Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/t7D4JJSP5z-u6M9bmWKtD19PybY.roa
File: t7D4JJSP5z-u6M9bmWKtD19PybY.roa (raw, json)
Hash identifier: hgEfba4+416hOF8d8xJM4ix7obkJ8g22r+oy5Y4pB5Q=
Subject key identifier: B7:B0:F8:24:94:8F:E7:3F:AE:E8:CF:5B:99:62:AD:0F:5F:4F:C9:B6
Certificate issuer: /CN=4766c6d9ad21cd4118a0448264d6fb35d55f14c0
Certificate serial: 019424B3C530E6BC6903308AA83CE0761303
Authority key identifier: 47:66:C6:D9:AD:21:CD:41:18:A0:44:82:64:D6:FB:35:D5:5F:14:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R2bG2a0hzUEYoESCZNb7NdVfFMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/t7D4JJSP5z-u6M9bmWKtD19PybY.roa
Signing time: Thu 02 Jan 2025 01:49:08 +0000
ROA not before: Thu 02 Jan 2025 01:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20694
IP address blocks: 46.30.24.0/21 maxlen: 21
185.45.110.0/23 maxlen: 23
2a02:22f0:12::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c5:30:e6:bc:69:03:30:8a:a8:3c:e0:76:13:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4766c6d9ad21cd4118a0448264d6fb35d55f14c0
Validity
Not Before: Jan 2 01:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7b0f824948fe73faee8cf5b9962ad0f5f4fc9b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0e:8a:7e:9d:df:fe:d4:5b:b7:bd:89:cd:01:
f6:e4:24:b8:12:e1:16:07:d0:02:8a:89:d9:ad:cb:
5e:ca:66:34:5c:a2:13:5c:f6:3e:a1:ec:05:28:c2:
e3:a1:1b:4d:00:b0:65:8c:5c:00:39:c4:8e:48:50:
d1:56:42:dc:62:21:a7:00:30:9c:a8:6a:99:3f:42:
36:24:e2:12:ba:02:b7:29:f5:96:25:c2:64:c8:b2:
02:77:75:ba:51:2f:19:81:3e:fd:17:47:ca:a0:cf:
00:a0:d2:94:a2:6c:a8:42:85:52:e5:8d:66:ae:7d:
17:21:7a:22:f3:0b:cc:2c:2f:de:ec:d8:81:25:dc:
27:be:d2:59:20:7a:1a:00:3d:64:47:64:ac:63:70:
a8:46:2f:ba:9b:a7:81:64:d2:5c:62:87:50:3e:92:
12:3f:bd:bf:95:19:f5:9d:3d:b4:ae:f5:2e:20:4c:
bd:c1:e6:1d:2d:b3:ba:34:84:7d:f6:8e:48:34:ba:
16:0b:7e:aa:f8:79:77:dc:57:b3:27:87:f5:c4:2d:
ef:62:92:a0:51:8d:ed:ec:b7:8c:7b:ee:5c:b9:9a:
5c:21:b7:bd:15:b1:91:44:ab:3d:2b:38:aa:67:4a:
28:3a:2f:02:88:d8:53:7e:b4:7a:22:b5:9d:1d:d4:
42:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B0:F8:24:94:8F:E7:3F:AE:E8:CF:5B:99:62:AD:0F:5F:4F:C9:B6
X509v3 Authority Key Identifier:
keyid:47:66:C6:D9:AD:21:CD:41:18:A0:44:82:64:D6:FB:35:D5:5F:14:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R2bG2a0hzUEYoESCZNb7NdVfFMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/t7D4JJSP5z-u6M9bmWKtD19PybY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/41dc75-1f32-4edd-a94c-f5ec403fdacf/1/R2bG2a0hzUEYoESCZNb7NdVfFMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.24.0/21
185.45.110.0/23
IPv6:
2a02:22f0:12::/48
Signature Algorithm: sha256WithRSAEncryption
3f:1a:11:31:dd:ed:09:ed:79:5b:6b:c3:30:51:66:82:d6:aa:
fb:26:00:ea:7d:30:9c:0c:f8:a3:12:f1:12:ba:55:e0:80:05:
fb:0d:92:64:0f:99:f2:89:d7:12:dd:51:ab:e9:82:16:22:77:
17:54:a1:38:90:1b:46:82:a1:d3:fc:e0:1e:f9:a1:7f:09:34:
ef:69:d9:30:eb:5b:a6:fa:25:fc:82:a0:41:7a:58:85:08:80:
8d:66:d5:cb:c8:0f:bd:37:be:af:55:14:06:36:c2:12:10:25:
b5:5f:59:c3:9e:27:3a:31:6a:89:eb:1b:7c:3a:31:b9:81:4c:
fd:d1:2b:01:43:38:6e:d1:b6:78:1b:ad:89:a1:96:be:46:39:
85:3e:fc:e6:62:92:0e:4a:f1:04:0d:45:88:84:4a:04:05:3c:
c2:01:ec:8a:1b:6f:b8:a7:a3:88:87:36:c8:b9:b0:0b:08:43:
4f:b1:3e:78:7f:01:e0:96:4e:2e:07:f9:87:cf:57:52:3e:9d:
7c:03:7a:83:a7:f7:6d:8d:76:a8:22:46:0b:f8:b7:1c:9a:d9:
cb:9a:a6:86:01:61:dc:ec:4d:0d:15:46:5e:bb:18:3f:bf:15:
89:f7:28:46:52:c8:41:80:4a:bb:6b:e0:40:de:8e:d6:fa:cc:
2b:75:ec:57
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQks8Uw5rxpAzCKqDzgdhMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NjZjNmQ5YWQyMWNkNDExOGEwNDQ4MjY0ZDZmYjM1ZDU1
ZjE0YzAwHhcNMjUwMTAyMDE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2IwZjgyNDk0OGZlNzNmYWVlOGNmNWI5OTYyYWQwZjVmNGZjOWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw6Kfp3f/tRbt72JzQH25CS4EuEW
B9ACionZrcteymY0XKITXPY+oewFKMLjoRtNALBljFwAOcSOSFDRVkLcYiGnADCc
qGqZP0I2JOISugK3KfWWJcJkyLICd3W6US8ZgT79F0fKoM8AoNKUomyoQoVS5Y1m
rn0XIXoi8wvMLC/e7NiBJdwnvtJZIHoaAD1kR2SsY3CoRi+6m6eBZNJcYodQPpIS
P72/lRn1nT20rvUuIEy9weYdLbO6NIR99o5INLoWC36q+Hl33FezJ4f1xC3vYpKg
UY3t7LeMe+5cuZpcIbe9FbGRRKs9KziqZ0ooOi8CiNhTfrR6IrWdHdRCMwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLew+CSUj+c/rujPW5lirQ9fT8m2MB8GA1UdIwQY
MBaAFEdmxtmtIc1BGKBEgmTW+zXVXxTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjJiRzJhMGh6VUVZb0VTQ1pOYjdOZFZmRk1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80MWRjNzUtMWYzMi00ZWRkLWE5NGMt
ZjVlYzQwM2ZkYWNmLzEvdDdENEpKU1A1ei11Nk05Ym1XS3REMTlQeWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi80MWRjNzUtMWYzMi00ZWRkLWE5NGMtZjVlYzQwM2ZkYWNm
LzEvUjJiRzJhMGh6VUVZb0VTQ1pOYjdOZFZmRk1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDLh4YAwQB
uS1uMA8EAgACMAkDBwAqAiLwABIwDQYJKoZIhvcNAQELBQADggEBAD8aETHd7Qnt
eVtrwzBRZoLWqvsmAOp9MJwM+KMS8RK6VeCABfsNkmQPmfKJ1xLdUavpghYidxdU
oTiQG0aCodP84B75oX8JNO9p2TDrW6b6JfyCoEF6WIUIgI1m1cvID703vq9VFAY2
whIQJbVfWcOeJzoxaonrG3w6MbmBTP3RKwFDOG7RtngbrYmhlr5GOYU+/OZikg5K
8QQNRYiESgQFPMIB7Iobb7ino4iHNsi5sAsIQ0+xPnh/AeCWTi4H+YfPV1I+nXwD
eoOn922NdqgiRgv4txya2cuapoYBYdzsTQ0VRl67GD+/FYn3KEZSyEGASrtr4EDe
jtb6zCt17Fc=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:09 2025 by rpki-client