Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/CwFoM91fNKrg70sWPARBxxnRNws.roa
File: CwFoM91fNKrg70sWPARBxxnRNws.roa (raw, json)
Hash identifier: Hox8HA2FV7wk1FUy6SxCw9Bftf1wDDJh7VtD7XWNKjk=
Subject key identifier: 0B:01:68:33:DD:5F:34:AA:E0:EF:4B:16:3C:04:41:C7:19:D1:37:0B
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01942747DAC64AC767E1D0634396A746AFB1
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/CwFoM91fNKrg70sWPARBxxnRNws.roa
Signing time: Thu 02 Jan 2025 13:50:07 +0000
ROA not before: Thu 02 Jan 2025 13:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396362
IP address blocks: 46.8.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:da:c6:4a:c7:67:e1:d0:63:43:96:a7:46:af:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 13:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b016833dd5f34aae0ef4b163c0441c719d1370b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:15:2e:ef:85:1f:8c:af:49:4d:c2:aa:6e:55:
09:5b:31:5f:42:48:ca:cf:07:c5:a0:97:d6:51:67:
2f:65:8c:19:7b:b9:84:89:b2:e9:1a:27:5e:3a:b7:
48:50:91:8d:96:72:72:1d:a8:f6:46:f1:8a:c6:e6:
fc:0c:13:33:47:f7:38:4d:ef:ed:9d:21:0d:78:05:
16:9a:4f:80:83:b3:39:3f:f4:a9:97:a4:46:1c:e1:
87:32:eb:89:e6:b1:35:c6:f6:1f:2f:ed:06:0d:d9:
3f:a5:de:a2:08:bc:00:54:48:b0:30:01:82:6a:0f:
87:6f:6c:3b:51:d4:2d:3c:4e:92:57:81:80:d3:e4:
2d:4b:2b:ad:4c:6f:b1:cc:d9:1e:90:29:31:70:82:
52:89:b0:44:ce:fa:0b:70:14:76:60:60:5e:60:84:
59:e6:5e:8b:c6:fd:d8:bf:1e:1c:de:4f:13:50:fc:
10:ec:14:07:10:e0:7b:9d:30:08:ab:ab:2d:0c:b7:
c8:4f:6f:5a:3f:fc:4f:c4:db:a6:fa:10:2e:5f:6c:
f1:df:d3:9d:1c:e2:32:af:ed:2a:3d:34:0d:00:e1:
5e:90:ee:65:bc:0e:34:e9:90:66:98:71:5c:51:78:
e8:1d:6c:ec:98:5a:cc:2d:15:ad:c9:04:ed:4b:ad:
6f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:01:68:33:DD:5F:34:AA:E0:EF:4B:16:3C:04:41:C7:19:D1:37:0B
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/CwFoM91fNKrg70sWPARBxxnRNws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.191.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:89:af:dd:9b:3e:16:84:2e:7d:6e:14:46:70:bd:f8:83:96:
b1:ca:6b:6a:93:43:27:7d:47:e5:c5:c7:c1:69:10:de:7a:43:
c5:d1:9d:0a:cf:8f:cc:d2:a4:00:51:15:f1:02:a8:78:cf:e0:
42:52:6a:53:68:af:8d:5f:6e:53:c4:5a:40:90:3d:7c:b9:29:
b6:d5:3f:2e:d4:09:c6:bb:5a:80:8a:f3:d6:c3:f3:b2:68:bd:
c3:1f:26:2c:0a:c0:24:04:37:e2:a0:a9:89:8d:5c:e1:5a:78:
56:de:b2:21:6b:48:f8:e2:97:91:f1:ec:6f:c9:61:8c:5d:f3:
b4:38:7b:74:b4:8f:ec:23:0e:b2:09:da:69:55:2d:33:97:18:
d9:2f:a5:e9:1f:32:19:32:0d:e5:d2:06:ff:69:9d:a9:0d:2d:
ee:5c:9a:ab:12:04:9e:c9:bc:9f:40:85:51:db:88:c4:3f:d4:
84:7f:d9:fe:38:58:34:1b:7e:28:d4:95:87:49:46:82:f2:8c:
df:96:f7:33:01:b5:57:5f:e3:a8:93:3f:8a:d4:7a:ed:70:44:
e0:6f:b3:02:28:b9:bb:78:86:06:45:72:78:33:35:c6:43:a9:
00:e5:2d:dd:7f:4f:f8:29:fd:20:7f:c6:7f:93:75:79:5b:15:
a8:0e:23:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR9rGSsdn4dBjQ5anRq+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTAyMTM1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjAxNjgzM2RkNWYzNGFhZTBlZjRiMTYzYzA0NDFjNzE5ZDEzNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxUu74UfjK9JTcKqblUJWzFfQkjK
zwfFoJfWUWcvZYwZe7mEibLpGideOrdIUJGNlnJyHaj2RvGKxub8DBMzR/c4Te/t
nSENeAUWmk+Ag7M5P/Spl6RGHOGHMuuJ5rE1xvYfL+0GDdk/pd6iCLwAVEiwMAGC
ag+Hb2w7UdQtPE6SV4GA0+QtSyutTG+xzNkekCkxcIJSibBEzvoLcBR2YGBeYIRZ
5l6Lxv3Yvx4c3k8TUPwQ7BQHEOB7nTAIq6stDLfIT29aP/xPxNum+hAuX2zx39Od
HOIyr+0qPTQNAOFekO5lvA406ZBmmHFcUXjoHWzsmFrMLRWtyQTtS61vowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsBaDPdXzSq4O9LFjwEQccZ0TcLMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvQ3dGb005MWZOS3JnNzBzV1BBUkJ4eG5STndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgi/MA0G
CSqGSIb3DQEBCwUAA4IBAQBfia/dmz4WhC59bhRGcL34g5axymtqk0MnfUflxcfB
aRDeekPF0Z0Kz4/M0qQAURXxAqh4z+BCUmpTaK+NX25TxFpAkD18uSm21T8u1AnG
u1qAivPWw/OyaL3DHyYsCsAkBDfioKmJjVzhWnhW3rIha0j44peR8exvyWGMXfO0
OHt0tI/sIw6yCdppVS0zlxjZL6XpHzIZMg3l0gb/aZ2pDS3uXJqrEgSeybyfQIVR
24jEP9SEf9n+OFg0G34o1JWHSUaC8ozflvczAbVXX+Ookz+K1HrtcETgb7MCKLm7
eIYGRXJ4MzXGQ6kA5S3df0/4Kf0gf8Z/k3V5WxWoDiPm
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:12:55 2025 by rpki-client