Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/ivvK2rH3Da0XFb0CtPI6-c8j9iw.roa
File: ivvK2rH3Da0XFb0CtPI6-c8j9iw.roa (raw, json)
Hash identifier: y+fDNhHN305IuCvhhyl0+Ku7rbokWctafP7Dlneuvb8=
Subject key identifier: 8A:FB:CA:DA:B1:F7:0D:AD:17:15:BD:02:B4:F2:3A:F9:CF:23:F6:2C
Certificate issuer: /CN=a2f6bc8f163af49c03d9ad69e716b42c5b96ee79
Certificate serial: 019423D806EAF47D23256F021059E3EFE433
Authority key identifier: A2:F6:BC:8F:16:3A:F4:9C:03:D9:AD:69:E7:16:B4:2C:5B:96:EE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ova8jxY69JwD2a1p5xa0LFuW7nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/ivvK2rH3Da0XFb0CtPI6-c8j9iw.roa
Signing time: Wed 01 Jan 2025 21:49:07 +0000
ROA not before: Wed 01 Jan 2025 21:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 46.19.170.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d8:06:ea:f4:7d:23:25:6f:02:10:59:e3:ef:e4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2f6bc8f163af49c03d9ad69e716b42c5b96ee79
Validity
Not Before: Jan 1 21:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8afbcadab1f70dad1715bd02b4f23af9cf23f62c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b1:35:e1:7e:51:bd:41:07:1b:a9:1e:6a:28:
4d:92:a8:c7:10:78:7b:b8:c6:b3:43:d9:43:e7:73:
75:ca:3b:27:04:e4:48:36:bf:af:8a:b3:0a:15:f6:
4b:5f:8a:ae:1e:09:1f:73:60:64:59:47:c5:16:73:
0e:bf:18:f5:95:56:67:8c:9f:4d:61:61:79:17:ef:
5c:b8:d1:41:5d:83:2f:fb:ab:6f:47:55:16:96:6e:
2a:c6:cb:e1:d1:ab:b3:a1:2e:1d:39:b5:00:f7:b2:
0e:ee:16:46:fd:af:5f:75:cb:2b:70:2f:e4:9a:a9:
7f:83:fa:30:e6:8a:6d:83:2d:e2:23:4d:89:4d:66:
b4:f9:74:bb:e4:10:7e:87:35:6d:de:15:ca:a8:8b:
07:28:14:6f:e1:76:0b:17:d1:a7:ac:1d:dd:d1:2f:
e2:97:0d:c0:01:50:43:17:16:02:c1:45:f9:02:dc:
0a:1d:be:bb:35:f0:de:96:cb:e1:fa:24:6e:42:1c:
d3:a5:fa:19:32:07:6f:20:7e:c9:a8:06:c9:0c:98:
a3:74:a1:52:c6:4d:1e:79:c7:04:da:a9:ce:96:5f:
0b:3e:fc:af:2e:14:dc:5e:c7:87:5e:86:20:ce:26:
92:28:3f:a5:5a:0f:1e:ac:9c:3e:19:5f:b4:98:a4:
85:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:FB:CA:DA:B1:F7:0D:AD:17:15:BD:02:B4:F2:3A:F9:CF:23:F6:2C
X509v3 Authority Key Identifier:
keyid:A2:F6:BC:8F:16:3A:F4:9C:03:D9:AD:69:E7:16:B4:2C:5B:96:EE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ova8jxY69JwD2a1p5xa0LFuW7nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/ivvK2rH3Da0XFb0CtPI6-c8j9iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/ova8jxY69JwD2a1p5xa0LFuW7nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.170.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:b2:76:ce:75:d3:85:5a:d7:5a:55:c4:15:c4:54:f4:15:47:
a8:51:f6:94:28:19:63:d3:00:ea:4b:8f:4d:a3:95:91:e3:d5:
33:a7:aa:69:e8:d0:70:cb:f1:70:31:1d:b5:de:c9:7d:cf:33:
2f:ed:8a:f2:be:2e:90:54:19:e3:a7:e2:41:8a:65:4c:6f:19:
d5:b7:1d:0f:1d:d1:10:44:26:6b:7e:59:9c:71:d6:af:7d:a0:
3b:82:9d:8d:a1:cb:90:14:07:6f:fd:ea:04:05:1b:d8:ac:cb:
09:1b:6c:c7:5b:e8:2a:03:fe:de:80:59:f7:cc:43:91:59:16:
ea:54:16:2e:b8:68:ce:1c:55:53:3e:ee:3f:37:f3:a1:d1:5b:
7f:3d:69:e8:f9:32:8a:77:55:bb:4a:7d:be:b5:ab:fb:ff:b2:
87:3c:e3:2e:4c:25:78:e2:15:ee:a7:79:9b:37:94:42:b6:5a:
ff:46:e2:17:28:75:67:93:44:7a:94:29:a9:c3:25:6b:54:68:
20:1c:a7:d4:a4:f9:c9:c0:82:1a:5e:45:8a:a3:25:43:56:0e:
e8:07:05:ea:89:06:29:dc:fc:ee:87:45:b9:c1:53:4e:34:0f:
80:a4:ff:28:66:fd:36:58:6b:a2:23:f9:8d:24:ad:ce:42:e2:
8a:c1:dc:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj2Abq9H0jJW8CEFnj7+QzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZjZiYzhmMTYzYWY0OWMwM2Q5YWQ2OWU3MTZiNDJjNWI5
NmVlNzkwHhcNMjUwMTAxMjE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWZiY2FkYWIxZjcwZGFkMTcxNWJkMDJiNGYyM2FmOWNmMjNmNjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrE14X5RvUEHG6keaihNkqjHEHh7
uMazQ9lD53N1yjsnBORINr+virMKFfZLX4quHgkfc2BkWUfFFnMOvxj1lVZnjJ9N
YWF5F+9cuNFBXYMv+6tvR1UWlm4qxsvh0auzoS4dObUA97IO7hZG/a9fdcsrcC/k
mql/g/ow5optgy3iI02JTWa0+XS75BB+hzVt3hXKqIsHKBRv4XYLF9GnrB3d0S/i
lw3AAVBDFxYCwUX5AtwKHb67NfDelsvh+iRuQhzTpfoZMgdvIH7JqAbJDJijdKFS
xk0eeccE2qnOll8LPvyvLhTcXseHXoYgziaSKD+lWg8erJw+GV+0mKSFoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIr7ytqx9w2tFxW9ArTyOvnPI/YsMB8GA1UdIwQY
MBaAFKL2vI8WOvScA9mtaecWtCxblu55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3ZhOGp4WTY5SndEMmExcDV4YTBMRnVXN25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yODUxYjYtMmU2NS00ODU5LTljMDUt
NTA2YmI2YzY3OWNlLzEvaXZ2SzJySDNEYTBYRmIwQ3RQSTYtYzhqOWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yODUxYjYtMmU2NS00ODU5LTljMDUtNTA2YmI2YzY3OWNl
LzEvb3ZhOGp4WTY5SndEMmExcDV4YTBMRnVXN25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhOqMA0G
CSqGSIb3DQEBCwUAA4IBAQBOsnbOddOFWtdaVcQVxFT0FUeoUfaUKBlj0wDqS49N
o5WR49Uzp6pp6NBwy/FwMR213sl9zzMv7Yryvi6QVBnjp+JBimVMbxnVtx0PHdEQ
RCZrflmccdavfaA7gp2NocuQFAdv/eoEBRvYrMsJG2zHW+gqA/7egFn3zEORWRbq
VBYuuGjOHFVTPu4/N/Oh0Vt/PWno+TKKd1W7Sn2+tav7/7KHPOMuTCV44hXup3mb
N5RCtlr/RuIXKHVnk0R6lCmpwyVrVGggHKfUpPnJwIIaXkWKoyVDVg7oBwXqiQYp
3Pzuh0W5wVNONA+ApP8oZv02WGuiI/mNJK3OQuKKwdzP
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:53:57 2025 by rpki-client