Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/CxsYgzD-fKuNIJXvDvScj1xCWQM.roa
File: CxsYgzD-fKuNIJXvDvScj1xCWQM.roa (raw, json)
Hash identifier: 8zrkClxO1E0tJ3Da8QGPchKtj4uURJBlnBOXNNpgm+k=
Subject key identifier: 0B:1B:18:83:30:FE:7C:AB:8D:20:95:EF:0E:F4:9C:8F:5C:42:59:03
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0193E39C6FBCDA1148586FDEBFA6887A546E
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/CxsYgzD-fKuNIJXvDvScj1xCWQM.roa
Signing time: Fri 20 Dec 2024 10:28:20 +0000
ROA not before: Fri 20 Dec 2024 10:28:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41202
IP address blocks: 46.8.72.0/23 maxlen: 23
46.8.74.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:9c:6f:bc:da:11:48:58:6f:de:bf:a6:88:7a:54:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Dec 20 10:28:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b1b188330fe7cab8d2095ef0ef49c8f5c425903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:7c:c8:49:0c:28:5d:3d:71:67:39:4c:58:c5:
70:2c:76:76:f3:9e:48:1a:40:59:5e:58:d5:fd:e4:
30:31:84:fe:b4:a4:cb:24:e5:a3:56:31:46:59:47:
77:d2:68:c1:80:1e:d8:04:d7:7d:f8:54:94:7b:05:
4f:19:2a:5c:3a:14:d6:60:75:b8:77:ad:54:dd:5b:
bd:e6:84:13:ed:eb:a7:04:5c:70:c0:d8:06:a5:7d:
a2:06:74:6f:a3:56:76:ab:14:f4:3a:48:d7:89:96:
05:cc:5a:12:da:05:ba:2c:17:1c:c7:37:1c:92:21:
21:db:e1:b3:76:ac:d2:bc:a7:e1:96:c5:fa:57:da:
2f:46:45:84:50:27:f3:06:ff:8b:d6:9f:80:c9:36:
d7:be:91:4f:ea:20:85:30:74:04:9c:0d:94:1e:ac:
86:2c:af:57:d7:47:27:1a:eb:a2:b4:51:b9:6e:bb:
c8:3f:f7:5f:fd:bb:49:2f:59:80:a5:c1:d8:dd:13:
98:de:50:c1:59:63:2a:49:9b:af:40:1a:e5:b0:79:
86:d5:b3:dd:45:47:f6:ce:a4:dc:0e:f9:35:11:1e:
f0:6b:64:c1:7c:be:1e:4f:d8:84:79:53:07:27:0e:
7b:40:8a:85:f9:a1:42:27:e0:42:05:8a:87:fb:b2:
2c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:1B:18:83:30:FE:7C:AB:8D:20:95:EF:0E:F4:9C:8F:5C:42:59:03
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/CxsYgzD-fKuNIJXvDvScj1xCWQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.72.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:32:10:f5:fa:05:ee:b9:75:be:67:60:44:7c:8a:e3:33:e3:
34:2e:17:d4:05:17:e4:29:4d:cf:81:f3:4e:1d:da:c8:d5:05:
5a:01:00:bc:65:d9:1d:47:fc:3e:e5:50:24:ce:3b:49:de:39:
23:62:6c:c2:1c:c9:06:fc:7e:13:c6:9f:fc:6a:78:0e:f7:7e:
9e:e2:44:b6:fa:95:85:f0:83:59:fc:a6:c1:18:90:24:0a:fa:
89:ba:96:7f:72:0e:09:5c:06:08:be:c1:13:89:e8:35:b7:f9:
86:96:53:e3:7e:0c:7d:28:7c:d3:97:78:59:ca:53:12:d1:37:
ba:dc:4b:9f:de:04:99:98:14:81:3f:4e:58:7c:f8:1c:3e:5d:
7b:98:57:92:02:17:52:91:3a:24:dc:c2:b5:2d:19:39:b7:b2:
d9:d8:c2:b9:f8:c6:f9:4a:87:a3:18:4a:92:0a:98:4e:05:f7:
d2:77:5e:c7:44:d4:a2:59:f7:30:1f:49:ac:1c:7a:0f:f3:f0:
e9:57:c8:13:01:de:f1:31:25:1f:ec:ad:19:20:dd:4d:23:fd:
0b:f9:81:57:be:e3:46:68:65:5a:2b:4e:07:21:a2:41:a8:e7:
e9:66:97:8a:4d:98:af:2a:52:60:a8:0c:e3:a9:19:93:61:ae:
e1:fc:e1:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPjnG+82hFIWG/ev6aIelRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQxMjIwMTAyODIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjFiMTg4MzMwZmU3Y2FiOGQyMDk1ZWYwZWY0OWM4ZjVjNDI1OTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nzISQwoXT1xZzlMWMVwLHZ2855I
GkBZXljV/eQwMYT+tKTLJOWjVjFGWUd30mjBgB7YBNd9+FSUewVPGSpcOhTWYHW4
d61U3Vu95oQT7eunBFxwwNgGpX2iBnRvo1Z2qxT0OkjXiZYFzFoS2gW6LBccxzcc
kiEh2+GzdqzSvKfhlsX6V9ovRkWEUCfzBv+L1p+AyTbXvpFP6iCFMHQEnA2UHqyG
LK9X10cnGuuitFG5brvIP/df/btJL1mApcHY3ROY3lDBWWMqSZuvQBrlsHmG1bPd
RUf2zqTcDvk1ER7wa2TBfL4eT9iEeVMHJw57QIqF+aFCJ+BCBYqH+7IsZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsbGIMw/nyrjSCV7w70nI9cQlkDMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvQ3hzWWd6RC1mS3VOSUpYdkR2U2NqMXhDV1FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLghIMA0G
CSqGSIb3DQEBCwUAA4IBAQCyMhD1+gXuuXW+Z2BEfIrjM+M0LhfUBRfkKU3PgfNO
HdrI1QVaAQC8ZdkdR/w+5VAkzjtJ3jkjYmzCHMkG/H4Txp/8angO936e4kS2+pWF
8INZ/KbBGJAkCvqJupZ/cg4JXAYIvsETieg1t/mGllPjfgx9KHzTl3hZylMS0Te6
3Euf3gSZmBSBP05YfPgcPl17mFeSAhdSkTok3MK1LRk5t7LZ2MK5+Mb5SoejGEqS
CphOBffSd17HRNSiWfcwH0msHHoP8/DpV8gTAd7xMSUf7K0ZIN1NI/0L+YFXvuNG
aGVaK04HIaJBqOfpZpeKTZivKlJgqAzjqRmTYa7h/OGN
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:18:56 2025 by rpki-client