Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2-68_Bzi4xWbZGyCWg8-EGYgNqA.roa
File: 2-68_Bzi4xWbZGyCWg8-EGYgNqA.roa (raw, json)
Hash identifier: PYhWYX6MKr91BZMJLhMG9KYJYMTak8HHTpbuYWCGrl0=
Subject key identifier: DB:EE:BC:FC:1C:E2:E3:15:9B:64:6C:82:5A:0F:3E:10:66:20:36:A0
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 019426D85964656F32995035BA54676BD1DA
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2-68_Bzi4xWbZGyCWg8-EGYgNqA.roa
Signing time: Thu 02 Jan 2025 11:48:20 +0000
ROA not before: Thu 02 Jan 2025 11:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207633
IP address blocks: 46.37.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:59:64:65:6f:32:99:50:35:ba:54:67:6b:d1:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 2 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbeebcfc1ce2e3159b646c825a0f3e10662036a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:70:c2:a7:7d:6c:83:24:fb:f1:59:ff:41:67:
24:c0:bf:0f:13:c5:89:71:02:fd:5d:0a:08:d6:cf:
3c:bf:56:d6:63:41:26:08:0a:09:de:eb:16:23:b4:
d9:51:73:ed:83:fc:7f:31:df:5e:16:a4:bc:26:2b:
b4:c5:e7:02:c9:ab:f3:39:9a:1f:d3:b2:dd:92:a1:
3a:c4:ee:a1:fb:2d:7a:dd:91:3d:da:7c:e5:19:45:
72:b3:3f:63:92:69:51:21:2f:47:88:3a:7b:21:bd:
42:8f:ea:32:9c:15:c3:e5:10:ef:7c:ae:76:c1:15:
74:bf:f3:de:e6:63:13:c8:7e:2d:0d:7f:bd:3d:23:
53:7d:3e:9e:cd:52:00:b4:87:58:a4:13:7b:f5:f8:
c6:96:be:3a:d7:c5:54:21:7c:2d:28:da:eb:76:65:
1b:d4:1f:83:1d:b7:ec:c5:9b:89:96:5a:8d:ef:5e:
96:74:60:38:70:9a:04:c3:63:f1:00:a6:65:16:a9:
84:3c:ed:33:a5:64:c0:ef:cf:21:e7:45:58:41:57:
6d:b1:6d:71:69:48:9f:9f:4b:71:8d:fa:1b:ac:cb:
03:d1:45:35:55:08:b2:7d:ee:b8:70:23:73:f4:d1:
41:a6:af:b0:83:56:f9:0b:c9:53:b7:5c:5a:e7:a6:
a2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:EE:BC:FC:1C:E2:E3:15:9B:64:6C:82:5A:0F:3E:10:66:20:36:A0
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/2-68_Bzi4xWbZGyCWg8-EGYgNqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.107.0/24
Signature Algorithm: sha256WithRSAEncryption
95:11:28:fb:1d:b3:42:67:bd:8b:a4:85:f3:f8:f0:67:99:52:
b5:f7:97:04:b6:8b:5f:9e:56:11:36:9e:f2:22:99:99:80:57:
1b:9f:b5:98:05:0f:9b:8f:41:7a:88:2b:8d:ad:28:ab:69:7b:
b3:e2:0e:58:a7:27:86:29:04:f4:fc:c7:67:f3:bc:21:03:65:
ee:2d:e5:f4:eb:3b:56:d4:7e:30:87:ff:a3:37:eb:13:0e:e0:
c4:cb:af:43:04:0b:f4:33:47:63:8f:5b:7a:bc:0b:de:79:eb:
df:a2:69:c9:bc:49:9f:e8:fb:4f:89:30:a2:ec:1d:dd:3a:67:
2b:c5:37:81:9a:c7:df:ae:10:60:4f:44:25:2c:6b:74:dc:ba:
68:58:be:25:00:47:16:7a:84:f5:21:cb:61:3f:43:16:06:07:
8a:5e:05:b0:76:40:21:6f:88:36:90:09:85:22:e1:f9:67:ee:
15:57:b9:ef:c2:7b:d2:7a:9a:66:8b:0e:d2:72:72:e8:50:b3:
3a:e9:c5:44:fe:94:eb:60:74:19:58:29:8c:dc:b1:84:4b:f8:
57:a2:6d:54:85:f5:16:2a:07:29:23:b1:ab:45:37:dd:bf:d8:
6b:ad:0c:94:42:5c:8d:2a:ad:1d:e7:55:0e:93:a9:be:36:27:
7d:14:41:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2FlkZW8ymVA1ulRna9HaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUwMTAyMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmVlYmNmYzFjZTJlMzE1OWI2NDZjODI1YTBmM2UxMDY2MjAzNmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXDCp31sgyT78Vn/QWckwL8PE8WJ
cQL9XQoI1s88v1bWY0EmCAoJ3usWI7TZUXPtg/x/Md9eFqS8Jiu0xecCyavzOZof
07LdkqE6xO6h+y163ZE92nzlGUVysz9jkmlRIS9HiDp7Ib1Cj+oynBXD5RDvfK52
wRV0v/Pe5mMTyH4tDX+9PSNTfT6ezVIAtIdYpBN79fjGlr4618VUIXwtKNrrdmUb
1B+DHbfsxZuJllqN716WdGA4cJoEw2PxAKZlFqmEPO0zpWTA788h50VYQVdtsW1x
aUifn0txjfobrMsD0UU1VQiyfe64cCNz9NFBpq+wg1b5C8lTt1xa56aigwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNvuvPwc4uMVm2RsgloPPhBmIDagMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvMi02OF9Cemk0eFdiWkd5Q1dnOC1FR1lnTnFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiVrMA0G
CSqGSIb3DQEBCwUAA4IBAQCVESj7HbNCZ72LpIXz+PBnmVK195cEtotfnlYRNp7y
IpmZgFcbn7WYBQ+bj0F6iCuNrSiraXuz4g5YpyeGKQT0/Mdn87whA2XuLeX06ztW
1H4wh/+jN+sTDuDEy69DBAv0M0djj1t6vAveeevfomnJvEmf6PtPiTCi7B3dOmcr
xTeBmsffrhBgT0QlLGt03LpoWL4lAEcWeoT1IcthP0MWBgeKXgWwdkAhb4g2kAmF
IuH5Z+4VV7nvwnvSeppmiw7ScnLoULM66cVE/pTrYHQZWCmM3LGES/hXom1UhfUW
KgcpI7GrRTfdv9hrrQyUQlyNKq0d51UOk6m+Nid9FEFp
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:13:25 2025 by rpki-client