:bb:42:09:63:d1:72:ca:2d:58:13:
0d:96:e9:b1:22:c5:3a:80:0b:79:b0:de:2f:b8:37:
89:a7:66:91:e3:a0:d4:92:34:04:48:25:54:7c:67:
88:66:ad:03:27:bb:01:3a:f8:fd:c3:e3:36:1a:51:
1f:a9:a5:0a:e3:db:3f:3c:de:97:2f:31:59:a0:a2:
22:21:90:04:84:9f:72:5e:a8:52:ee:25:01:21:55:
70:2f:9e:a8:76:bd:4d:da:6a:fa:e3:0e:7c:21:7e:
a6:e0:a8:5b:09:51:a8:08:a2:e5:71:45:30:1f:91:
f5:c4:3f:9b:6c:e1:02:c5:34:ac:c3:c6:f4:cb:b4:
89:6f:8f:79:e8:ac:c4:a1:a7:c5:33:33:ad:cd:b3:
b1:c9:fa:fe:fe:2f:b7:c8:ff:85:23:fc:c1:3e:a3:
1b:13:0c:68:87:f3:78:d5:e3:f6:b1:6d:12:7d:e3:
4c:70:05:d9:fa:16:dc:51:53:77:28:b5:69:71:e7:
0f:5b:c8:71:0b:22:ef:a3:1a:e9:48:1e:5c:89:a7:
35:b6:13:88:36:54:39:ff:7c:76:1d:46:7f:41:44:
8c:b2:d5:d1:e4:a2:28:29:e5:4b:5e:c4:d8:52:78:
cf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:67:60:C4:EA:D9:00:40:12:9F:01:BE:13:89:89:80:86:57:B7:D0
X509v3 Authority Key Identifier:
keyid:E8:F4:09:02:A0:03:D8:FE:6F:7C:77:42:EB:47:D7:0B:50:AD:E0:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6PQJAqAD2P5vfHdC60fXC1Ct4DY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/XGdgxOrZAEASnwG-E4mJgIZXt9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/9425c6-c495-4878-a8f3-7a78c8c4e051/1/6PQJAqAD2P5vfHdC60fXC1Ct4DY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.32.0/21
130.255.96.0/21
185.62.240.0/22
IPv6:
2a03:d100::/32
Signature Algorithm: sha256WithRSAEncryption
29:b1:64:fa:72:06:b3:f6:17:a9:d8:c5:55:f5:fd:02:55:06:
27:52:90:bf:7d:31:9b:8c:29:e7:83:41:47:87:c6:0e:de:cb:
eb:1e:74:a7:e1:dd:05:3f:3f:3d:96:d3:1c:e1:d9:48:4c:9a:
e9:1a:ed:64:42:57:ad:1a:28:4e:08:72:54:89:bf:98:29:61:
6d:8e:9f:34:76:4d:c5:ef:7d:63:f9:8d:90:13:e8:e2:b7:dc:
ae:22:fc:13:05:20:09:ee:b8:83:3a:bb:b5:86:c7:58:bc:5b:
66:98:12:a0:75:04:f6:19:cd:55:61:8e:9f:e9:ee:1b:1f:9e:
b4:84:14:b2:eb:76:67:77:5a:e8:73:bf:79:0f:ef:6f:66:d1:
fa:cd:8f:1d:66:16:d1:4b:a9:ad:6a:2d:bb:9c:22:06:dc:05:
95:94:4c:4b:82:10:ff:8e:e9:f0:0f:35:b4:b7:81:b8:2b:a8:
33:52:13:4a:b6:cc:91:1c:9c:9c:0c:86:c6:67:a2:c1:5a:ce:
dd:59:1b:86:10:32:7b:65:2e:95:53:82:63:a3:12:a6:0e:54:
25:cb:ae:a2:b6:a8:0f:ff:23:97:28:17:ea:62:11:25:73:3f:
ef:a5:aa:78:b9:72:9e:fb:5e:78:e1:61:f4:6e:44:19:80:ff:
22:b6:da:bd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQks6xK1KC0dnOyrG1X2oaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZjQwOTAyYTAwM2Q4ZmU2ZjdjNzc0MmViNDdkNzBiNTBh
ZGUwMzYwHhcNMjUwMTAyMDE0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzY3NjBjNGVhZDkwMDQwMTI5ZjAxYmUxMzg5ODk4MDg2NTdiN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNNbzYmxKSctWZBGKJb4Aa6qnLtC
CWPRcsotWBMNlumxIsU6gAt5sN4vuDeJp2aR46DUkjQESCVUfGeIZq0DJ7sBOvj9
w+M2GlEfqaUK49s/PN6XLzFZoKIiIZAEhJ9yXqhS7iUBIVVwL56odr1N2mr64w58
IX6m4KhbCVGoCKLlcUUwH5H1xD+bbOECxTSsw8b0y7SJb4956KzEoafFMzOtzbOx
yfr+/i+3yP+FI/zBPqMbEwxoh/N41eP2sW0SfeNMcAXZ+hbcUVN3KLVpcecPW8hx
CyLvoxrpSB5ciac1thOINlQ5/3x2HUZ/QUSMstXR5KIoKeVLXsTYUnjPMQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFxnYMTq2QBAEp8BvhOJiYCGV7fQMB8GA1UdIwQY
MBaAFOj0CQKgA9j+b3x3QutH1wtQreA2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlBRSkFxQUQyUDV2ZkhkQzYwZlhDMUN0NERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny85NDI1YzYtYzQ5NS00ODc4LWE4ZjMt
N2E3OGM4YzRlMDUxLzEvWEdkZ3hPclpBRUFTbndHLUU0bUpnSVpYdDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny85NDI1YzYtYzQ5NS00ODc4LWE4ZjMtN2E3OGM4YzRlMDUx
LzEvNlBRSkFxQUQyUDV2ZkhkQzYwZlhDMUN0NERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLucgAwQD
gv9gAwQCuT7wMA0EAgACMAcDBQAqA9EAMA0GCSqGSIb3DQEBCwUAA4IBAQApsWT6
cgaz9hep2MVV9f0CVQYnUpC/fTGbjCnng0FHh8YO3svrHnSn4d0FPz89ltMc4dlI
TJrpGu1kQletGihOCHJUib+YKWFtjp80dk3F731j+Y2QE+jit9yuIvwTBSAJ7riD
Oru1hsdYvFtmmBKgdQT2Gc1VYY6f6e4bH560hBSy63Znd1roc795D+9vZtH6zY8d
ZhbRS6mtai27nCIG3AWVlExLghD/junwDzW0t4G4K6gzUhNKtsyRHJycDIbGZ6LB
Ws7dWRuGEDJ7ZS6VU4JjoxKmDlQly66itqgP/yOXKBfqYhElcz/vpap4uXKe+154
4WH0bkQZgP8ittq9
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:50:05 2025 by rpki-client