Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/hz97jgo9bqt0uT-ArAt9KzOXsP4.roa
File: hz97jgo9bqt0uT-ArAt9KzOXsP4.roa (raw, json)
Hash identifier: bhze+d6pD3xd6tpzBiM9HUGCjaef6tJylvnHETr5GxE=
Subject key identifier: 87:3F:7B:8E:0A:3D:6E:AB:74:B9:3F:80:AC:0B:7D:2B:33:97:B0:FE
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 0195A8881476816E3B41248211FD0077CCD5
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/hz97jgo9bqt0uT-ArAt9KzOXsP4.roa
Signing time: Tue 18 Mar 2025 09:14:05 +0000
ROA not before: Tue 18 Mar 2025 09:14:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135402
IP address blocks: 46.233.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a8:88:14:76:81:6e:3b:41:24:82:11:fd:00:77:cc:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Mar 18 09:14:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=873f7b8e0a3d6eab74b93f80ac0b7d2b3397b0fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4e:3c:51:34:51:62:87:29:55:8c:ed:bb:1e:
dd:a6:be:b9:2b:e0:82:4b:9a:b4:d5:62:61:bd:fe:
ef:93:5c:c9:ca:09:8e:1d:e4:e7:fe:63:a5:68:56:
84:42:cd:92:c7:46:4d:2b:ed:00:ef:79:c8:31:39:
fb:32:09:e4:3d:a5:30:96:ab:65:e5:b9:74:d6:79:
c9:78:83:c6:f1:ef:b5:8c:24:92:ef:d7:5c:c3:f1:
71:81:58:7b:e8:cd:86:a3:f9:b6:7e:7c:9f:77:34:
0d:ce:9f:44:2f:1d:33:df:9b:47:ef:ab:b3:08:18:
a5:eb:72:78:7f:7a:0b:8e:35:54:56:57:be:09:74:
49:cd:14:4f:d5:36:15:a2:c2:98:d3:f0:4c:16:75:
3d:9e:ad:78:7f:6d:68:28:df:4c:ea:45:c1:3b:c2:
c2:4b:63:0b:99:05:51:e3:f5:57:9d:98:6c:6b:d8:
81:00:4f:ba:54:59:44:c8:57:0f:de:89:18:e7:44:
dc:6e:29:c9:d8:82:b1:86:4e:64:8a:c2:de:0d:ef:
19:c7:26:ed:5b:0d:70:f2:fd:ce:c4:73:0a:aa:84:
a9:6d:48:68:96:dd:69:69:a2:4d:d0:df:0f:bb:92:
11:52:92:99:a8:1a:a9:cf:10:79:c6:b5:c3:f7:6c:
c1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:3F:7B:8E:0A:3D:6E:AB:74:B9:3F:80:AC:0B:7D:2B:33:97:B0:FE
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/hz97jgo9bqt0uT-ArAt9KzOXsP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.42.0/24
Signature Algorithm: sha256WithRSAEncryption
86:50:28:39:9b:ff:08:56:4e:84:76:d5:2e:8e:e9:00:8c:cd:
87:c7:ac:d0:e6:2f:59:71:55:d5:99:35:be:85:2d:16:e5:d1:
a0:40:78:69:88:12:2b:1c:72:f2:59:fe:e0:f3:7a:d1:e2:97:
ed:a4:96:ea:a3:66:49:37:2b:ad:74:37:a8:09:9a:1e:0a:ee:
14:fd:94:7e:92:c6:47:c9:49:5d:bb:38:25:7d:34:14:b9:63:
c6:26:59:49:6a:c3:ad:b4:df:bc:dd:69:ce:e6:50:bd:62:0f:
3f:61:ed:75:5c:66:c3:84:59:f1:8a:8a:40:30:64:88:78:39:
6e:6a:64:ef:36:f2:0f:dc:7f:47:b9:e1:84:9d:9f:02:7f:35:
ed:11:ff:88:79:bf:e5:0a:b5:ae:50:fc:18:31:dc:b0:f9:f6:
09:96:c7:85:f9:3d:5c:b7:51:54:11:35:a0:65:6f:ed:c0:a9:
1a:e2:26:3a:75:64:a1:ae:4b:38:97:7e:23:b7:81:3e:df:ca:
87:6a:9b:15:93:3f:61:5a:c0:f4:34:03:ea:be:3b:ab:85:03:
bf:17:73:95:b2:5e:98:88:2d:d0:80:5f:07:b6:12:4d:ba:f2:
e2:14:a5:03:7f:3e:82:67:69:78:f6:a3:8d:9e:11:98:a1:49:
8f:b5:a7:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWoiBR2gW47QSSCEf0Ad8zVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjUwMzE4MDkxNDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzNmN2I4ZTBhM2Q2ZWFiNzRiOTNmODBhYzBiN2QyYjMzOTdiMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk48UTRRYocpVYztux7dpr65K+CC
S5q01WJhvf7vk1zJygmOHeTn/mOlaFaEQs2Sx0ZNK+0A73nIMTn7MgnkPaUwlqtl
5bl01nnJeIPG8e+1jCSS79dcw/FxgVh76M2Go/m2fnyfdzQNzp9ELx0z35tH76uz
CBil63J4f3oLjjVUVle+CXRJzRRP1TYVosKY0/BMFnU9nq14f21oKN9M6kXBO8LC
S2MLmQVR4/VXnZhsa9iBAE+6VFlEyFcP3okY50TcbinJ2IKxhk5kisLeDe8Zxybt
Ww1w8v3OxHMKqoSpbUholt1paaJN0N8Pu5IRUpKZqBqpzxB5xrXD92zB2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIc/e44KPW6rdLk/gKwLfSszl7D+MB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvaHo5N2pnbzlicXQwdVQtQXJBdDlLek9Yc1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALukqMA0G
CSqGSIb3DQEBCwUAA4IBAQCGUCg5m/8IVk6EdtUujukAjM2Hx6zQ5i9ZcVXVmTW+
hS0W5dGgQHhpiBIrHHLyWf7g83rR4pftpJbqo2ZJNyutdDeoCZoeCu4U/ZR+ksZH
yUlduzglfTQUuWPGJllJasOttN+83WnO5lC9Yg8/Ye11XGbDhFnxiopAMGSIeDlu
amTvNvIP3H9HueGEnZ8CfzXtEf+Ieb/lCrWuUPwYMdyw+fYJlseF+T1ct1FUETWg
ZW/twKka4iY6dWShrks4l34jt4E+38qHapsVkz9hWsD0NAPqvjurhQO/F3OVsl6Y
iC3QgF8HthJNuvLiFKUDfz6CZ2l49qONnhGYoUmPtaev
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:23:02 2025 by rpki-client