Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/CTW2I-pAMhetnqTMRdW1ETj4WkQ.roa
File: CTW2I-pAMhetnqTMRdW1ETj4WkQ.roa (raw, json)
Hash identifier: HPNa8JJq+ixiIhu5Y0bOrA86OWLXYf7lOQHchP5Hzsg=
Subject key identifier: 09:35:B6:23:EA:40:32:17:AD:9E:A4:CC:45:D5:B5:11:38:F8:5A:44
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 018B1E2A142611CB7A6AB290D2E60A9BB301
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/CTW2I-pAMhetnqTMRdW1ETj4WkQ.roa
Signing time: Wed 11 Oct 2023 09:55:55 +0000
ROA not before: Wed 11 Oct 2023 09:55:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5511
IP address blocks: 176.118.34.0/24 maxlen: 24
46.226.125.0/24 maxlen: 24
185.21.131.0/24 maxlen: 24
185.248.135.0/24 maxlen: 24
185.25.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:2a:14:26:11:cb:7a:6a:b2:90:d2:e6:0a:9b:b3:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Oct 11 09:55:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0935b623ea403217ad9ea4cc45d5b51138f85a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d1:c3:24:98:19:4b:45:83:e1:e3:84:94:46:
9e:7b:0f:49:8a:f3:25:94:bd:95:80:e6:66:9e:70:
ac:05:42:86:7e:66:c9:56:fa:e9:6a:1e:5c:ad:12:
93:ee:ee:7b:48:54:71:b5:48:01:4c:78:8d:9a:45:
97:5e:cf:ba:f7:0c:3d:64:7c:a5:56:d1:5d:b8:f6:
2f:f7:02:23:cd:da:b3:84:a7:16:aa:ea:f1:62:3b:
2f:6e:83:5e:50:33:63:bc:1c:0f:ca:cc:82:0e:4b:
59:10:cd:01:77:39:18:c0:30:d7:71:4e:6d:52:0e:
03:29:52:eb:c4:66:9c:37:09:a5:94:2d:b0:34:99:
f8:66:b9:d5:43:1f:32:95:b6:76:7e:54:fb:b5:04:
eb:c8:a1:02:fa:41:a7:db:1b:1d:0c:82:c6:f3:1d:
49:6f:21:67:c3:22:b3:3c:84:73:c9:56:09:da:3f:
24:17:4d:d6:f2:81:75:5d:e6:a7:6d:82:d4:5d:9a:
b3:df:0a:b9:d6:03:98:67:f1:81:02:5f:89:9b:d6:
29:62:bf:4a:83:91:c7:f8:7a:63:39:bd:e8:a0:90:
45:1b:b0:8b:85:b1:46:65:85:7c:0b:a8:d1:36:f8:
6e:9d:d7:66:2f:e3:58:9b:df:a9:4f:91:91:dd:17:
38:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:35:B6:23:EA:40:32:17:AD:9E:A4:CC:45:D5:B5:11:38:F8:5A:44
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/CTW2I-pAMhetnqTMRdW1ETj4WkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.125.0/24
176.118.34.0/24
185.21.131.0/24
185.25.104.0/24
185.248.135.0/24
Signature Algorithm: sha256WithRSAEncryption
10:2a:f7:39:ca:a5:26:0a:6b:20:2c:19:a1:89:a1:9b:ed:82:
83:0f:c9:75:53:36:fa:33:5b:1b:36:56:21:6c:4b:15:a4:d0:
ad:90:e7:11:f0:0b:32:c8:bf:51:ba:91:a3:6a:ad:aa:ac:10:
b4:9c:50:f0:06:3a:d7:a4:e9:b7:90:b7:5b:44:55:57:cb:c8:
9b:63:e5:fa:26:8a:be:d5:67:66:b5:c4:b1:a9:13:b3:0b:f3:
09:88:fa:58:fc:43:6d:ce:33:66:d4:6a:77:ee:4b:94:4c:71:
21:6d:04:8e:61:ba:df:df:95:10:30:85:08:6f:05:dd:6b:3e:
1b:eb:5e:bb:e0:fb:61:48:c2:b0:ba:24:dd:6e:ee:4f:14:c4:
d9:3d:68:05:a1:a4:78:9d:fb:24:af:cf:03:12:d3:4d:ad:55:
35:2a:3f:89:77:50:17:40:a2:5e:46:aa:73:ec:d6:8a:99:4e:
55:28:04:10:a7:52:08:5f:aa:31:52:ee:3d:83:2c:3a:70:4b:
47:6a:28:c1:54:f0:86:38:9f:dc:e5:58:c2:c6:4e:ca:2f:ec:
3d:b7:b2:26:0f:ea:cf:6d:08:d9:d7:e5:9d:d9:80:4d:19:38:
5b:71:ec:a5:d6:09:1a:e0:91:9c:ec:aa:1c:90:46:17:58:34:
ff:a9:86:32
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYseKhQmEct6arKQ0uYKm7MBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjMxMDExMDk1NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTM1YjYyM2VhNDAzMjE3YWQ5ZWE0Y2M0NWQ1YjUxMTM4Zjg1YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNHDJJgZS0WD4eOElEaeew9JivMl
lL2VgOZmnnCsBUKGfmbJVvrpah5crRKT7u57SFRxtUgBTHiNmkWXXs+69ww9ZHyl
VtFduPYv9wIjzdqzhKcWqurxYjsvboNeUDNjvBwPysyCDktZEM0BdzkYwDDXcU5t
Ug4DKVLrxGacNwmllC2wNJn4ZrnVQx8ylbZ2flT7tQTryKEC+kGn2xsdDILG8x1J
byFnwyKzPIRzyVYJ2j8kF03W8oF1XeanbYLUXZqz3wq51gOYZ/GBAl+Jm9YpYr9K
g5HH+HpjOb3ooJBFG7CLhbFGZYV8C6jRNvhunddmL+NYm9+pT5GR3Rc4mQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAk1tiPqQDIXrZ6kzEXVtRE4+FpEMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvQ1RXMkktcEFNaGV0bnFUTVJkVzFFVGo0V2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALuJ9AwQA
sHYiAwQAuRWDAwQAuRloAwQAufiHMA0GCSqGSIb3DQEBCwUAA4IBAQAQKvc5yqUm
CmsgLBmhiaGb7YKDD8l1Uzb6M1sbNlYhbEsVpNCtkOcR8AsyyL9RupGjaq2qrBC0
nFDwBjrXpOm3kLdbRFVXy8ibY+X6Joq+1WdmtcSxqROzC/MJiPpY/ENtzjNm1Gp3
7kuUTHEhbQSOYbrf35UQMIUIbwXdaz4b61674PthSMKwuiTdbu5PFMTZPWgFoaR4
nfskr88DEtNNrVU1Kj+Jd1AXQKJeRqpz7NaKmU5VKAQQp1IIX6oxUu49gyw6cEtH
aijBVPCGOJ/c5VjCxk7KL+w9t7ImD+rPbQjZ1+Wd2YBNGThbceyl1gka4JGc7Koc
kEYXWDT/qYYy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:11 2025 by rpki-client