Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/2G8qCYpoVtySgAcA2OeugnFiYio.roa
File: 2G8qCYpoVtySgAcA2OeugnFiYio.roa (raw, json)
Hash identifier: 4y9U4HthBDvGesI1zzlV+POhFy0POzpyZENkuQTD5Jg=
Subject key identifier: D8:6F:2A:09:8A:68:56:DC:92:80:07:00:D8:E7:AE:82:71:62:62:2A
Certificate issuer: /CN=68c6adf8eecabc1052e1f783d3bce4a1c5db5410
Certificate serial: 0194266BC06777B12BA496DFD7ECA5E551C6
Authority key identifier: 68:C6:AD:F8:EE:CA:BC:10:52:E1:F7:83:D3:BC:E4:A1:C5:DB:54:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMat-O7KvBBS4feD07zkocXbVBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/2G8qCYpoVtySgAcA2OeugnFiYio.roa
Signing time: Thu 02 Jan 2025 09:49:43 +0000
ROA not before: Thu 02 Jan 2025 09:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51795
IP address blocks: 46.18.240.0/21 maxlen: 21
46.18.240.0/23 maxlen: 28
46.18.241.0/24 maxlen: 24
46.18.242.0/24 maxlen: 24
46.18.243.0/24 maxlen: 24
46.18.244.0/24 maxlen: 24
46.18.245.0/24 maxlen: 24
46.18.246.0/24 maxlen: 24
46.18.247.0/24 maxlen: 24
185.25.36.0/24 maxlen: 24
185.25.37.0/24 maxlen: 24
185.25.38.0/24 maxlen: 24
185.25.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c0:67:77:b1:2b:a4:96:df:d7:ec:a5:e5:51:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c6adf8eecabc1052e1f783d3bce4a1c5db5410
Validity
Not Before: Jan 2 09:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d86f2a098a6856dc92800700d8e7ae827162622a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c2:81:68:63:7d:3b:a4:0d:94:da:33:7c:fb:
37:1c:6c:bb:ff:2c:e2:05:1c:3e:6a:43:64:be:7a:
7e:d2:55:bd:fc:c8:e3:62:03:14:db:4d:ab:c0:27:
c0:6d:3f:88:bb:c5:f6:ee:af:14:21:96:0a:c5:23:
d6:7e:c6:67:32:4a:bc:5f:76:23:18:6f:c5:47:f7:
7f:bf:b2:37:01:e9:e1:e0:a0:c3:e4:96:89:40:13:
ea:f9:8d:22:c8:fb:88:90:42:fa:23:cf:70:0b:d2:
3e:71:87:0c:71:1f:5c:ae:bf:c6:2d:cb:87:12:12:
c1:4f:65:39:99:fe:95:6c:c3:66:b4:5a:b0:73:11:
ca:f2:af:22:f3:f8:e3:7f:1d:6f:f2:4f:86:f1:b0:
a6:07:cc:bf:2f:84:e0:b7:59:85:30:e0:34:0c:93:
bd:2f:ee:34:4c:b4:f4:3c:52:ae:b0:ee:09:db:10:
a7:aa:65:b9:12:b0:33:0c:73:2e:64:a9:00:2f:66:
1e:f9:e6:00:80:af:a5:51:e6:a1:b0:b0:67:8c:96:
32:b6:85:86:5b:e8:eb:77:4b:af:bc:9d:f2:66:ba:
9e:96:c0:0c:ca:03:08:0b:76:88:39:60:c1:f0:64:
9a:37:b2:ae:e4:24:8e:24:9c:2f:53:f1:ec:95:dd:
1e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6F:2A:09:8A:68:56:DC:92:80:07:00:D8:E7:AE:82:71:62:62:2A
X509v3 Authority Key Identifier:
keyid:68:C6:AD:F8:EE:CA:BC:10:52:E1:F7:83:D3:BC:E4:A1:C5:DB:54:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMat-O7KvBBS4feD07zkocXbVBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/2G8qCYpoVtySgAcA2OeugnFiYio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/e5d869-30bc-4465-bd6f-4773b6669716/1/aMat-O7KvBBS4feD07zkocXbVBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.240.0/21
185.25.36.0/22
Signature Algorithm: sha256WithRSAEncryption
55:76:ae:70:d4:79:89:2a:af:dd:08:09:64:e7:ce:a4:78:97:
8a:6e:51:44:7b:87:79:10:5c:93:e3:92:e9:be:2e:3a:a3:5f:
8f:70:83:c5:43:0a:d3:1e:e6:3a:b2:29:80:e3:7c:fd:6d:27:
9c:12:09:d3:b6:b3:45:94:b5:77:2d:74:ff:74:06:4f:3b:31:
07:20:9b:2d:c0:a9:14:4a:94:ec:ba:bf:43:38:93:7a:8b:7d:
94:49:54:6f:39:b8:45:db:e6:16:e8:58:46:68:72:c4:9f:75:
89:8a:0a:bc:dd:7e:28:1c:fe:9c:d5:c6:4d:c7:c7:24:25:b5:
2a:43:04:cf:04:60:ed:44:22:b4:84:90:f7:4c:ea:62:19:53:
22:84:2e:bd:02:29:7e:fe:44:21:e2:f0:9c:22:1b:73:fd:66:
d1:78:4f:92:a2:62:9c:38:a9:4f:16:f3:78:16:7d:a6:6c:d7:
6e:e8:49:d3:d4:91:50:dd:7c:7e:22:8e:15:9a:64:05:98:e2:
22:ee:48:fa:35:32:d5:be:d0:3e:85:20:f2:65:36:5e:a7:ed:
86:06:1b:81:70:f2:3d:87:16:a6:e2:35:ef:bf:f7:73:59:9d:
86:65:d6:99:b1:99:42:61:bc:d5:a8:7b:c2:7e:a1:f8:c7:cc:
a1:81:8a:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQma8Bnd7ErpJbf1+yl5VHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzZhZGY4ZWVjYWJjMTA1MmUxZjc4M2QzYmNlNGExYzVk
YjU0MTAwHhcNMjUwMTAyMDk0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZmMmEwOThhNjg1NmRjOTI4MDA3MDBkOGU3YWU4MjcxNjI2MjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcKBaGN9O6QNlNozfPs3HGy7/yzi
BRw+akNkvnp+0lW9/MjjYgMU202rwCfAbT+Iu8X27q8UIZYKxSPWfsZnMkq8X3Yj
GG/FR/d/v7I3Aenh4KDD5JaJQBPq+Y0iyPuIkEL6I89wC9I+cYcMcR9crr/GLcuH
EhLBT2U5mf6VbMNmtFqwcxHK8q8i8/jjfx1v8k+G8bCmB8y/L4Tgt1mFMOA0DJO9
L+40TLT0PFKusO4J2xCnqmW5ErAzDHMuZKkAL2Ye+eYAgK+lUeahsLBnjJYytoWG
W+jrd0uvvJ3yZrqelsAMygMIC3aIOWDB8GSaN7Ku5CSOJJwvU/Hsld0eYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNhvKgmKaFbckoAHANjnroJxYmIqMB8GA1UdIwQY
MBaAFGjGrfjuyrwQUuH3g9O85KHF21QQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1hdC1PN0t2QkJTNGZlRDA3emtvY1hiVkJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9lNWQ4NjktMzBiYy00NDY1LWJkNmYt
NDc3M2I2NjY5NzE2LzEvMkc4cUNZcG9WdHlTZ0FjQTJPZXVnbkZpWWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9lNWQ4NjktMzBiYy00NDY1LWJkNmYtNDc3M2I2NjY5NzE2
LzEvYU1hdC1PN0t2QkJTNGZlRDA3emtvY1hiVkJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLhLwAwQC
uRkkMA0GCSqGSIb3DQEBCwUAA4IBAQBVdq5w1HmJKq/dCAlk586keJeKblFEe4d5
EFyT45Lpvi46o1+PcIPFQwrTHuY6simA43z9bSecEgnTtrNFlLV3LXT/dAZPOzEH
IJstwKkUSpTsur9DOJN6i32USVRvObhF2+YW6FhGaHLEn3WJigq83X4oHP6c1cZN
x8ckJbUqQwTPBGDtRCK0hJD3TOpiGVMihC69Ail+/kQh4vCcIhtz/WbReE+SomKc
OKlPFvN4Fn2mbNdu6EnT1JFQ3Xx+Io4VmmQFmOIi7kj6NTLVvtA+hSDyZTZep+2G
BhuBcPI9hxam4jXvv/dzWZ2GZdaZsZlCYbzVqHvCfqH4x8yhgYpS
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:48 2025 by rpki-client