Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/haRmGkgL6GKDvr6SDajw89Xp5tg.roa
File: haRmGkgL6GKDvr6SDajw89Xp5tg.roa (raw, json)
Hash identifier: o32EnHNWIdaHJ7DwN5wuihXLN2OTJ904FIZNfQEBK4s=
Subject key identifier: 85:A4:66:1A:48:0B:E8:62:83:BE:BE:92:0D:A8:F0:F3:D5:E9:E6:D8
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 019426D8500DBC95380714036CB44760A482
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/haRmGkgL6GKDvr6SDajw89Xp5tg.roa
Signing time: Thu 02 Jan 2025 11:48:17 +0000
ROA not before: Thu 02 Jan 2025 11:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 46.37.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:50:0d:bc:95:38:07:14:03:6c:b4:47:60:a4:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 2 11:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85a4661a480be86283bebe920da8f0f3d5e9e6d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8a:1e:b3:5f:a0:58:d9:c0:b3:04:0e:2c:0a:
52:f0:58:35:f2:09:09:a4:47:fa:8c:92:2f:b8:8c:
bd:99:7f:a0:17:fb:78:f9:e8:9d:76:9d:16:ff:d0:
af:e3:0b:3d:9e:4b:3f:9f:da:70:f5:45:db:03:a6:
f6:d2:a7:b4:37:81:d9:91:3d:96:22:06:42:f2:d7:
e1:82:77:41:5c:a9:8c:0d:05:d5:6f:51:a3:b4:4f:
ce:eb:c4:59:54:bf:aa:5e:15:14:c7:42:18:90:2d:
52:f2:91:59:a2:4d:c4:3c:b6:c3:4b:49:bf:49:7c:
d3:e3:55:ee:04:2f:fe:79:3c:ff:4c:27:d9:2d:bc:
4b:04:f2:c4:6d:2e:9d:55:3c:08:4a:7c:9f:e7:d3:
34:b3:3e:73:b4:47:51:a2:e5:9a:ba:7a:ba:3c:a3:
84:b5:02:3e:b6:68:24:79:10:ba:59:6a:aa:aa:4f:
8a:28:5c:dc:03:90:ff:20:09:88:e9:92:28:4b:a0:
48:39:f3:9c:bc:dd:cc:6b:9e:d0:8f:df:19:97:df:
1a:e6:e5:0b:19:18:b5:fe:37:72:18:93:38:82:db:
bb:19:41:74:36:21:06:5c:ef:fb:35:ac:e6:b1:de:
60:83:c4:2d:4c:47:a3:45:ad:d2:22:f7:a3:64:be:
62:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A4:66:1A:48:0B:E8:62:83:BE:BE:92:0D:A8:F0:F3:D5:E9:E6:D8
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/haRmGkgL6GKDvr6SDajw89Xp5tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.126.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:31:09:55:ca:fd:7f:29:99:ac:1b:c6:d0:04:e4:12:96:ab:
fb:0f:fb:8e:b6:21:79:f6:88:60:ee:f7:be:bc:36:fe:15:b9:
3d:f8:f1:b0:8b:a6:df:39:a5:5a:02:f9:44:87:4b:f3:ae:e8:
6c:14:27:4b:d8:9f:e5:50:d4:88:e8:95:f8:8e:36:16:bd:dc:
a6:ee:6c:05:ae:a8:5d:2c:33:ed:3a:0b:b1:b9:a0:a4:f4:8b:
82:bb:d0:e9:d0:0a:57:4e:b3:21:c7:62:6b:5f:4c:69:f9:08:
25:3c:63:96:5b:9d:7e:20:62:b3:8e:a5:5d:29:70:d1:3c:a7:
38:07:67:cd:0c:78:4f:c0:03:2c:4a:9e:20:53:96:14:19:32:
70:38:74:0f:e7:8b:1a:09:c5:c2:ac:cf:d7:5e:cc:d6:23:d6:
b3:f7:6f:d0:df:38:69:c8:df:b2:17:aa:bd:9a:31:d6:b7:f4:
fc:28:44:d3:1d:3d:67:0d:c0:59:3b:44:62:e5:e6:d9:b9:82:
a0:2b:a4:c4:23:9d:2c:8b:24:7b:7a:50:4b:17:13:95:b0:e5:
2d:b2:69:e0:a4:56:f5:ad:48:c5:35:58:83:2d:d0:bf:62:e4:
80:24:b5:8a:04:1d:c7:7e:4f:26:e5:2a:56:5d:01:e7:e0:50:
72:57:f9:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2FANvJU4BxQDbLRHYKSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUwMTAyMTE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWE0NjYxYTQ4MGJlODYyODNiZWJlOTIwZGE4ZjBmM2Q1ZTllNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYoes1+gWNnAswQOLApS8Fg18gkJ
pEf6jJIvuIy9mX+gF/t4+eiddp0W/9Cv4ws9nks/n9pw9UXbA6b20qe0N4HZkT2W
IgZC8tfhgndBXKmMDQXVb1GjtE/O68RZVL+qXhUUx0IYkC1S8pFZok3EPLbDS0m/
SXzT41XuBC/+eTz/TCfZLbxLBPLEbS6dVTwISnyf59M0sz5ztEdRouWaunq6PKOE
tQI+tmgkeRC6WWqqqk+KKFzcA5D/IAmI6ZIoS6BIOfOcvN3Ma57Qj98Zl98a5uUL
GRi1/jdyGJM4gtu7GUF0NiEGXO/7Nazmsd5gg8QtTEejRa3SIvejZL5iIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWkZhpIC+hig76+kg2o8PPV6ebYMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvaGFSbUdrZ0w2R0tEdnI2U0Rhanc4OVhwNXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiV+MA0G
CSqGSIb3DQEBCwUAA4IBAQBtMQlVyv1/KZmsG8bQBOQSlqv7D/uOtiF59ohg7ve+
vDb+Fbk9+PGwi6bfOaVaAvlEh0vzruhsFCdL2J/lUNSI6JX4jjYWvdym7mwFrqhd
LDPtOguxuaCk9IuCu9Dp0ApXTrMhx2JrX0xp+QglPGOWW51+IGKzjqVdKXDRPKc4
B2fNDHhPwAMsSp4gU5YUGTJwOHQP54saCcXCrM/XXszWI9az92/Q3zhpyN+yF6q9
mjHWt/T8KETTHT1nDcBZO0Ri5ebZuYKgK6TEI50siyR7elBLFxOVsOUtsmngpFb1
rUjFNViDLdC/YuSAJLWKBB3Hfk8m5SpWXQHn4FByV/nj
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:31:46 2025 by rpki-client