Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/Ai_jhfn0i9Wvxs1dcGNuIQFRbQw.roa
File: Ai_jhfn0i9Wvxs1dcGNuIQFRbQw.roa (raw, json)
Hash identifier: Gw+sAwziSiWdDJ9jEjQB+Xypl/VPbgg3IFN9iDAN1Ok=
Subject key identifier: 02:2F:E3:85:F9:F4:8B:D5:AF:C6:CD:5D:70:63:6E:21:01:51:6D:0C
Certificate issuer: /CN=23d8f620999506cc86d7548ea7282bb129f02d68
Certificate serial: 019422FBFF69C60719D653CB2E6230CE2C25
Authority key identifier: 23:D8:F6:20:99:95:06:CC:86:D7:54:8E:A7:28:2B:B1:29:F0:2D:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9j2IJmVBsyG11SOpygrsSnwLWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/Ai_jhfn0i9Wvxs1dcGNuIQFRbQw.roa
Signing time: Wed 01 Jan 2025 17:48:47 +0000
ROA not before: Wed 01 Jan 2025 17:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 46.227.40.0/24 maxlen: 24
46.227.41.0/24 maxlen: 24
46.227.42.0/24 maxlen: 24
46.227.43.0/24 maxlen: 24
46.227.44.0/24 maxlen: 24
46.227.45.0/24 maxlen: 24
46.227.47.0/24 maxlen: 24
185.31.204.0/24 maxlen: 24
185.31.205.0/24 maxlen: 24
185.31.206.0/24 maxlen: 24
185.31.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ff:69:c6:07:19:d6:53:cb:2e:62:30:ce:2c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8f620999506cc86d7548ea7282bb129f02d68
Validity
Not Before: Jan 1 17:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=022fe385f9f48bd5afc6cd5d70636e2101516d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0b:51:1f:c8:9d:03:1d:a9:df:91:d6:6a:5e:
e8:8a:b2:1a:73:27:58:1f:2e:0d:b8:b1:b7:fd:9d:
01:ad:ef:b7:06:3d:e9:94:5b:ba:50:e4:d2:0b:75:
89:df:d4:6c:09:2b:3a:5f:72:ee:2f:53:5e:1e:60:
f5:c7:7a:16:e6:4b:38:8a:9e:2c:c8:49:4f:de:fd:
19:07:8e:25:21:35:93:2b:c4:35:a2:a0:cf:06:9a:
04:eb:1d:5d:12:e6:af:5a:dd:2f:8c:b6:07:cd:b7:
60:48:a6:53:75:11:6c:39:61:72:55:e5:5c:25:0c:
78:ad:8a:71:b2:45:e8:1d:ac:d8:03:9d:1f:a8:c1:
02:cd:33:19:a6:e7:b4:ab:75:67:e6:bb:b8:6a:e7:
43:90:34:b7:34:ff:15:00:6e:70:4e:51:ea:42:42:
5e:ea:b0:24:52:7d:27:d9:0d:ed:8f:58:ab:90:a2:
f2:d4:ce:71:15:65:c9:48:cb:a1:ab:db:57:93:f1:
34:ad:c9:8e:e6:e1:90:f6:9a:e0:51:17:f0:b7:f0:
68:12:c4:7f:ed:a5:4a:46:10:4c:c4:0a:58:9a:81:
72:90:a8:c2:16:bc:f5:db:66:b9:47:dc:ec:70:50:
a4:b0:48:25:15:0a:8e:d7:a7:90:8d:46:50:f9:68:
59:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:2F:E3:85:F9:F4:8B:D5:AF:C6:CD:5D:70:63:6E:21:01:51:6D:0C
X509v3 Authority Key Identifier:
keyid:23:D8:F6:20:99:95:06:CC:86:D7:54:8E:A7:28:2B:B1:29:F0:2D:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9j2IJmVBsyG11SOpygrsSnwLWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/Ai_jhfn0i9Wvxs1dcGNuIQFRbQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/403ec4-266e-4ea4-ba3a-4fdc48da8f33/1/I9j2IJmVBsyG11SOpygrsSnwLWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.40.0-46.227.45.255
46.227.47.0/24
185.31.204.0/22
Signature Algorithm: sha256WithRSAEncryption
10:52:c1:c5:81:62:ac:8e:76:44:cb:86:55:61:67:53:d0:d8:
66:3f:da:ab:66:2c:10:a8:c1:95:9a:4e:39:86:84:37:70:14:
2c:8f:43:92:3d:7c:f0:1d:56:23:90:56:75:a4:83:0e:60:cb:
e3:72:fb:1f:15:1c:69:42:15:ec:77:c1:40:f9:4b:ce:ee:32:
8b:35:9f:e3:83:a7:af:0c:d0:f9:4f:d3:03:aa:af:14:0b:6d:
fc:66:2e:91:14:c1:16:f6:8a:15:6e:c8:9c:59:48:fe:cb:0d:
eb:fc:cb:74:4c:53:78:9f:7f:a1:4a:d2:c1:62:a7:b9:53:e0:
9b:15:9b:90:4b:4c:cf:fb:c3:db:73:64:b8:83:b0:4c:e6:e9:
d3:e1:74:aa:00:92:b4:17:76:18:d1:80:48:17:d1:fd:d6:66:
75:b1:5a:1c:5a:7c:f1:e2:20:71:83:9e:90:25:5e:8b:d1:90:
b0:44:c4:b4:f0:a5:95:82:b6:f0:07:24:f3:51:86:aa:d8:f7:
98:de:ba:86:1e:06:3b:97:06:df:65:89:79:14:07:90:94:a8:
ea:21:46:fc:4e:04:78:62:c0:9b:e7:4a:d4:5d:69:35:17:57:
12:ea:d9:fb:72:fd:10:ab:d8:83:c9:08:ae:a3:78:57:0d:80:
46:d7:01:35
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQi+/9pxgcZ1lPLLmIwziwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDhmNjIwOTk5NTA2Y2M4NmQ3NTQ4ZWE3MjgyYmIxMjlm
MDJkNjgwHhcNMjUwMTAxMTc0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjJmZTM4NWY5ZjQ4YmQ1YWZjNmNkNWQ3MDYzNmUyMTAxNTE2ZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogtRH8idAx2p35HWal7oirIacydY
Hy4NuLG3/Z0Bre+3Bj3plFu6UOTSC3WJ39RsCSs6X3LuL1NeHmD1x3oW5ks4ip4s
yElP3v0ZB44lITWTK8Q1oqDPBpoE6x1dEuavWt0vjLYHzbdgSKZTdRFsOWFyVeVc
JQx4rYpxskXoHazYA50fqMECzTMZpue0q3Vn5ru4audDkDS3NP8VAG5wTlHqQkJe
6rAkUn0n2Q3tj1irkKLy1M5xFWXJSMuhq9tXk/E0rcmO5uGQ9prgURfwt/BoEsR/
7aVKRhBMxApYmoFykKjCFrz122a5R9zscFCksEglFQqO16eQjUZQ+WhZ2QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAIv44X59IvVr8bNXXBjbiEBUW0MMB8GA1UdIwQY
MBaAFCPY9iCZlQbMhtdUjqcoK7Ep8C1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlqMklKbVZCc3lHMTFTT3B5Z3JzU253TFdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80MDNlYzQtMjY2ZS00ZWE0LWJhM2Et
NGZkYzQ4ZGE4ZjMzLzEvQWlfamhmbjBpOVd2eHMxZGNHTnVJUUZSYlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80MDNlYzQtMjY2ZS00ZWE0LWJhM2EtNGZkYzQ4ZGE4ZjMz
LzEvSTlqMklKbVZCc3lHMTFTT3B5Z3JzU253TFdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAMu4ygD
BAEu4ywDBAAu4y8DBAK5H8wwDQYJKoZIhvcNAQELBQADggEBABBSwcWBYqyOdkTL
hlVhZ1PQ2GY/2qtmLBCowZWaTjmGhDdwFCyPQ5I9fPAdViOQVnWkgw5gy+Ny+x8V
HGlCFex3wUD5S87uMos1n+ODp68M0PlP0wOqrxQLbfxmLpEUwRb2ihVuyJxZSP7L
Dev8y3RMU3iff6FK0sFip7lT4JsVm5BLTM/7w9tzZLiDsEzm6dPhdKoAkrQXdhjR
gEgX0f3WZnWxWhxafPHiIHGDnpAlXovRkLBExLTwpZWCtvAHJPNRhqrY95jeuoYe
BjuXBt9liXkUB5CUqOohRvxOBHhiwJvnStRdaTUXVxLq2fty/RCr2IPJCK6jeFcN
gEbXATU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:55:41 2025 by rpki-client