Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/0IG7CMPC-7SDKCTiz8anhD3c0zs.roa
File: 0IG7CMPC-7SDKCTiz8anhD3c0zs.roa (raw, json)
Hash identifier: fOnGjT4Xyjjotwa9/pecYw3cI1uzEt3+li8tB/lSTXY=
Subject key identifier: D0:81:BB:08:C3:C2:FB:B4:83:28:24:E2:CF:C6:A7:84:3D:DC:D3:3B
Certificate issuer: /CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Certificate serial: 01941FFA941DD3F917F97564D0B4CFA11912
Authority key identifier: 2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/0IG7CMPC-7SDKCTiz8anhD3c0zs.roa
Signing time: Wed 01 Jan 2025 03:48:22 +0000
ROA not before: Wed 01 Jan 2025 03:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35184
IP address blocks: 46.21.128.0/20 maxlen: 24
87.240.64.0/18 maxlen: 24
2a03:6c00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:94:1d:d3:f9:17:f9:75:64:d0:b4:cf:a1:19:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Validity
Not Before: Jan 1 03:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d081bb08c3c2fbb4832824e2cfc6a7843ddcd33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3f:ff:8f:14:23:e5:4a:d5:83:60:0b:e2:5b:
ef:e3:9f:fb:0e:83:de:3f:6e:ea:aa:b6:3a:d7:23:
2e:5b:de:8a:39:dd:3d:ac:0b:47:26:cf:23:09:ff:
c6:ae:80:9e:23:83:ee:11:b6:2f:e7:24:88:b6:32:
98:5d:a5:a3:42:4c:38:8a:e7:33:06:37:e6:0a:ad:
84:2a:6b:86:93:da:d1:84:55:c4:c7:f2:8d:95:48:
73:5f:88:aa:52:66:27:6d:e5:27:bb:da:c9:52:dc:
d0:b4:69:f5:d3:5b:d7:25:f4:82:6f:fa:83:73:76:
4a:71:73:2d:fc:1b:82:27:8c:3f:81:75:36:0b:cf:
2d:46:61:28:3e:2d:11:84:84:78:77:32:17:21:a3:
ef:9b:39:13:6f:a9:67:c2:59:09:5a:64:58:70:e5:
53:64:c1:4a:b8:d0:c9:02:72:05:74:0b:99:dc:6d:
cd:a4:a5:39:c6:81:90:59:22:e2:ee:47:a6:f9:ec:
7e:2c:d2:97:eb:05:d2:a6:26:50:6d:c9:33:32:b1:
55:8e:d8:5a:85:65:cb:7a:7b:4d:02:cc:36:3a:32:
df:96:16:bd:8d:7f:68:b1:40:af:71:d4:1a:ad:4f:
fc:b8:f1:16:42:4a:c2:25:a8:fb:8e:62:88:3b:65:
80:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:81:BB:08:C3:C2:FB:B4:83:28:24:E2:CF:C6:A7:84:3D:DC:D3:3B
X509v3 Authority Key Identifier:
keyid:2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/0IG7CMPC-7SDKCTiz8anhD3c0zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.128.0/20
87.240.64.0/18
IPv6:
2a03:6c00::/32
Signature Algorithm: sha256WithRSAEncryption
59:38:92:d7:ed:49:d6:e0:b4:8c:cd:7f:a9:75:3b:e5:f0:69:
1c:dd:54:59:77:3c:93:f1:a1:fe:c2:8f:42:7d:5c:c4:c6:da:
a0:73:dc:f5:b0:e6:79:0e:be:5e:30:6f:d1:35:69:81:a2:9f:
01:d5:e7:a5:b4:2a:16:81:94:e0:b4:6c:c3:13:6d:06:77:c6:
98:5d:e9:47:e6:64:cb:27:0d:48:29:47:82:a3:b4:99:3f:5b:
91:47:7b:e3:35:85:e4:67:c1:eb:4e:c3:3e:08:85:90:5f:a1:
f8:ec:13:ef:db:44:29:41:dd:8e:fe:5e:c0:85:7e:de:df:d2:
7f:67:df:c4:f8:78:e4:8e:92:47:17:43:f5:3d:81:72:6e:86:
8f:78:91:f0:d0:54:a3:a1:d9:75:73:88:86:c8:a9:41:39:c7:
22:50:6b:cc:44:01:7a:7b:0a:2f:e8:8d:cd:4a:89:1e:03:2b:
ce:a7:ad:aa:99:dc:58:8d:3c:5e:c3:46:de:86:fc:31:fd:c0:
c0:fd:77:dc:20:c1:23:fc:ea:4f:39:1e:40:41:a1:db:46:3d:
20:ff:3d:ce:98:16:da:fe:59:93:8a:25:3c:7d:55:df:e1:ef:
64:76:c6:c8:dd:56:16:dc:02:47:ce:c2:2d:a0:14:6e:ee:09:
a1:ca:7a:54
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+pQd0/kX+XVk0LTPoRkSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzEyMWUxNTQ1ZGYzZTViYjg2ZTkxODhmMjgyNWZhZDc0
NzdmNzUwHhcNMjUwMTAxMDM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDgxYmIwOGMzYzJmYmI0ODMyODI0ZTJjZmM2YTc4NDNkZGNkMzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvj//jxQj5UrVg2AL4lvv45/7DoPe
P27qqrY61yMuW96KOd09rAtHJs8jCf/GroCeI4PuEbYv5ySItjKYXaWjQkw4iucz
BjfmCq2EKmuGk9rRhFXEx/KNlUhzX4iqUmYnbeUnu9rJUtzQtGn101vXJfSCb/qD
c3ZKcXMt/BuCJ4w/gXU2C88tRmEoPi0RhIR4dzIXIaPvmzkTb6lnwlkJWmRYcOVT
ZMFKuNDJAnIFdAuZ3G3NpKU5xoGQWSLi7kem+ex+LNKX6wXSpiZQbckzMrFVjtha
hWXLentNAsw2OjLflha9jX9osUCvcdQarU/8uPEWQkrCJaj7jmKIO2WAFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNCBuwjDwvu0gygk4s/Gp4Q93NM7MB8GA1UdIwQY
MBaAFC7BIeFUXfPlu4bpGI8oJfrXR391MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgt
OWY1MjJhMjg0NTk1LzEvMElHN0NNUEMtN1NES0NUaXo4YW5oRDNjMHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xZWQyN2MtMmQ4Yy00MDgwLWE0NTgtOWY1MjJhMjg0NTk1
LzEvTHNFaDRWUmQ4LVc3aHVrWWp5Z2wtdGRIZjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQELhWAAwQG
V/BAMA0EAgACMAcDBQAqA2wAMA0GCSqGSIb3DQEBCwUAA4IBAQBZOJLX7UnW4LSM
zX+pdTvl8Gkc3VRZdzyT8aH+wo9CfVzExtqgc9z1sOZ5Dr5eMG/RNWmBop8B1eel
tCoWgZTgtGzDE20Gd8aYXelH5mTLJw1IKUeCo7SZP1uRR3vjNYXkZ8HrTsM+CIWQ
X6H47BPv20QpQd2O/l7AhX7e39J/Z9/E+HjkjpJHF0P1PYFyboaPeJHw0FSjodl1
c4iGyKlBOcciUGvMRAF6ewov6I3NSokeAyvOp62qmdxYjTxew0behvwx/cDA/Xfc
IMEj/OpPOR5AQaHbRj0g/z3OmBba/lmTiiU8fVXf4e9kdsbI3VYW3AJHzsItoBRu
7gmhynpU
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:41 2025 by rpki-client