Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/sYPkj1N3no6PTM91c5Pov65EAC8.roa
File: sYPkj1N3no6PTM91c5Pov65EAC8.roa (raw, json)
Hash identifier: uAS0kma3H4GS4hrLx52tm2yalQVMm9OuSp2lJZ08j2k=
Subject key identifier: B1:83:E4:8F:53:77:9E:8E:8F:4C:CF:75:73:93:E8:BF:AE:44:00:2F
Certificate issuer: /CN=be6144b459bce139f2734a44fbdb46c981329b2b
Certificate serial: 0194266C4582F9E01FD7AE8741719B2C4A25
Authority key identifier: BE:61:44:B4:59:BC:E1:39:F2:73:4A:44:FB:DB:46:C9:81:32:9B:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmFEtFm84Tnyc0pE-9tGyYEymys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/sYPkj1N3no6PTM91c5Pov65EAC8.roa
Signing time: Thu 02 Jan 2025 09:50:17 +0000
ROA not before: Thu 02 Jan 2025 09:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29007
IP address blocks: 46.182.96.0/21 maxlen: 21
78.154.64.0/19 maxlen: 19
185.9.124.0/22 maxlen: 22
217.28.144.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:45:82:f9:e0:1f:d7:ae:87:41:71:9b:2c:4a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be6144b459bce139f2734a44fbdb46c981329b2b
Validity
Not Before: Jan 2 09:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b183e48f53779e8e8f4ccf757393e8bfae44002f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:05:75:04:ac:6d:d7:04:08:bf:40:e6:f0:ca:
3c:0b:cd:63:a6:2b:da:bc:0b:e7:1a:57:9e:4e:dd:
0c:12:83:f3:7f:62:c1:60:d7:32:1e:bc:87:1b:17:
6d:22:f3:6f:9a:2e:ad:8c:a4:9b:bf:45:33:1d:d6:
32:68:49:79:f2:bc:fe:66:fe:03:9b:28:90:94:df:
8d:62:35:5a:95:93:81:50:fa:f1:bd:1e:ae:04:11:
d0:de:e8:68:ba:8b:6f:bd:b0:de:5a:5b:27:12:45:
6c:17:02:52:46:6e:20:dc:28:9a:fa:54:f2:31:a9:
7b:b5:98:00:fa:f5:6d:71:29:7a:8b:cd:14:d1:70:
53:86:34:7a:15:aa:1e:30:db:d9:61:8a:cb:11:84:
c1:c0:37:73:34:d8:d0:19:6c:89:7d:e6:42:30:c0:
16:4e:32:53:65:0b:39:9e:cf:55:b9:58:1f:03:24:
fc:6b:79:ed:89:fa:5f:fc:54:58:69:45:80:eb:f1:
03:44:30:72:03:3a:b5:46:c1:a1:fc:76:00:a4:6f:
f3:2e:bd:cf:31:a8:02:05:79:3d:f3:c2:8e:24:44:
e9:e7:e9:c3:66:a8:0a:d0:e4:16:ec:a3:f2:92:65:
d2:4b:c4:99:5d:30:81:cd:ed:fd:b2:24:e9:47:e8:
58:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:83:E4:8F:53:77:9E:8E:8F:4C:CF:75:73:93:E8:BF:AE:44:00:2F
X509v3 Authority Key Identifier:
keyid:BE:61:44:B4:59:BC:E1:39:F2:73:4A:44:FB:DB:46:C9:81:32:9B:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmFEtFm84Tnyc0pE-9tGyYEymys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/sYPkj1N3no6PTM91c5Pov65EAC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/3b84bd-133b-43d9-b9cf-17efa57b39d7/1/vmFEtFm84Tnyc0pE-9tGyYEymys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.96.0/21
78.154.64.0/19
185.9.124.0/22
217.28.144.0/20
Signature Algorithm: sha256WithRSAEncryption
4b:f7:f0:0c:fa:3f:84:0c:a8:f7:9e:de:f9:ad:99:fc:1f:66:
48:96:8b:33:e1:aa:67:fa:c3:24:97:6f:d7:05:91:12:7e:b9:
81:d5:be:69:d5:59:1f:1b:14:a1:08:c2:fa:67:fa:f5:f5:7f:
3d:2a:ca:f1:11:0a:eb:cd:b1:42:cc:9a:57:fe:34:cd:71:e8:
35:25:4b:c1:4c:ac:6e:46:7b:f0:5c:25:85:2c:11:83:98:17:
56:21:89:bf:45:28:1d:59:b5:d7:8d:77:26:6c:06:6c:f7:2f:
36:f1:4d:67:5e:60:24:f5:5f:cf:33:0d:17:ec:5c:1e:cc:ba:
66:12:61:ed:eb:02:39:65:ea:65:fd:b2:61:69:90:b8:1f:42:
df:5a:87:e3:e2:ac:cd:4e:7a:e1:0e:35:09:dc:4a:ca:fa:39:
7d:a7:2d:3b:d3:ed:c7:bd:dd:3d:a9:3e:a1:20:28:bb:15:cf:
45:a1:71:60:50:e8:ff:33:54:89:8f:fe:be:d8:18:af:42:7c:
45:45:65:d5:3a:98:98:e9:d0:4f:20:ae:e9:05:e2:f1:8c:06:
6c:75:77:d9:4b:0e:29:1c:f1:31:6a:b9:a9:06:08:1e:9b:d4:
22:e1:3e:71:28:f7:fb:0c:2c:5a:02:de:7a:2c:fe:19:5e:a6:
ba:b3:59:35
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQmbEWC+eAf166HQXGbLEolMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjE0NGI0NTliY2UxMzlmMjczNGE0NGZiZGI0NmM5ODEz
MjliMmIwHhcNMjUwMTAyMDk1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTgzZTQ4ZjUzNzc5ZThlOGY0Y2NmNzU3MzkzZThiZmFlNDQwMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAV1BKxt1wQIv0Dm8Mo8C81jpiva
vAvnGleeTt0MEoPzf2LBYNcyHryHGxdtIvNvmi6tjKSbv0UzHdYyaEl58rz+Zv4D
myiQlN+NYjValZOBUPrxvR6uBBHQ3uhouotvvbDeWlsnEkVsFwJSRm4g3Cia+lTy
Mal7tZgA+vVtcSl6i80U0XBThjR6FaoeMNvZYYrLEYTBwDdzNNjQGWyJfeZCMMAW
TjJTZQs5ns9VuVgfAyT8a3ntifpf/FRYaUWA6/EDRDByAzq1RsGh/HYApG/zLr3P
MagCBXk988KOJETp5+nDZqgK0OQW7KPykmXSS8SZXTCBze39siTpR+hYSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLGD5I9Td56Oj0zPdXOT6L+uRAAvMB8GA1UdIwQY
MBaAFL5hRLRZvOE58nNKRPvbRsmBMpsrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1GRXRGbTg0VG55YzBwRS05dEd5WUV5bXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zYjg0YmQtMTMzYi00M2Q5LWI5Y2Yt
MTdlZmE1N2IzOWQ3LzEvc1lQa2oxTjNubzZQVE05MWM1UG92NjVFQUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zYjg0YmQtMTMzYi00M2Q5LWI5Y2YtMTdlZmE1N2IzOWQ3
LzEvdm1GRXRGbTg0VG55YzBwRS05dEd5WUV5bXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLrZgAwQF
TppAAwQCuQl8AwQE2RyQMA0GCSqGSIb3DQEBCwUAA4IBAQBL9/AM+j+EDKj3nt75
rZn8H2ZIlosz4apn+sMkl2/XBZESfrmB1b5p1VkfGxShCML6Z/r19X89KsrxEQrr
zbFCzJpX/jTNceg1JUvBTKxuRnvwXCWFLBGDmBdWIYm/RSgdWbXXjXcmbAZs9y82
8U1nXmAk9V/PMw0X7FwezLpmEmHt6wI5Zepl/bJhaZC4H0LfWofj4qzNTnrhDjUJ
3ErK+jl9py070+3Hvd09qT6hICi7Fc9FoXFgUOj/M1SJj/6+2BivQnxFRWXVOpiY
6dBPIK7pBeLxjAZsdXfZSw4pHPExarmpBggem9Qi4T5xKPf7DCxaAt56LP4ZXqa6
s1k1
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:28:05 2025 by rpki-client