Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/qSOXS6tCuAYL1pKXzwPPfJB5cts.roa
File: qSOXS6tCuAYL1pKXzwPPfJB5cts.roa (raw, json)
Hash identifier: BUqgi+HmoLZXyQihmYqBG/iShwqsas8WaX9q6u+8Je0=
Subject key identifier: A9:23:97:4B:AB:42:B8:06:0B:D6:92:97:CF:03:CF:7C:90:79:72:DB
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01942747D51EF28088A8B751F549C92EF28C
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/qSOXS6tCuAYL1pKXzwPPfJB5cts.roa
Signing time: Thu 02 Jan 2025 13:50:06 +0000
ROA not before: Thu 02 Jan 2025 13:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211399
IP address blocks: 46.8.140.0/24 maxlen: 24
46.8.148.0/24 maxlen: 24
46.8.204.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:d5:1e:f2:80:88:a8:b7:51:f5:49:c9:2e:f2:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 13:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a923974bab42b8060bd69297cf03cf7c907972db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:67:f8:9a:17:57:31:44:a5:07:95:86:6b:6b:
41:da:cd:a8:0b:fb:be:f5:46:85:4e:58:11:87:7c:
ad:2c:c0:dc:6f:18:6d:34:80:80:a4:67:15:14:6e:
34:c7:17:ac:a6:1e:25:3f:16:23:04:e0:86:d0:3e:
8c:6b:ca:a7:9c:94:66:08:dd:a5:df:ea:d4:62:53:
6e:8d:85:8c:25:a7:5b:c3:c6:f8:31:1c:ad:23:7a:
6c:23:c3:1d:a6:b6:69:6f:8b:b0:fd:4e:69:03:00:
83:77:3a:3e:33:30:9a:4d:b4:81:79:e9:22:6d:e8:
2e:12:e4:1f:ac:b9:54:b5:52:d8:e0:74:fd:6a:17:
55:bf:99:53:be:a9:21:6b:2a:b9:66:22:2e:f8:79:
b4:ee:7e:41:dd:02:7e:37:ad:ff:f7:19:78:b7:aa:
20:3f:bb:36:d3:8f:08:6b:ab:cc:9b:4d:0f:13:30:
21:dc:56:af:c1:fb:3e:9e:03:4e:bf:3c:5e:76:b3:
56:bb:68:c4:c6:26:71:c8:f4:41:64:55:60:70:49:
47:fd:e1:6b:86:b5:0c:0a:c6:05:44:7e:91:1c:44:
42:46:ad:83:3a:92:a2:7d:5b:81:eb:96:32:ba:b2:
42:4d:1b:45:62:4b:00:1e:b1:7d:d9:10:c1:26:0e:
1b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:23:97:4B:AB:42:B8:06:0B:D6:92:97:CF:03:CF:7C:90:79:72:DB
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/qSOXS6tCuAYL1pKXzwPPfJB5cts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.140.0/24
46.8.148.0/24
46.8.204.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:10:62:c4:6c:6a:1d:c2:79:29:70:01:3f:20:01:15:76:a0:
8d:55:f5:ab:88:45:ae:da:a0:b9:0f:ca:e4:39:37:db:5e:7c:
dc:a3:0f:8d:fb:0e:35:c8:5a:ec:2b:e0:c7:14:7e:ef:02:30:
8f:d2:0f:05:f8:be:58:5f:2e:21:08:31:e1:13:30:9b:ac:51:
5d:54:1f:5d:17:c5:6a:51:d1:a6:ee:03:93:6c:80:ed:55:33:
1a:34:59:a4:72:ef:8f:32:9c:dc:2a:53:0c:ed:12:41:3c:a6:
41:41:49:9a:e8:0a:b4:52:25:07:a5:f4:52:2a:35:1b:bc:18:
12:ec:22:c0:1c:37:3f:8c:5a:38:8a:7b:34:c5:17:36:79:60:
72:f8:69:c4:52:56:11:52:cd:94:ab:9e:4a:c7:58:3b:57:af:
be:6c:ea:29:07:7a:1a:52:4b:24:e2:00:f9:86:27:18:46:7f:
e4:11:2c:eb:dd:3c:9e:6c:92:6e:d1:d5:29:60:0c:3f:1a:fa:
f5:ac:49:b0:ed:86:0e:a4:f0:f0:c7:2f:83:3f:ac:3b:38:ea:
de:bf:cb:e6:6d:2b:fa:da:a8:01:19:d3:d7:38:3f:bb:64:9a:
65:34:59:91:66:bd:31:ea:13:6d:1c:6a:38:e3:71:31:83:3a:
40:43:b0:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnR9Ue8oCIqLdR9UnJLvKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTAyMTM1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTIzOTc0YmFiNDJiODA2MGJkNjkyOTdjZjAzY2Y3YzkwNzk3MmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Gf4mhdXMUSlB5WGa2tB2s2oC/u+
9UaFTlgRh3ytLMDcbxhtNICApGcVFG40xxesph4lPxYjBOCG0D6Ma8qnnJRmCN2l
3+rUYlNujYWMJadbw8b4MRytI3psI8MdprZpb4uw/U5pAwCDdzo+MzCaTbSBeeki
beguEuQfrLlUtVLY4HT9ahdVv5lTvqkhayq5ZiIu+Hm07n5B3QJ+N63/9xl4t6og
P7s2048Ia6vMm00PEzAh3Favwfs+ngNOvzxedrNWu2jExiZxyPRBZFVgcElH/eFr
hrUMCsYFRH6RHERCRq2DOpKifVuB65YyurJCTRtFYksAHrF92RDBJg4bnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKkjl0urQrgGC9aSl88Dz3yQeXLbMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvcVNPWFM2dEN1QVlMMXBLWHp3UFBmSkI1Y3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALgiMAwQA
LgiUAwQBLgjMMA0GCSqGSIb3DQEBCwUAA4IBAQCrEGLEbGodwnkpcAE/IAEVdqCN
VfWriEWu2qC5D8rkOTfbXnzcow+N+w41yFrsK+DHFH7vAjCP0g8F+L5YXy4hCDHh
EzCbrFFdVB9dF8VqUdGm7gOTbIDtVTMaNFmkcu+PMpzcKlMM7RJBPKZBQUma6Aq0
UiUHpfRSKjUbvBgS7CLAHDc/jFo4ins0xRc2eWBy+GnEUlYRUs2Uq55Kx1g7V6++
bOopB3oaUksk4gD5hicYRn/kESzr3TyebJJu0dUpYAw/Gvr1rEmw7YYOpPDwxy+D
P6w7OOrev8vmbSv62qgBGdPXOD+7ZJplNFmRZr0x6hNtHGo443ExgzpAQ7CH
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:33:35 2025 by rpki-client