Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/hU6ysCSCwhi7AocVlZV2-kgfgvU.roa
File: hU6ysCSCwhi7AocVlZV2-kgfgvU.roa (raw, json)
Hash identifier: LrcKOnzG/efqMUBHkJ8AHRPoocasIQSiV6d2HPCgQgY=
Subject key identifier: 85:4E:B2:B0:24:82:C2:18:BB:02:87:15:95:95:76:FA:48:1F:82:F5
Certificate issuer: /CN=67499595a65aab0b53768def08091e31061e9e65
Certificate serial: 0195D847F78E2397010A01CCFDF8EC5B0CFB
Authority key identifier: 67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/hU6ysCSCwhi7AocVlZV2-kgfgvU.roa
Signing time: Thu 27 Mar 2025 15:45:49 +0000
ROA not before: Thu 27 Mar 2025 15:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48449
IP address blocks: 46.20.97.0/24 maxlen: 24
46.20.103.0/24 maxlen: 24
46.20.106.0/24 maxlen: 24
46.20.111.0/24 maxlen: 24
185.160.193.0/24 maxlen: 24
185.160.194.0/24 maxlen: 24
185.160.195.0/24 maxlen: 24
185.169.220.0/24 maxlen: 24
185.169.221.0/24 maxlen: 24
185.169.222.0/24 maxlen: 24
185.169.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d8:47:f7:8e:23:97:01:0a:01:cc:fd:f8:ec:5b:0c:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67499595a65aab0b53768def08091e31061e9e65
Validity
Not Before: Mar 27 15:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=854eb2b02482c218bb028715959576fa481f82f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:00:ee:f7:de:dc:2e:61:67:e4:9b:40:14:68:
7a:ef:6e:e2:0e:cc:57:c1:a0:1f:4a:c9:6f:ac:4e:
38:dc:ee:0f:f0:91:33:9a:4c:72:50:e2:1a:5f:60:
50:45:f4:6d:93:81:33:4b:e4:53:37:1b:7f:64:e9:
5d:ea:85:3d:97:64:3f:6c:cf:7d:00:c9:e2:66:8f:
88:cc:f6:36:4a:f4:fb:16:fe:60:ee:51:f4:f2:b0:
b1:9f:64:5f:e4:7f:9b:b7:cb:bd:3e:bf:8b:b3:78:
99:67:5b:82:56:9b:20:a1:41:0d:23:de:9b:a4:0f:
84:c4:ad:48:5d:d2:59:8f:63:45:90:df:4c:cf:72:
07:02:c7:df:57:f4:d7:60:03:38:fa:2b:d1:e4:65:
4f:5f:0a:d3:7a:bd:f4:d1:07:c3:bb:f0:11:76:0c:
cf:03:f9:6b:4b:a8:f6:81:32:ee:ad:bf:c8:67:21:
30:34:92:58:3f:1b:ea:aa:49:c9:b4:12:ca:71:91:
2b:cd:db:14:30:79:6a:cc:25:79:73:54:fd:84:f9:
d3:89:6b:5b:01:24:51:53:ef:0e:45:32:c7:82:6c:
ac:1f:e9:6a:1c:36:15:7a:9c:bd:92:6d:eb:f6:71:
61:8b:fc:25:ff:5a:b3:5b:64:23:b1:db:b7:7d:a9:
23:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4E:B2:B0:24:82:C2:18:BB:02:87:15:95:95:76:FA:48:1F:82:F5
X509v3 Authority Key Identifier:
keyid:67:49:95:95:A6:5A:AB:0B:53:76:8D:EF:08:09:1E:31:06:1E:9E:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0mVlaZaqwtTdo3vCAkeMQYenmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/hU6ysCSCwhi7AocVlZV2-kgfgvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b744b8-f39d-495b-b217-35508041652d/1/Z0mVlaZaqwtTdo3vCAkeMQYenmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.97.0/24
46.20.103.0/24
46.20.106.0/24
46.20.111.0/24
185.160.193.0-185.160.195.255
185.169.220.0/22
Signature Algorithm: sha256WithRSAEncryption
18:f1:8a:7d:0e:62:82:49:99:92:e4:f5:cb:2c:9f:01:1d:6e:
39:cf:6c:bc:3e:f4:57:34:e7:3f:c3:4c:aa:62:84:b5:30:ad:
71:f5:96:58:3c:5d:aa:a7:71:31:42:c2:f8:b6:99:71:a6:aa:
22:2d:04:07:6a:8f:47:7a:d0:04:52:d0:39:10:12:95:d3:41:
43:3d:15:6f:ab:1f:ec:32:b9:9b:ab:5c:f5:aa:be:15:60:53:
b4:7b:15:fb:2a:94:de:58:7d:a8:50:e3:96:67:6f:8c:00:ed:
dd:7d:6e:24:64:69:a8:50:46:c8:f3:3d:c1:04:9b:57:f7:f1:
4d:63:f7:50:30:4e:32:5d:95:95:37:2e:3c:e6:be:b2:d9:8c:
ae:2b:9b:3b:a6:76:c0:2a:9a:e6:ca:2b:3d:35:41:82:20:72:
d9:32:d3:46:4e:59:4f:6e:8d:29:55:78:e3:3e:85:6a:64:e8:
8e:50:6a:a6:f9:51:31:3e:e2:2d:57:28:d5:3f:7b:11:c0:ad:
ed:01:c8:de:eb:e8:2a:d1:45:30:60:5c:cc:d0:d1:3b:4e:5a:
fc:8e:a2:9b:31:dc:e3:47:35:e0:2f:19:b8:ba:17:dd:6a:c5:
5d:fa:ef:b5:a2:26:86:71:af:d7:2f:6e:70:da:8c:ec:95:09:
ee:ce:86:aa
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZXYR/eOI5cBCgHM/fjsWwz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NDk5NTk1YTY1YWFiMGI1Mzc2OGRlZjA4MDkxZTMxMDYx
ZTllNjUwHhcNMjUwMzI3MTU0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTRlYjJiMDI0ODJjMjE4YmIwMjg3MTU5NTk1NzZmYTQ4MWY4MmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgDu997cLmFn5JtAFGh6727iDsxX
waAfSslvrE443O4P8JEzmkxyUOIaX2BQRfRtk4EzS+RTNxt/ZOld6oU9l2Q/bM99
AMniZo+IzPY2SvT7Fv5g7lH08rCxn2Rf5H+bt8u9Pr+Ls3iZZ1uCVpsgoUENI96b
pA+ExK1IXdJZj2NFkN9Mz3IHAsffV/TXYAM4+ivR5GVPXwrTer300QfDu/ARdgzP
A/lrS6j2gTLurb/IZyEwNJJYPxvqqknJtBLKcZErzdsUMHlqzCV5c1T9hPnTiWtb
ASRRU+8ORTLHgmysH+lqHDYVepy9km3r9nFhi/wl/1qzW2Qjsdu3fakjmwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIVOsrAkgsIYuwKHFZWVdvpIH4L1MB8GA1UdIwQY
MBaAFGdJlZWmWqsLU3aN7wgJHjEGHp5lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTct
MzU1MDgwNDE2NTJkLzEvaFU2eXNDU0N3aGk3QW9jVmxaVjIta2dmZ3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNzQ0YjgtZjM5ZC00OTViLWIyMTctMzU1MDgwNDE2NTJk
LzEvWjBtVmxhWmFxd3RUZG8zdkNBa2VNUVllbm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALhRhAwQA
LhRnAwQALhRqAwQALhRvMAwDBAC5oMEDBAK5oMADBAK5qdwwDQYJKoZIhvcNAQEL
BQADggEBABjxin0OYoJJmZLk9cssnwEdbjnPbLw+9Fc05z/DTKpihLUwrXH1llg8
XaqncTFCwvi2mXGmqiItBAdqj0d60ARS0DkQEpXTQUM9FW+rH+wyuZurXPWqvhVg
U7R7FfsqlN5YfahQ45Znb4wA7d19biRkaahQRsjzPcEEm1f38U1j91AwTjJdlZU3
LjzmvrLZjK4rmzumdsAqmubKKz01QYIgctky00ZOWU9ujSlVeOM+hWpk6I5Qaqb5
UTE+4i1XKNU/exHAre0ByN7r6CrRRTBgXMzQ0TtOWvyOopsx3ONHNeAvGbi6F91q
xV3677WiJoZxr9cvbnDajOyVCe7Ohqo=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:04:27 2025 by rpki-client