Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/8e1b5d-77b5-43b6-9f0a-3e171bd5efc3/1/A686dK34fRH4XV7lhtzyo_r8xjQ.roa
File: A686dK34fRH4XV7lhtzyo_r8xjQ.roa (raw, json)
Hash identifier: fjmXA+BpDofrKfIqOf+XgCqDOe65SXTrak4b/qLgrYo=
Subject key identifier: 03:AF:3A:74:AD:F8:7D:11:F8:5D:5E:E5:86:DC:F2:A3:FA:FC:C6:34
Certificate issuer: /CN=8007a958e6b3dfd78da350b103d3b9027e0fe3f0
Certificate serial: 0193967943E461076B95080F4BD557BF669F
Authority key identifier: 80:07:A9:58:E6:B3:DF:D7:8D:A3:50:B1:03:D3:B9:02:7E:0F:E3:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gAepWOaz39eNo1CxA9O5An4P4_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/8e1b5d-77b5-43b6-9f0a-3e171bd5efc3/1/A686dK34fRH4XV7lhtzyo_r8xjQ.roa
Signing time: Thu 05 Dec 2024 10:59:09 +0000
ROA not before: Thu 05 Dec 2024 10:59:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60345
IP address blocks: 46.18.110.0/24 maxlen: 24
91.228.135.0/24 maxlen: 24
2a11:8f00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:79:43:e4:61:07:6b:95:08:0f:4b:d5:57:bf:66:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8007a958e6b3dfd78da350b103d3b9027e0fe3f0
Validity
Not Before: Dec 5 10:59:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03af3a74adf87d11f85d5ee586dcf2a3fafcc634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9e:a7:81:47:25:05:a7:89:25:56:f5:72:75:
62:d9:42:9f:32:a1:64:63:d8:ac:86:b0:2a:c2:0b:
f6:b4:b6:58:78:77:07:f6:9b:be:32:e7:52:69:e3:
cd:52:b0:e7:1e:0d:d3:21:db:d4:3c:2a:b7:03:fd:
c1:36:84:95:4c:65:4a:6d:d0:d4:be:77:49:1d:51:
37:4c:69:30:7b:ab:2f:6e:68:9b:1d:5a:da:8a:8d:
ff:64:d8:e6:70:a3:d1:a1:e3:2a:a6:55:cc:37:15:
e8:cd:f3:02:ae:5e:24:d5:2d:f2:9b:11:79:92:91:
db:c2:68:03:fc:7d:a8:7d:e4:41:00:3b:14:70:b0:
72:cd:93:4f:96:c9:1f:19:72:cf:c0:19:f0:e7:02:
6f:7d:c9:79:d6:ab:d0:a2:bd:3c:74:66:9b:92:1e:
ac:09:0c:b7:02:1c:ee:73:73:95:0e:4f:37:48:65:
b8:85:49:04:df:22:a1:12:3a:5a:00:b9:a6:78:40:
5a:2c:a1:ac:6b:15:89:6c:ee:85:22:9f:eb:02:8e:
bf:c1:24:e5:39:97:6a:38:05:4d:44:ed:2a:29:b5:
19:17:6c:e8:ed:51:b2:e4:12:ec:ba:ba:ba:2d:6a:
b9:eb:e2:54:20:b5:b5:b6:72:a4:df:89:07:4a:d7:
d7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:AF:3A:74:AD:F8:7D:11:F8:5D:5E:E5:86:DC:F2:A3:FA:FC:C6:34
X509v3 Authority Key Identifier:
keyid:80:07:A9:58:E6:B3:DF:D7:8D:A3:50:B1:03:D3:B9:02:7E:0F:E3:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gAepWOaz39eNo1CxA9O5An4P4_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8e1b5d-77b5-43b6-9f0a-3e171bd5efc3/1/A686dK34fRH4XV7lhtzyo_r8xjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/8e1b5d-77b5-43b6-9f0a-3e171bd5efc3/1/gAepWOaz39eNo1CxA9O5An4P4_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.110.0/24
91.228.135.0/24
IPv6:
2a11:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
8b:99:e9:58:9b:a7:3e:49:85:bb:bd:b8:a8:2f:0a:30:4e:33:
54:08:c5:9d:28:1d:f2:0f:61:00:23:ae:64:4d:56:29:5d:b9:
67:04:36:0a:ec:f9:d5:c0:7a:58:9c:97:58:52:dc:d9:42:98:
05:4f:d4:aa:97:7d:f3:6d:ff:a0:60:cb:b0:60:5c:9f:c0:f4:
ba:b7:27:9b:30:84:2a:3b:cf:26:0a:a1:6c:b6:5f:59:0a:25:
a9:08:82:df:d3:1d:99:a5:62:dc:c1:ce:d4:27:16:3c:bb:e0:
9c:e2:96:d9:5b:69:52:c7:a4:74:c2:1a:3e:69:ba:53:64:83:
34:33:49:5e:bc:94:bd:72:0a:ea:b8:97:8a:f8:c4:42:55:b3:
81:8f:f3:cf:c3:97:07:c1:36:dd:98:a3:38:d7:3a:52:33:cb:
82:08:f8:d8:9c:6d:1c:b5:14:0e:3e:ec:e4:6e:d7:ca:2c:bb:
65:57:c8:cc:85:d1:42:67:fe:7b:8b:e5:ad:f9:38:49:0e:57:
e0:70:26:0c:b9:1f:97:3b:e8:ed:27:24:15:08:5b:7b:4a:4b:
ee:0a:2e:82:5e:13:7c:4c:38:ad:5c:e9:f3:c2:88:27:03:9d:
18:0c:48:cc:47:9c:7e:d7:36:75:53:52:fa:ac:48:80:f1:46:
f0:78:d4:be
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZOWeUPkYQdrlQgPS9VXv2afMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMDdhOTU4ZTZiM2RmZDc4ZGEzNTBiMTAzZDNiOTAyN2Uw
ZmUzZjAwHhcNMjQxMjA1MTA1OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2FmM2E3NGFkZjg3ZDExZjg1ZDVlZTU4NmRjZjJhM2ZhZmNjNjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA256ngUclBaeJJVb1cnVi2UKfMqFk
Y9ishrAqwgv2tLZYeHcH9pu+MudSaePNUrDnHg3TIdvUPCq3A/3BNoSVTGVKbdDU
vndJHVE3TGkwe6svbmibHVraio3/ZNjmcKPRoeMqplXMNxXozfMCrl4k1S3ymxF5
kpHbwmgD/H2ofeRBADsUcLByzZNPlskfGXLPwBnw5wJvfcl51qvQor08dGabkh6s
CQy3Ahzuc3OVDk83SGW4hUkE3yKhEjpaALmmeEBaLKGsaxWJbO6FIp/rAo6/wSTl
OZdqOAVNRO0qKbUZF2zo7VGy5BLsurq6LWq56+JUILW1tnKk34kHStfXywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAOvOnSt+H0R+F1e5Ybc8qP6/MY0MB8GA1UdIwQY
MBaAFIAHqVjms9/XjaNQsQPTuQJ+D+PwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0FlcFdPYXozOWVObzFDeEE5TzVBbjRQNF9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy84ZTFiNWQtNzdiNS00M2I2LTlmMGEt
M2UxNzFiZDVlZmMzLzEvQTY4NmRLMzRmUkg0WFY3bGh0enlvX3I4eGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy84ZTFiNWQtNzdiNS00M2I2LTlmMGEtM2UxNzFiZDVlZmMz
LzEvZ0FlcFdPYXozOWVObzFDeEE5TzVBbjRQNF9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALhJuAwQA
W+SHMA0EAgACMAcDBQMqEY8AMA0GCSqGSIb3DQEBCwUAA4IBAQCLmelYm6c+SYW7
vbioLwowTjNUCMWdKB3yD2EAI65kTVYpXblnBDYK7PnVwHpYnJdYUtzZQpgFT9Sq
l33zbf+gYMuwYFyfwPS6tyebMIQqO88mCqFstl9ZCiWpCILf0x2ZpWLcwc7UJxY8
u+Cc4pbZW2lSx6R0who+abpTZIM0M0levJS9cgrquJeK+MRCVbOBj/PPw5cHwTbd
mKM41zpSM8uCCPjYnG0ctRQOPuzkbtfKLLtlV8jMhdFCZ/57i+Wt+ThJDlfgcCYM
uR+XO+jtJyQVCFt7SkvuCi6CXhN8TDitXOnzwognA50YDEjMR5x+1zZ1U1L6rEiA
8UbweNS+
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:17 2025 by rpki-client