Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/2pvIQqdrnc-BOV2vOiV82aU9KnE.roa
File: 2pvIQqdrnc-BOV2vOiV82aU9KnE.roa (raw, json)
Hash identifier: JAA8g6YNbUGTGs3DmgxNRM+sH++rPd6SoVFBQv/ksXw=
Subject key identifier: DA:9B:C8:42:A7:6B:9D:CF:81:39:5D:AF:3A:25:7C:D9:A5:3D:2A:71
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 019427B54645AAFA480514CCD73BBB531258
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/2pvIQqdrnc-BOV2vOiV82aU9KnE.roa
Signing time: Thu 02 Jan 2025 15:49:38 +0000
ROA not before: Thu 02 Jan 2025 15:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.20.100.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:46:45:aa:fa:48:05:14:cc:d7:3b:bb:53:12:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Jan 2 15:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da9bc842a76b9dcf81395daf3a257cd9a53d2a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:91:10:e0:f9:7d:3d:d9:26:02:79:34:6c:ec:
ab:77:51:a5:39:c5:a2:37:76:c2:ef:cb:94:20:39:
b0:55:12:fc:3f:66:0f:3b:7e:f7:55:4a:df:f3:a3:
de:02:87:a5:d4:6a:e9:d0:a8:8c:8b:5c:d5:34:9d:
d5:11:8b:c1:9d:57:04:60:51:03:c8:e9:97:6e:5d:
8b:3f:be:ed:86:bb:07:5d:d0:b3:9c:42:dd:fc:4a:
ff:e4:5f:03:9d:92:4b:b0:95:0d:36:9f:5f:b3:32:
78:46:f9:76:f2:a3:10:09:36:20:5d:d4:7f:3d:17:
b7:4a:e2:16:89:2d:a9:fb:cb:d4:9d:47:8d:83:d1:
ff:a2:12:ff:d3:ca:d3:10:4b:42:85:a6:78:93:99:
f6:ce:a1:d4:22:5f:37:f0:4f:e1:1a:3f:49:76:99:
bb:cf:dc:0d:54:36:5e:fa:88:0d:4e:23:ef:13:4c:
9a:11:15:05:13:d5:93:31:2c:3d:d1:36:df:49:33:
fb:53:9d:53:de:0f:d5:6d:14:a0:4d:68:4d:b0:60:
b8:b9:d0:9d:57:f8:4b:c1:e6:2c:ad:35:86:79:c3:
a9:8c:b7:47:bf:3f:61:09:9a:30:19:fd:06:0e:6e:
ac:77:4d:9c:19:39:c2:bc:c5:28:a6:f6:77:3f:37:
13:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9B:C8:42:A7:6B:9D:CF:81:39:5D:AF:3A:25:7C:D9:A5:3D:2A:71
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/2pvIQqdrnc-BOV2vOiV82aU9KnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.100.0/24
Signature Algorithm: sha256WithRSAEncryption
35:07:19:98:40:65:3c:cf:9c:07:4d:59:b3:0a:bf:6a:9f:eb:
78:72:48:d4:6b:a6:af:73:8a:7b:60:24:ff:1d:7a:0a:5d:2e:
eb:fd:3a:cf:d4:68:99:62:8a:73:c7:50:21:74:82:23:cc:c5:
de:79:5d:9a:11:c0:6d:1e:5c:ae:17:c9:5c:db:9b:ca:8f:e3:
b3:9b:c4:ef:e0:a6:8e:53:0e:73:f8:35:43:59:df:83:b3:79:
30:29:3a:c7:62:c7:dc:c9:5f:73:12:ed:8f:fd:c7:49:3c:8c:
04:0a:05:ae:94:aa:f0:e5:57:ae:c3:85:94:5e:bd:53:1d:c7:
ca:38:d2:73:37:2c:05:34:5d:5e:41:84:f1:1a:35:cd:90:6e:
bb:b1:09:cb:0e:5f:99:4b:b5:ad:8c:43:ae:c7:42:51:5c:49:
ac:da:b4:82:63:a4:7b:f4:3c:15:1a:e9:0f:4d:d4:d5:c5:ff:
0d:d4:2c:ed:6d:02:f0:a5:3b:52:10:50:71:97:90:ce:a1:a7:
af:9e:20:b3:de:32:34:c9:e4:90:b8:82:16:5f:92:95:e3:1a:
9e:09:0f:00:e8:47:f1:b0:50:a5:ef:bb:b9:22:b1:4a:ab:17:
85:71:bc:a2:d8:87:f5:38:2b:27:b8:73:93:4e:3c:ea:b5:73:
5f:17:34:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntUZFqvpIBRTM1zu7UxJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjUwMTAyMTU0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTliYzg0MmE3NmI5ZGNmODEzOTVkYWYzYTI1N2NkOWE1M2QyYTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpEQ4Pl9PdkmAnk0bOyrd1GlOcWi
N3bC78uUIDmwVRL8P2YPO373VUrf86PeAoel1Grp0KiMi1zVNJ3VEYvBnVcEYFED
yOmXbl2LP77thrsHXdCznELd/Er/5F8DnZJLsJUNNp9fszJ4Rvl28qMQCTYgXdR/
PRe3SuIWiS2p+8vUnUeNg9H/ohL/08rTEEtChaZ4k5n2zqHUIl838E/hGj9Jdpm7
z9wNVDZe+ogNTiPvE0yaERUFE9WTMSw90TbfSTP7U51T3g/VbRSgTWhNsGC4udCd
V/hLweYsrTWGecOpjLdHvz9hCZowGf0GDm6sd02cGTnCvMUopvZ3PzcTXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqbyEKna53PgTldrzolfNmlPSpxMB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvMnB2SVFxZHJuYy1CT1Yydk9pVjgyYVU5S25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhRkMA0G
CSqGSIb3DQEBCwUAA4IBAQA1BxmYQGU8z5wHTVmzCr9qn+t4ckjUa6avc4p7YCT/
HXoKXS7r/TrP1GiZYopzx1AhdIIjzMXeeV2aEcBtHlyuF8lc25vKj+Ozm8Tv4KaO
Uw5z+DVDWd+Ds3kwKTrHYsfcyV9zEu2P/cdJPIwECgWulKrw5Veuw4WUXr1THcfK
ONJzNywFNF1eQYTxGjXNkG67sQnLDl+ZS7WtjEOux0JRXEms2rSCY6R79DwVGukP
TdTVxf8N1CztbQLwpTtSEFBxl5DOoaevniCz3jI0yeSQuIIWX5KV4xqeCQ8A6Efx
sFCl77u5IrFKqxeFcbyi2If1OCsnuHOTTjzqtXNfFzQo
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:58 2025 by rpki-client