Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/p1LyTW1EKPhbC9-WlZ8ZgGfeaiY.roa
File: p1LyTW1EKPhbC9-WlZ8ZgGfeaiY.roa (raw, json)
Hash identifier: wFRnB6NytA26oECwlu7y9Qlcu3aEtqA0xj4qghVcb0I=
Subject key identifier: A7:52:F2:4D:6D:44:28:F8:5B:0B:DF:96:95:9F:19:80:67:DE:6A:26
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01943BBBECADE831B0B30129B01BC4E91D2A
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/p1LyTW1EKPhbC9-WlZ8ZgGfeaiY.roa
Signing time: Mon 06 Jan 2025 13:09:19 +0000
ROA not before: Mon 06 Jan 2025 13:09:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213662
IP address blocks: 46.8.76.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3b:bb:ec:ad:e8:31:b0:b3:01:29:b0:1b:c4:e9:1d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 6 13:09:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a752f24d6d4428f85b0bdf96959f198067de6a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:49:af:f2:a4:a0:84:6a:97:cf:ae:77:21:a3:
31:d1:4d:90:4b:33:a3:f5:8d:bc:4f:4d:b9:7d:3b:
9c:d9:4a:07:52:c3:73:b9:9e:3a:8e:10:ac:f0:90:
93:19:c9:d1:91:c4:8b:07:1e:5a:0b:b5:eb:3f:0e:
0f:0f:fc:f5:f0:14:75:f3:76:f8:5c:01:e1:9f:65:
97:18:c3:61:bc:ed:66:86:a9:ce:8d:26:da:3c:ca:
3a:76:1e:d4:95:62:fc:61:8a:7b:40:47:66:d1:fa:
9e:af:21:bf:05:7f:1b:80:e1:d0:a3:ff:2f:75:3b:
6b:85:9c:c8:5c:e1:b3:fe:20:66:7e:34:62:96:97:
cb:c3:52:6e:81:ae:ec:1b:3d:7a:f8:bb:6c:d0:a1:
f4:84:05:e4:ab:27:bf:ee:0c:48:0a:36:90:db:f2:
22:4a:92:a7:17:c6:ad:55:2c:ea:a2:97:d6:bf:24:
93:14:f6:72:25:84:5d:0a:79:fb:15:e8:39:b7:fa:
50:19:bd:17:82:0a:7b:82:b7:e8:92:7a:b1:d7:c2:
e3:39:fd:47:fb:8c:d1:13:43:da:da:61:44:4c:3b:
a1:ef:d5:e4:db:03:5b:9e:4d:36:a1:de:29:06:78:
8e:aa:93:f0:f5:54:fb:37:c7:9f:aa:5e:88:76:6e:
d1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:52:F2:4D:6D:44:28:F8:5B:0B:DF:96:95:9F:19:80:67:DE:6A:26
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/p1LyTW1EKPhbC9-WlZ8ZgGfeaiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.76.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:c3:75:94:05:02:f2:32:bf:3a:9a:a0:3d:36:45:cf:e4:e8:
7c:0f:18:d3:32:75:64:63:a0:32:49:3d:c0:2f:4b:90:1c:24:
2b:7f:86:0f:a4:4a:55:7c:14:5f:9f:76:fa:73:0e:ec:4d:e3:
bd:86:27:04:b0:78:71:2c:b8:62:f6:1d:76:33:3a:e6:47:d9:
59:00:af:e0:f5:a2:54:a8:56:2d:25:4c:33:5f:b7:2f:d2:cb:
b5:c9:2f:19:13:40:53:3d:1e:5e:60:c4:44:31:e1:36:75:11:
16:c5:c6:71:63:b5:c4:b2:59:68:0b:1e:af:d3:1e:9d:c5:ee:
37:ad:ae:ae:34:61:d6:f7:6b:49:fd:33:2c:16:84:c7:be:36:
bc:66:1d:4c:0b:82:76:88:2b:a3:7a:8e:f5:ad:a6:2a:33:1d:
d4:19:b4:5c:44:17:1f:35:b6:70:ea:6a:c3:ba:e0:38:87:8f:
27:f4:5e:b1:d5:6e:84:8d:e4:5e:3e:f4:0b:fa:03:40:d6:84:
ce:2b:5e:43:cd:5a:28:79:96:c0:e0:dd:7b:6b:85:64:c4:10:
51:10:e3:97:9b:74:69:0e:83:17:29:ef:ad:4c:1f:bb:e1:4c:
fe:32:a9:47:c6:a0:9b:fe:0c:13:37:1e:e3:a1:d6:ea:95:d2:
72:79:e2:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ7u+yt6DGwswEpsBvE6R0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTA2MTMwOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzUyZjI0ZDZkNDQyOGY4NWIwYmRmOTY5NTlmMTk4MDY3ZGU2YTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEmv8qSghGqXz653IaMx0U2QSzOj
9Y28T025fTuc2UoHUsNzuZ46jhCs8JCTGcnRkcSLBx5aC7XrPw4PD/z18BR183b4
XAHhn2WXGMNhvO1mhqnOjSbaPMo6dh7UlWL8YYp7QEdm0fqeryG/BX8bgOHQo/8v
dTtrhZzIXOGz/iBmfjRilpfLw1Juga7sGz16+Lts0KH0hAXkqye/7gxICjaQ2/Ii
SpKnF8atVSzqopfWvySTFPZyJYRdCnn7Feg5t/pQGb0Xggp7grfoknqx18LjOf1H
+4zRE0Pa2mFETDuh79Xk2wNbnk02od4pBniOqpPw9VT7N8efql6Idm7RaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKdS8k1tRCj4WwvflpWfGYBn3momMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvcDFMeVRXMUVLUGhiQzktV2xaOFpnR2ZlYWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALghMMA0G
CSqGSIb3DQEBCwUAA4IBAQCqw3WUBQLyMr86mqA9NkXP5Oh8DxjTMnVkY6AyST3A
L0uQHCQrf4YPpEpVfBRfn3b6cw7sTeO9hicEsHhxLLhi9h12MzrmR9lZAK/g9aJU
qFYtJUwzX7cv0su1yS8ZE0BTPR5eYMREMeE2dREWxcZxY7XEslloCx6v0x6dxe43
ra6uNGHW92tJ/TMsFoTHvja8Zh1MC4J2iCujeo71raYqMx3UGbRcRBcfNbZw6mrD
uuA4h48n9F6x1W6EjeRePvQL+gNA1oTOK15DzVooeZbA4N17a4VkxBBREOOXm3Rp
DoMXKe+tTB+74Uz+MqlHxqCb/gwTNx7jodbqldJyeeLH
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:24:18 2025 by rpki-client