Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/KxHGKB1h-vnh7BqZOm4WROdO3vo.roa
File: KxHGKB1h-vnh7BqZOm4WROdO3vo.roa (raw, json)
Hash identifier: XaulLlqSPIT8qXSj0weJJld3TDvOwAUYNPC9QBZsTsE=
Subject key identifier: 2B:11:C6:28:1D:61:FA:F9:E1:EC:1A:99:3A:6E:16:44:E7:4E:DE:FA
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0194B7981B95E4201BC967CBBF8DE5C6D9BD
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/KxHGKB1h-vnh7BqZOm4WROdO3vo.roa
Signing time: Thu 30 Jan 2025 14:23:06 +0000
ROA not before: Thu 30 Jan 2025 14:23:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213592
IP address blocks: 46.8.77.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:98:1b:95:e4:20:1b:c9:67:cb:bf:8d:e5:c6:d9:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 30 14:23:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b11c6281d61faf9e1ec1a993a6e1644e74edefa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0a:fc:25:0b:ea:c2:93:6f:eb:82:2e:ae:6e:
59:51:7d:0b:dd:62:ec:ec:01:10:8e:73:fa:bf:12:
71:b1:b6:6e:66:d4:60:0d:01:3c:7a:03:5a:aa:2c:
f2:72:72:0c:0c:a2:d0:63:79:1e:dc:81:4d:2c:55:
7f:b6:07:3f:89:f2:4a:4a:fd:3f:c0:7b:38:d7:fb:
9e:8d:ab:40:33:d5:18:0a:7a:96:12:a7:ad:f4:2b:
97:b3:ef:4b:d8:21:69:e0:74:0e:6a:eb:f7:f1:82:
b4:73:6f:11:5c:34:ee:64:37:66:be:5b:8f:0e:bd:
c7:3b:c1:da:d4:4e:cf:a9:1d:2c:1b:b4:87:86:af:
2c:e0:8a:9a:ef:22:90:1a:61:87:d3:68:16:df:a0:
8d:ef:11:85:97:55:ed:b6:db:5c:ef:f9:4a:e8:6c:
a2:b3:62:88:53:d5:c3:e6:b1:33:cf:b1:03:73:23:
73:9d:50:95:6a:16:21:5a:33:b8:70:13:f7:c5:85:
66:50:3d:7d:c3:cc:ba:df:17:cc:68:a9:40:8a:0f:
b4:ea:2f:e7:7a:3c:ac:31:6f:07:bf:c9:35:1c:6a:
6f:67:17:ea:4a:e2:b7:07:d5:d4:b2:d5:15:5f:55:
94:d1:42:1e:4b:29:98:56:68:dc:2f:e2:98:05:61:
74:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:11:C6:28:1D:61:FA:F9:E1:EC:1A:99:3A:6E:16:44:E7:4E:DE:FA
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/KxHGKB1h-vnh7BqZOm4WROdO3vo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.77.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:a4:54:ab:48:5d:3a:0a:3b:a1:98:f7:3c:97:b3:8e:86:00:
bc:b5:61:b7:ce:3b:a7:3b:3c:d5:63:a5:1a:63:0b:de:c7:ca:
18:74:cf:87:94:25:1f:fa:3b:d4:51:57:e6:e4:92:c5:80:0f:
4d:03:b8:fc:c4:2c:34:3e:c7:48:0b:3b:72:3c:44:bb:2b:8d:
99:e6:58:5d:d7:2b:13:5c:61:97:d7:d6:78:1b:d2:89:13:7f:
41:87:b8:82:c8:62:d1:bf:3c:77:af:84:39:56:4f:4c:c2:5a:
08:37:c1:88:d3:ad:64:a6:70:e0:b2:17:7b:5b:f2:50:ae:e5:
d7:c8:22:26:7d:2b:26:08:52:03:68:d2:fd:70:06:22:e8:0b:
9e:73:82:d0:f1:80:25:c0:2f:b2:45:8f:b8:69:dc:2c:83:bd:
e4:ec:a5:ab:53:41:d2:d1:a8:c7:dd:fd:fe:05:ab:d0:c8:02:
68:74:ee:9d:99:43:b6:1e:cb:02:44:5d:5d:13:96:aa:36:bc:
7a:5a:b5:39:dc:6e:78:17:54:e5:5c:54:53:8b:f0:14:36:6f:
1b:ac:2b:47:6e:41:55:fb:44:78:34:7a:50:b0:1d:41:0f:20:
3e:7f:45:de:83:83:1e:5c:17:12:f9:5d:bd:49:da:ff:b4:8f:
46:af:b5:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZS3mBuV5CAbyWfLv43lxtm9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTMwMTQyMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjExYzYyODFkNjFmYWY5ZTFlYzFhOTkzYTZlMTY0NGU3NGVkZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAr8JQvqwpNv64Iurm5ZUX0L3WLs
7AEQjnP6vxJxsbZuZtRgDQE8egNaqizycnIMDKLQY3ke3IFNLFV/tgc/ifJKSv0/
wHs41/uejatAM9UYCnqWEqet9CuXs+9L2CFp4HQOauv38YK0c28RXDTuZDdmvluP
Dr3HO8Ha1E7PqR0sG7SHhq8s4Iqa7yKQGmGH02gW36CN7xGFl1Xttttc7/lK6Gyi
s2KIU9XD5rEzz7EDcyNznVCVahYhWjO4cBP3xYVmUD19w8y63xfMaKlAig+06i/n
ejysMW8Hv8k1HGpvZxfqSuK3B9XUstUVX1WU0UIeSymYVmjcL+KYBWF0OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsRxigdYfr54ewamTpuFkTnTt76MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvS3hIR0tCMWgtdm5oN0JxWk9tNFdST2RPM3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALghNMA0G
CSqGSIb3DQEBCwUAA4IBAQBepFSrSF06CjuhmPc8l7OOhgC8tWG3zjunOzzVY6Ua
Ywvex8oYdM+HlCUf+jvUUVfm5JLFgA9NA7j8xCw0PsdICztyPES7K42Z5lhd1ysT
XGGX19Z4G9KJE39Bh7iCyGLRvzx3r4Q5Vk9MwloIN8GI061kpnDgshd7W/JQruXX
yCImfSsmCFIDaNL9cAYi6Auec4LQ8YAlwC+yRY+4adwsg73k7KWrU0HS0ajH3f3+
BavQyAJodO6dmUO2HssCRF1dE5aqNrx6WrU53G54F1TlXFRTi/AUNm8brCtHbkFV
+0R4NHpQsB1BDyA+f0Xeg4MeXBcS+V29Sdr/tI9Gr7U2
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:38:49 2025 by rpki-client