Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/dTkxMcCeXxHSlbzmXrq1h_yjEwQ.roa
File: dTkxMcCeXxHSlbzmXrq1h_yjEwQ.roa (raw, json)
Hash identifier: 6lLAKycVqxafwfSe9RpEl78tE7gClRO25WKnwVEGabY=
Subject key identifier: 75:39:31:31:C0:9E:5F:11:D2:95:BC:E6:5E:BA:B5:87:FC:A3:13:04
Certificate issuer: /CN=8f6d2ac9b68c32711f7e87fde5234584f5bcf4f2
Certificate serial: 01942143F0F272F3D128AE9EDDC9A1C19DEE
Authority key identifier: 8F:6D:2A:C9:B6:8C:32:71:1F:7E:87:FD:E5:23:45:84:F5:BC:F4:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j20qybaMMnEffof95SNFhPW89PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/dTkxMcCeXxHSlbzmXrq1h_yjEwQ.roa
Signing time: Wed 01 Jan 2025 09:48:08 +0000
ROA not before: Wed 01 Jan 2025 09:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198291
IP address blocks: 46.232.136.0/21 maxlen: 24
46.232.136.0/24 maxlen: 24
46.232.137.0/24 maxlen: 24
46.232.138.0/24 maxlen: 24
46.232.139.0/24 maxlen: 24
46.232.140.0/24 maxlen: 24
46.232.141.0/24 maxlen: 24
46.232.142.0/24 maxlen: 24
46.232.143.0/24 maxlen: 24
185.124.44.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f0:f2:72:f3:d1:28:ae:9e:dd:c9:a1:c1:9d:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f6d2ac9b68c32711f7e87fde5234584f5bcf4f2
Validity
Not Before: Jan 1 09:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75393131c09e5f11d295bce65ebab587fca31304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f9:ed:f6:67:7e:f9:d1:a2:8a:d0:4e:30:3b:
c7:c7:67:02:c6:ef:50:e9:f9:89:72:e5:da:ae:a8:
b2:77:83:a8:14:70:24:b6:7a:41:2a:d8:e5:79:35:
c0:41:9f:49:64:e3:d0:1f:50:ea:fe:ca:5a:bc:b5:
89:5b:84:f5:41:b2:ad:36:96:46:29:8d:67:4b:37:
21:67:fa:6c:8e:53:fc:a2:8b:10:a7:b5:2c:77:74:
c2:10:02:36:2d:ef:e9:53:51:b1:eb:8a:10:57:02:
2f:0d:90:3f:d7:32:b2:02:dc:5e:00:a6:37:f8:49:
5f:94:af:37:30:47:92:68:9b:36:7d:ef:41:64:5a:
cd:aa:3b:e9:c7:d5:09:80:d2:3b:96:90:6c:6c:e4:
b9:5c:cb:01:b8:5c:2d:b9:ff:cf:60:5a:d0:f7:96:
54:93:9b:9d:0a:d3:ae:51:aa:e0:cb:1f:c2:5e:19:
b0:b0:b3:46:ca:e7:df:4e:25:56:a3:5a:35:4f:c4:
cd:d4:87:16:25:91:81:5f:34:2c:7e:00:00:91:10:
97:7a:de:4d:a9:40:85:71:45:8a:86:ea:fc:49:c1:
89:16:4a:87:df:4f:33:61:6d:80:bd:8b:81:9e:12:
7f:c0:de:75:35:c9:c7:b2:c5:88:85:e6:dd:c6:47:
52:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:39:31:31:C0:9E:5F:11:D2:95:BC:E6:5E:BA:B5:87:FC:A3:13:04
X509v3 Authority Key Identifier:
keyid:8F:6D:2A:C9:B6:8C:32:71:1F:7E:87:FD:E5:23:45:84:F5:BC:F4:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j20qybaMMnEffof95SNFhPW89PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/dTkxMcCeXxHSlbzmXrq1h_yjEwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/e78ee1-0a2a-46c9-9769-f94f084b1ee7/1/j20qybaMMnEffof95SNFhPW89PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.136.0/21
185.124.44.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:08:3c:d8:c7:53:90:b7:c2:96:50:d2:4c:1f:4e:c3:d8:1e:
cb:77:ed:c2:76:80:7a:20:8a:f3:53:d6:27:44:71:25:de:81:
55:f2:27:38:a6:b9:c0:89:80:d8:df:8c:8d:65:78:46:4d:3c:
b7:ed:b8:fe:42:52:a9:48:bc:ab:c4:8a:a3:45:04:2c:b8:7e:
9f:f4:c3:c7:7c:06:28:35:71:85:8a:11:92:d2:3c:f6:fd:6e:
bb:7a:6a:74:de:ee:4e:1a:ec:88:4c:89:10:bf:5a:88:d6:01:
78:33:1f:96:7c:0e:3e:8f:1c:46:aa:40:c6:92:a9:f8:a8:04:
f7:4b:e0:c8:35:ef:a1:87:6c:87:6e:d2:fb:d6:ea:48:bd:5d:
da:0e:c7:8c:f5:b7:b5:5c:0c:d9:02:f5:01:5a:47:33:b9:ce:
dd:1e:ab:2f:68:0f:56:42:fa:1f:e6:07:07:a9:b2:9a:52:ad:
16:78:03:62:d4:e2:ce:53:6f:f0:0b:29:45:ef:f7:65:1c:b1:
21:6f:93:b8:38:1f:ce:0e:8c:ff:16:dc:fa:33:8b:ad:75:40:
9b:e9:c5:f9:96:e1:8c:5f:5d:7d:2c:e6:5e:ef:c0:65:19:31:
02:88:69:67:4f:c7:5b:b0:d1:86:12:b3:c5:00:9c:1a:44:ce:
6a:e3:17:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ/DycvPRKK6e3cmhwZ3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNmQyYWM5YjY4YzMyNzExZjdlODdmZGU1MjM0NTg0ZjVi
Y2Y0ZjIwHhcNMjUwMTAxMDk0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTM5MzEzMWMwOWU1ZjExZDI5NWJjZTY1ZWJhYjU4N2ZjYTMxMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPnt9md++dGiitBOMDvHx2cCxu9Q
6fmJcuXarqiyd4OoFHAktnpBKtjleTXAQZ9JZOPQH1Dq/spavLWJW4T1QbKtNpZG
KY1nSzchZ/psjlP8oosQp7Usd3TCEAI2Le/pU1Gx64oQVwIvDZA/1zKyAtxeAKY3
+ElflK83MEeSaJs2fe9BZFrNqjvpx9UJgNI7lpBsbOS5XMsBuFwtuf/PYFrQ95ZU
k5udCtOuUargyx/CXhmwsLNGyuffTiVWo1o1T8TN1IcWJZGBXzQsfgAAkRCXet5N
qUCFcUWKhur8ScGJFkqH308zYW2AvYuBnhJ/wN51NcnHssWIhebdxkdSRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHU5MTHAnl8R0pW85l66tYf8oxMEMB8GA1UdIwQY
MBaAFI9tKsm2jDJxH36H/eUjRYT1vPTyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajIwcXliYU1NbkVmZm9mOTVTTkZoUFc4OVBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9lNzhlZTEtMGEyYS00NmM5LTk3Njkt
Zjk0ZjA4NGIxZWU3LzEvZFRreE1jQ2VYeEhTbGJ6bVhycTFoX3lqRXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9lNzhlZTEtMGEyYS00NmM5LTk3NjktZjk0ZjA4NGIxZWU3
LzEvajIwcXliYU1NbkVmZm9mOTVTTkZoUFc4OVBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLuiIAwQC
uXwsMA0GCSqGSIb3DQEBCwUAA4IBAQArCDzYx1OQt8KWUNJMH07D2B7Ld+3CdoB6
IIrzU9YnRHEl3oFV8ic4prnAiYDY34yNZXhGTTy37bj+QlKpSLyrxIqjRQQsuH6f
9MPHfAYoNXGFihGS0jz2/W67emp03u5OGuyITIkQv1qI1gF4Mx+WfA4+jxxGqkDG
kqn4qAT3S+DINe+hh2yHbtL71upIvV3aDseM9be1XAzZAvUBWkczuc7dHqsvaA9W
Qvof5gcHqbKaUq0WeANi1OLOU2/wCylF7/dlHLEhb5O4OB/ODoz/Ftz6M4utdUCb
6cX5luGMX119LOZe78BlGTECiGlnT8dbsNGGErPFAJwaRM5q4xfR
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:00:51 2025 by rpki-client