Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-XY9PXCM2ycf_AAV9HphQxoCjL8.roa
File: 1-XY9PXCM2ycf_AAV9HphQxoCjL8.roa (raw, json)
Hash identifier: ei9HG0/LdLcKMwXTH3h+0w8slRYDyBRpUzU5g417WWE=
Subject key identifier: F9:76:3D:3D:70:8C:DB:27:1F:FC:00:15:F4:7A:61:43:1A:02:8C:BF
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01942369919CDA72A9F301C16688A683083D
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-XY9PXCM2ycf_AAV9HphQxoCjL8.roa
Signing time: Wed 01 Jan 2025 19:48:28 +0000
ROA not before: Wed 01 Jan 2025 19:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40975
IP address blocks: 46.102.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:91:9c:da:72:a9:f3:01:c1:66:88:a6:83:08:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9763d3d708cdb271ffc0015f47a61431a028cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:17:e8:c0:fe:be:2f:ad:e3:cd:73:43:57:2b:
5d:1c:20:48:8d:d2:1b:70:0d:bc:47:8f:b5:7a:ec:
e0:8e:f7:d0:0b:0f:88:76:45:ef:de:28:cc:d7:8a:
a8:c3:22:85:a1:c5:61:b9:0a:c6:c8:1a:e4:e0:98:
03:f0:f9:20:a0:67:49:d9:34:2c:d5:28:a6:04:36:
a5:e7:72:fa:79:1f:5c:c4:8b:60:ed:f8:2f:bf:3c:
17:5e:9c:5e:42:03:49:47:2f:40:53:00:8f:cc:44:
41:71:a3:50:46:05:2e:69:d3:da:87:e9:fb:c0:c5:
9a:18:e4:aa:20:e2:53:58:7f:1f:aa:1a:70:d9:de:
3e:24:ae:7b:ad:9b:91:c6:c1:cd:5e:f5:f0:00:dd:
c0:04:bd:4b:03:44:60:4c:46:6c:79:09:de:a8:d5:
9d:7e:ca:5e:7a:39:cd:ff:de:c6:8f:33:c4:bf:3a:
5c:02:eb:fd:39:9f:05:36:29:5b:b0:04:77:19:30:
ad:33:2f:3f:4b:02:36:c3:b0:2e:c0:ba:c3:4e:c9:
6c:c8:31:18:1e:1b:f8:5a:b0:3c:27:de:f1:9f:72:
18:09:90:28:4b:31:9b:cb:5d:08:4e:32:c7:e9:da:
26:06:7e:59:5b:e1:d5:da:3d:2a:03:fc:c9:ba:3e:
00:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:76:3D:3D:70:8C:DB:27:1F:FC:00:15:F4:7A:61:43:1A:02:8C:BF
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-XY9PXCM2ycf_AAV9HphQxoCjL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.235.0/24
Signature Algorithm: sha256WithRSAEncryption
f1:34:ef:52:1c:a0:5f:b6:77:d1:65:11:dc:3a:ea:63:0a:43:
b7:7d:2c:12:8d:ab:fc:a7:5b:f6:9c:ec:97:f8:b0:2d:43:d3:
21:2b:fb:c0:90:c2:37:f9:cb:e0:e5:b3:90:39:fd:1b:f2:03:
96:05:3f:71:f8:d6:9e:d9:f4:a9:f3:da:6f:b2:0d:77:3c:a1:
93:2b:5e:72:ec:9e:da:9e:74:1d:e9:56:6b:54:33:d7:b2:a1:
c1:2b:4a:9d:a1:8d:66:8e:cf:86:f5:5c:47:4a:91:b8:14:8b:
c7:88:0f:2f:d3:a9:1e:1b:8e:22:e2:ae:ae:cd:fd:dd:00:a8:
54:2f:0d:3c:24:3c:1e:91:e9:fb:60:d6:91:eb:7c:4f:96:eb:
59:b6:56:af:b0:91:7d:0e:98:5f:45:08:fb:d5:4b:e2:b3:a2:
eb:c8:12:d8:e6:f3:6f:3f:ec:4f:8e:88:fd:86:5d:7b:c4:db:
fd:64:97:1f:91:38:3f:6b:ea:e2:59:09:f1:c0:9a:6e:c9:70:
9e:14:fb:aa:e5:97:d3:56:e2:42:43:cf:2a:4b:ad:4b:09:77:
9a:9f:ff:25:9d:d6:4f:77:84:9e:64:b3:84:c2:13:c0:23:0b:
11:0b:89:6e:84:0e:aa:fd:20:63:d9:7d:e5:85:32:7d:bc:b7:
6b:27:64:18
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjaZGc2nKp8wHBZoimgwg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTc2M2QzZDcwOGNkYjI3MWZmYzAwMTVmNDdhNjE0MzFhMDI4Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RfowP6+L63jzXNDVytdHCBIjdIb
cA28R4+1euzgjvfQCw+IdkXv3ijM14qowyKFocVhuQrGyBrk4JgD8PkgoGdJ2TQs
1SimBDal53L6eR9cxItg7fgvvzwXXpxeQgNJRy9AUwCPzERBcaNQRgUuadPah+n7
wMWaGOSqIOJTWH8fqhpw2d4+JK57rZuRxsHNXvXwAN3ABL1LA0RgTEZseQneqNWd
fspeejnN/97GjzPEvzpcAuv9OZ8FNilbsAR3GTCtMy8/SwI2w7AuwLrDTslsyDEY
Hhv4WrA8J97xn3IYCZAoSzGby10ITjLH6domBn5ZW+HV2j0qA/zJuj4A2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPl2PT1wjNsnH/wAFfR6YUMaAoy/MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzEtWFk5UFhDTTJ5Y2ZfQUFWOUhwaFF4b0NqTDgucm9h
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYz
MzEvMS8xLU9ZbU5PRzlVVE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALmbr
MA0GCSqGSIb3DQEBCwUAA4IBAQDxNO9SHKBftnfRZRHcOupjCkO3fSwSjav8p1v2
nOyX+LAtQ9MhK/vAkMI3+cvg5bOQOf0b8gOWBT9x+Nae2fSp89pvsg13PKGTK15y
7J7annQd6VZrVDPXsqHBK0qdoY1mjs+G9VxHSpG4FIvHiA8v06keG44i4q6uzf3d
AKhULw08JDweken7YNaR63xPlutZtlavsJF9DphfRQj71Uvis6LryBLY5vNvP+xP
joj9hl17xNv9ZJcfkTg/a+riWQnxwJpuyXCeFPuq5ZfTVuJCQ88qS61LCXean/8l
ndZPd4SeZLOEwhPAIwsRC4luhA6q/SBj2X3lhTJ9vLdrJ2QY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:05 2025 by rpki-client