Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/vXqIsfWMBiel8TtAmnhCfzxhwpQ.roa
File: vXqIsfWMBiel8TtAmnhCfzxhwpQ.roa (raw, json)
Hash identifier: y28dNNQrcncc6Rn7d3UOQVe75e0YhQscaQyK32eeP2k=
Subject key identifier: BD:7A:88:B1:F5:8C:06:27:A5:F1:3B:40:9A:78:42:7F:3C:61:C2:94
Certificate issuer: /CN=d4375814344df0bf6d017733acdc488f002631b2
Certificate serial: 018D335E89A101C03A1FC0F7B30BCADAC766
Authority key identifier: D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/vXqIsfWMBiel8TtAmnhCfzxhwpQ.roa
Signing time: Mon 22 Jan 2024 22:50:50 +0000
ROA not before: Mon 22 Jan 2024 22:50:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400817
IP address blocks: 46.8.200.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:33:5e:89:a1:01:c0:3a:1f:c0:f7:b3:0b:ca:da:c7:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4375814344df0bf6d017733acdc488f002631b2
Validity
Not Before: Jan 22 22:50:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd7a88b1f58c0627a5f13b409a78427f3c61c294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0c:f2:d3:80:50:80:a2:86:d4:5b:09:c1:86:
79:bf:71:04:b7:e5:93:e6:18:41:c4:91:a4:d3:9a:
e9:a3:3b:09:e8:1c:c7:92:25:45:c7:4a:c5:6f:bf:
9e:da:ce:87:8f:76:4d:59:b8:e2:3a:30:9c:a3:13:
53:91:87:c0:43:6f:63:2b:07:d1:28:af:b5:e1:f8:
bd:c1:03:6c:b2:6a:4e:3a:ec:a4:e5:10:3b:c4:80:
b2:4c:8e:ef:25:9e:8e:6f:27:fd:e0:50:04:84:1d:
ca:a7:3a:da:e1:97:b0:48:5d:0f:c7:30:fc:5e:c0:
58:d3:b5:60:4d:29:f7:f2:6e:fd:f1:80:6d:d4:9d:
1c:5e:2d:49:70:36:2d:7a:7b:f8:d1:c6:e9:31:fe:
39:e1:b3:cb:a4:3b:9a:e0:69:11:43:1e:7f:3c:d6:
6b:0a:f5:4c:c9:67:a8:1c:39:df:90:4c:2f:90:d9:
e2:a1:67:fe:8e:b5:cc:fa:06:f6:8a:61:cc:8e:58:
0c:68:f1:5b:db:1f:24:a4:ae:e3:a6:20:94:98:4d:
6f:e8:e0:bb:0d:89:6f:f1:05:b1:6d:24:3a:df:bc:
cc:31:d6:30:a2:01:0a:e1:e8:88:4e:9f:25:1b:2d:
ef:82:99:ba:f8:21:5f:47:ec:d4:d2:c9:39:0c:a3:
b6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7A:88:B1:F5:8C:06:27:A5:F1:3B:40:9A:78:42:7F:3C:61:C2:94
X509v3 Authority Key Identifier:
keyid:D4:37:58:14:34:4D:F0:BF:6D:01:77:33:AC:DC:48:8F:00:26:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DdYFDRN8L9tAXczrNxIjwAmMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/vXqIsfWMBiel8TtAmnhCfzxhwpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b24b2d-3523-422e-9bcf-3671d67eb9f8/1/1DdYFDRN8L9tAXczrNxIjwAmMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.200.0/23
Signature Algorithm: sha256WithRSAEncryption
99:57:4d:5f:c4:5f:19:db:15:16:b7:fc:99:b2:94:52:d6:4e:
0e:83:c0:fe:97:be:47:57:6a:e3:db:88:3b:c5:21:0b:40:26:
71:26:c3:14:48:ab:84:35:20:05:b4:4b:0e:6b:b4:ff:c1:b9:
74:93:4d:f3:58:03:46:f2:e6:bb:1c:48:85:30:75:bd:c8:de:
f2:56:12:a6:33:76:77:3a:5f:44:6e:f4:f1:e8:26:41:ec:6e:
b2:79:00:26:32:d2:ae:62:fb:ca:4b:d2:5f:87:a8:57:8e:89:
de:09:3a:f2:3b:8a:3b:23:42:aa:a1:51:38:be:2c:f3:7a:04:
4d:79:e1:b5:05:85:59:0f:cf:3d:eb:e5:8f:09:cf:26:c8:a4:
b7:1e:d6:f6:60:fa:57:94:85:c3:0b:41:31:72:ca:a0:fc:6e:
5c:56:34:f9:76:d4:88:99:f9:4c:e6:d0:72:16:b8:bf:bb:31:
ff:d2:34:2d:be:b0:73:86:66:27:d1:c5:ba:c7:7f:5c:8b:74:
46:85:13:e9:12:e3:85:15:e0:38:c1:dc:58:8e:fd:d1:66:9a:
ed:72:3f:41:95:32:a1:20:4a:22:c6:ff:62:3f:52:77:eb:e1:
d5:77:ac:6c:68:78:72:48:a6:b2:74:c8:11:c1:5d:9a:e1:84:
13:77:5a:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0zXomhAcA6H8D3swvK2sdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Mzc1ODE0MzQ0ZGYwYmY2ZDAxNzczM2FjZGM0ODhmMDAy
NjMxYjIwHhcNMjQwMTIyMjI1MDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDdhODhiMWY1OGMwNjI3YTVmMTNiNDA5YTc4NDI3ZjNjNjFjMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQzy04BQgKKG1FsJwYZ5v3EEt+WT
5hhBxJGk05rpozsJ6BzHkiVFx0rFb7+e2s6Hj3ZNWbjiOjCcoxNTkYfAQ29jKwfR
KK+14fi9wQNssmpOOuyk5RA7xICyTI7vJZ6Obyf94FAEhB3Kpzra4ZewSF0PxzD8
XsBY07VgTSn38m798YBt1J0cXi1JcDYtenv40cbpMf454bPLpDua4GkRQx5/PNZr
CvVMyWeoHDnfkEwvkNnioWf+jrXM+gb2imHMjlgMaPFb2x8kpK7jpiCUmE1v6OC7
DYlv8QWxbSQ637zMMdYwogEK4eiITp8lGy3vgpm6+CFfR+zU0sk5DKO2CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL16iLH1jAYnpfE7QJp4Qn88YcKUMB8GA1UdIwQY
MBaAFNQ3WBQ0TfC/bQF3M6zcSI8AJjGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2Yt
MzY3MWQ2N2ViOWY4LzEvdlhxSXNmV01CaWVsOFR0QW1uaENmenhod3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMjRiMmQtMzUyMy00MjJlLTliY2YtMzY3MWQ2N2ViOWY4
LzEvMURkWUZEUk44TDl0QVhjenJOeElqd0FtTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLgjIMA0G
CSqGSIb3DQEBCwUAA4IBAQCZV01fxF8Z2xUWt/yZspRS1k4Og8D+l75HV2rj24g7
xSELQCZxJsMUSKuENSAFtEsOa7T/wbl0k03zWANG8ua7HEiFMHW9yN7yVhKmM3Z3
Ol9EbvTx6CZB7G6yeQAmMtKuYvvKS9Jfh6hXjoneCTryO4o7I0KqoVE4vizzegRN
eeG1BYVZD8896+WPCc8myKS3Htb2YPpXlIXDC0Excsqg/G5cVjT5dtSImflM5tBy
Fri/uzH/0jQtvrBzhmYn0cW6x39ci3RGhRPpEuOFFeA4wdxYjv3RZprtcj9BlTKh
IEoixv9iP1J36+HVd6xsaHhySKaydMgRwV2a4YQTd1pm
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:21 2025 by rpki-client