Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/5bzg2i1jSKLgjORDW-H3wqFMP00.roa
File: 5bzg2i1jSKLgjORDW-H3wqFMP00.roa (raw, json)
Hash identifier: AGOkLiGqmhxzK9JIyux5C7Z9xQuyw2jDzu6V4ZONYDM=
Subject key identifier: E5:BC:E0:DA:2D:63:48:A2:E0:8C:E4:43:5B:E1:F7:C2:A1:4C:3F:4D
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01942747BE24F57777EC82FDEA652AD580D5
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/5bzg2i1jSKLgjORDW-H3wqFMP00.roa
Signing time: Thu 02 Jan 2025 13:50:00 +0000
ROA not before: Thu 02 Jan 2025 13:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41202
IP address blocks: 46.8.72.0/23 maxlen: 23
46.8.74.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:be:24:f5:77:77:ec:82:fd:ea:65:2a:d5:80:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 13:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5bce0da2d6348a2e08ce4435be1f7c2a14c3f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0a:b6:90:01:f0:c1:97:59:b9:3b:cb:9a:51:
43:fb:ea:b3:0e:17:0b:af:b0:3a:d7:eb:26:ce:b2:
88:38:f6:2f:9c:d4:0e:05:38:2a:52:42:41:64:d4:
8c:e1:91:5d:80:8e:2d:e7:c1:0a:bc:11:b6:1b:37:
91:5c:03:73:a4:96:82:39:48:35:f3:2b:13:7c:f0:
d3:c2:08:5c:b0:a7:fc:9c:50:df:2a:c6:47:9d:54:
8d:a2:ff:79:a2:dc:c5:a3:43:f0:42:9b:31:6a:2b:
b1:cc:c3:f4:01:85:ab:88:e0:ef:d8:73:51:1b:46:
df:be:fd:65:c1:79:b2:2d:21:a4:68:a9:bf:cf:cd:
ec:44:01:c7:b4:01:9a:14:2f:dc:63:19:89:4f:7f:
34:f0:21:4b:67:38:03:f3:8b:4e:ba:78:35:50:2e:
29:68:fe:6f:ee:c5:b6:35:57:65:97:05:22:37:f9:
54:e7:c3:b9:37:38:f5:d2:1f:44:82:79:db:bc:87:
ec:37:3a:88:0e:d0:56:ec:6b:85:72:5f:56:7e:f1:
ab:69:1e:bd:9f:40:f1:7e:79:f9:1c:6b:6b:da:0a:
f3:c0:9f:c9:cb:e9:42:e9:86:21:3d:1c:6a:e0:a3:
21:a5:4f:7e:92:c2:a1:3c:68:ff:b3:0a:9c:af:6c:
5b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:BC:E0:DA:2D:63:48:A2:E0:8C:E4:43:5B:E1:F7:C2:A1:4C:3F:4D
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/5bzg2i1jSKLgjORDW-H3wqFMP00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.72.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:16:30:2c:41:64:39:aa:be:46:90:d6:85:80:87:92:cb:c8:
b6:11:1f:bd:c7:32:05:98:05:a5:f2:fe:d3:85:f6:61:25:d9:
6b:5c:a4:33:97:0f:61:98:dd:70:25:78:ca:42:31:10:ea:72:
55:4e:b8:b0:56:df:26:90:64:29:03:e0:2c:22:06:37:3e:ea:
76:8c:40:20:17:36:9b:ea:e4:ea:b1:7d:85:6a:2e:0c:16:90:
9a:15:97:23:23:02:6e:a9:3a:16:b8:31:87:03:d8:db:bf:73:
d4:35:7e:49:28:dc:3a:2e:e0:aa:50:bd:34:e7:e2:f8:4a:db:
e5:fe:9b:1b:95:3d:2a:f0:1b:d2:1f:1b:a0:69:93:97:5b:2d:
9a:e5:b8:e3:4d:db:5e:b4:73:81:e5:cf:1c:a6:4a:a1:fc:07:
4a:fb:72:41:b4:3e:b1:a9:c4:c6:ed:40:0b:1f:fe:e2:6a:2b:
10:2c:5f:a9:d4:5c:f3:1b:25:21:37:c6:b9:44:40:4a:e9:96:
e7:5a:3a:c3:1a:9c:53:b7:c6:1d:6a:b4:98:f6:2e:cd:36:2c:
90:f7:44:b1:38:6f:bf:2e:2f:d6:f1:dd:33:a6:1f:94:23:41:
bf:10:70:56:84:b7:50:11:ff:ca:ba:5d:7a:1d:10:60:6d:8b:
59:c1:da:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR74k9Xd37IL96mUq1YDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTAyMTM1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJjZTBkYTJkNjM0OGEyZTA4Y2U0NDM1YmUxZjdjMmExNGMzZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qq2kAHwwZdZuTvLmlFD++qzDhcL
r7A61+smzrKIOPYvnNQOBTgqUkJBZNSM4ZFdgI4t58EKvBG2GzeRXANzpJaCOUg1
8ysTfPDTwghcsKf8nFDfKsZHnVSNov95otzFo0PwQpsxaiuxzMP0AYWriODv2HNR
G0bfvv1lwXmyLSGkaKm/z83sRAHHtAGaFC/cYxmJT3808CFLZzgD84tOung1UC4p
aP5v7sW2NVdllwUiN/lU58O5Nzj10h9EgnnbvIfsNzqIDtBW7GuFcl9WfvGraR69
n0Dxfnn5HGtr2grzwJ/Jy+lC6YYhPRxq4KMhpU9+ksKhPGj/swqcr2xbkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOW84NotY0ii4IzkQ1vh98KhTD9NMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvNWJ6ZzJpMWpTS0xnak9SRFctSDN3cUZNUDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLghIMA0G
CSqGSIb3DQEBCwUAA4IBAQBbFjAsQWQ5qr5GkNaFgIeSy8i2ER+9xzIFmAWl8v7T
hfZhJdlrXKQzlw9hmN1wJXjKQjEQ6nJVTriwVt8mkGQpA+AsIgY3Pup2jEAgFzab
6uTqsX2Fai4MFpCaFZcjIwJuqToWuDGHA9jbv3PUNX5JKNw6LuCqUL005+L4Stvl
/psblT0q8BvSHxugaZOXWy2a5bjjTdtetHOB5c8cpkqh/AdK+3JBtD6xqcTG7UAL
H/7iaisQLF+p1FzzGyUhN8a5REBK6ZbnWjrDGpxTt8YdarSY9i7NNiyQ90SxOG+/
Li/W8d0zph+UI0G/EHBWhLdQEf/Kul16HRBgbYtZwdq5
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:57 2025 by rpki-client