Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/hUKoVuEu-xlBQt8YqVgg40DyOWI.roa
File: hUKoVuEu-xlBQt8YqVgg40DyOWI.roa (raw, json)
Hash identifier: QhdPiKHxz1bA2vF9eowl7AkKvDIVSshRRRXjkJX70Gg=
Subject key identifier: 85:42:A8:56:E1:2E:FB:19:41:42:DF:18:A9:58:20:E3:40:F2:39:62
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFA9927FE663266FC632A99E939122F
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/hUKoVuEu-xlBQt8YqVgg40DyOWI.roa
Signing time: Wed 01 Jan 2025 03:48:24 +0000
ROA not before: Wed 01 Jan 2025 03:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56911
IP address blocks: 46.243.128.0/22 maxlen: 22
46.243.132.0/23 maxlen: 23
46.243.134.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:99:27:fe:66:32:66:fc:63:2a:99:e9:39:12:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8542a856e12efb194142df18a95820e340f23962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:69:6d:ef:45:8c:f8:d0:5d:8d:f9:27:53:03:
24:7d:58:3e:1f:62:13:34:5d:fe:d3:65:1d:f4:3d:
a3:c6:0c:7b:c3:47:b9:b7:1b:9d:4a:f3:68:4e:44:
b5:21:48:cd:f5:d8:d9:3e:2c:15:16:81:65:83:89:
50:ad:a3:46:91:5a:63:d5:90:df:55:10:f1:d1:9e:
28:3d:c5:c5:bb:3a:46:64:13:d1:8d:af:57:01:14:
cc:5c:9e:da:38:3f:cb:cf:32:4a:d6:3b:0f:26:80:
48:8f:ba:9a:5f:76:bb:74:78:8b:34:ea:66:e7:a2:
18:8a:5d:e1:f3:54:39:f9:5b:43:cf:a1:d9:6f:84:
58:fc:7d:e5:df:8d:b5:4a:e3:5c:9e:00:20:b7:6a:
26:04:9b:64:83:ac:f0:ce:25:80:6a:cf:13:68:6b:
bf:c3:9d:92:0f:a1:93:47:8e:2d:35:62:68:21:97:
52:30:14:ae:35:b7:40:b0:48:8f:54:7b:35:5d:6d:
28:e8:5d:9e:51:11:e2:08:fd:4f:15:b4:8f:63:79:
81:d9:71:a0:e1:aa:56:f9:f8:21:2b:8a:9b:02:15:
58:40:4a:56:e1:30:a4:fe:df:3e:18:95:da:f0:ac:
5b:87:d0:bb:07:04:1b:1f:03:86:f5:52:e6:b5:71:
57:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:42:A8:56:E1:2E:FB:19:41:42:DF:18:A9:58:20:E3:40:F2:39:62
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/hUKoVuEu-xlBQt8YqVgg40DyOWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.128.0/21
Signature Algorithm: sha256WithRSAEncryption
ad:c7:74:ed:e1:df:d5:c1:17:1c:36:96:e0:75:57:10:12:9a:
14:cb:7f:79:77:bb:d3:0b:18:61:28:e2:e3:f3:ca:50:2d:9a:
b0:e3:ee:0a:c8:97:52:38:5b:ab:16:77:7a:a4:e9:8b:32:ef:
46:35:34:6b:d9:60:1f:15:28:2c:91:70:eb:09:03:89:0e:20:
2a:61:3c:1a:36:f0:41:de:7a:3c:ef:71:aa:65:2b:94:90:45:
ff:d2:7e:6d:0b:da:9d:72:67:bc:0a:71:fb:ff:82:f0:79:f1:
ab:e3:3e:ab:6a:ab:70:94:54:8b:fb:fb:f5:eb:ba:71:f2:94:
3d:cb:c2:5b:02:0a:9f:09:5b:2c:c0:a6:fd:2b:2d:c6:1a:89:
84:ca:8c:bb:f7:f6:55:b8:85:4e:38:c2:f6:4e:9f:5e:f1:12:
21:91:2e:23:2d:99:8e:b3:73:38:ec:44:e5:ec:ee:31:da:12:
8f:d6:c8:47:04:84:a9:1f:b4:f3:cc:15:31:45:e3:14:20:e5:
63:c9:0c:7d:85:65:e0:6b:02:7a:ed:72:50:d2:70:0f:c4:c7:
a9:c3:00:1d:77:55:cf:bc:ad:c1:9b:9f:15:a6:8f:8b:93:fd:
e5:8a:be:8c:51:c6:6c:61:8c:3e:ef:65:af:c1:05:ad:35:f5:
1c:2e:18:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+pkn/mYyZvxjKpnpORIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQyYTg1NmUxMmVmYjE5NDE0MmRmMThhOTU4MjBlMzQwZjIzOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2lt70WM+NBdjfknUwMkfVg+H2IT
NF3+02Ud9D2jxgx7w0e5txudSvNoTkS1IUjN9djZPiwVFoFlg4lQraNGkVpj1ZDf
VRDx0Z4oPcXFuzpGZBPRja9XARTMXJ7aOD/LzzJK1jsPJoBIj7qaX3a7dHiLNOpm
56IYil3h81Q5+VtDz6HZb4RY/H3l3421SuNcngAgt2omBJtkg6zwziWAas8TaGu/
w52SD6GTR44tNWJoIZdSMBSuNbdAsEiPVHs1XW0o6F2eURHiCP1PFbSPY3mB2XGg
4apW+fghK4qbAhVYQEpW4TCk/t8+GJXa8Kxbh9C7BwQbHwOG9VLmtXFXiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVCqFbhLvsZQULfGKlYIONA8jliMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvaFVLb1Z1RXUteGxCUXQ4WXFWZ2c0MER5T1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLvOAMA0G
CSqGSIb3DQEBCwUAA4IBAQCtx3Tt4d/VwRccNpbgdVcQEpoUy395d7vTCxhhKOLj
88pQLZqw4+4KyJdSOFurFnd6pOmLMu9GNTRr2WAfFSgskXDrCQOJDiAqYTwaNvBB
3no873GqZSuUkEX/0n5tC9qdcme8CnH7/4LwefGr4z6raqtwlFSL+/v167px8pQ9
y8JbAgqfCVsswKb9Ky3GGomEyoy79/ZVuIVOOML2Tp9e8RIhkS4jLZmOs3M47ETl
7O4x2hKP1shHBISpH7TzzBUxReMUIOVjyQx9hWXgawJ67XJQ0nAPxMepwwAdd1XP
vK3Bm58Vpo+Lk/3lir6MUcZsYYw+72WvwQWtNfUcLhje
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:08:19 2025 by rpki-client