Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/MlJl27aIAXAZJUbBaHRPBexnmek.roa
File: MlJl27aIAXAZJUbBaHRPBexnmek.roa (raw, json)
Hash identifier: tpc3KjoZYdilF+ZJ35V8BshGMF2ZtFZDbuDBAsMbUHU=
Subject key identifier: 32:52:65:DB:B6:88:01:70:19:25:46:C1:68:74:4F:05:EC:67:99:E9
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01873CFEF5BC278F9F41BAF11DC2CB5E2A24
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/MlJl27aIAXAZJUbBaHRPBexnmek.roa
Signing time: Sat 01 Apr 2023 13:25:54 +0000
ROA not before: Sat 01 Apr 2023 13:25:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50738
IP address blocks: 46.23.96.0/24 maxlen: 24
46.23.98.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
46.23.109.0/24 maxlen: 24
5.178.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3c:fe:f5:bc:27:8f:9f:41:ba:f1:1d:c2:cb:5e:2a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Apr 1 13:25:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=325265dbb6880170192546c168744f05ec6799e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:92:8c:ff:00:14:48:7e:da:b8:68:ca:ce:1e:
6e:4a:b1:07:6c:74:ae:cb:4b:8e:98:5b:91:c7:49:
76:0f:f8:e6:b7:79:cb:f0:69:f6:3b:a8:12:14:d6:
1b:b5:14:92:74:7f:e1:b5:9f:21:e9:eb:9c:bc:3d:
c4:da:d6:9d:75:e4:27:14:bb:33:56:32:d8:8a:22:
9a:c5:29:2e:bd:89:1a:39:ed:84:1e:e8:b0:10:8e:
aa:4c:27:4d:57:24:15:ca:65:67:73:66:f1:f2:64:
41:4b:1a:fe:2f:b0:e6:4b:51:03:cf:6b:68:ff:43:
05:79:fa:29:22:fe:a3:e6:4c:44:bb:ac:d2:19:e3:
df:04:bb:09:b6:16:b6:81:24:ce:78:55:a1:8b:5e:
51:f4:54:50:ee:b0:f7:a6:45:86:b8:3e:d6:d2:dd:
d6:36:55:f7:63:be:ac:ba:ef:e5:15:dc:13:a0:4c:
68:4b:79:3b:7c:49:67:7e:c6:30:f7:8a:5c:b6:19:
7c:55:75:fd:db:43:71:19:e0:b4:cb:2d:1a:18:02:
1c:ea:21:2d:b4:b7:8d:44:0c:91:f8:28:25:17:c6:
00:f0:25:c5:33:4b:db:5b:9b:2b:b8:cc:6d:98:7a:
53:e7:91:e0:d0:b1:55:7c:ff:76:14:2d:13:69:4c:
06:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:52:65:DB:B6:88:01:70:19:25:46:C1:68:74:4F:05:EC:67:99:E9
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/MlJl27aIAXAZJUbBaHRPBexnmek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.3.0/24
46.23.96.0/24
46.23.98.0/24
46.23.108.0/23
Signature Algorithm: sha256WithRSAEncryption
31:6f:c2:2f:df:cc:9b:73:8e:ae:14:42:34:4a:ec:3b:4d:fb:
81:7a:88:fd:5e:7f:eb:76:2a:bb:d7:3d:c6:83:12:be:af:85:
35:60:19:c6:af:2b:67:4d:46:e0:d8:59:9d:ad:d7:a3:23:2f:
36:fc:de:6f:ee:01:bf:75:26:0d:88:3f:96:a2:3e:7e:6f:84:
8b:0a:e9:28:aa:4f:b9:20:bb:5e:3a:9f:bc:46:8b:3c:37:c7:
a8:68:e3:bd:17:c8:31:ae:84:a8:98:de:82:fc:03:16:0b:4e:
06:b7:88:48:5d:54:bb:6c:c6:e7:a2:51:cb:1b:48:f2:10:f8:
19:9f:ed:29:0c:c1:7b:4c:ae:0e:b1:21:57:07:29:07:e4:ed:
2a:a6:ce:8c:53:0d:b5:58:c8:c3:e9:39:f3:ef:4b:99:df:38:
4b:c9:50:3d:c1:42:de:c8:c1:10:92:e5:ad:d6:4b:6f:fd:e5:
c1:99:da:8f:21:11:0e:aa:34:c7:3a:2a:da:f0:f6:41:0a:f5:
bc:10:7a:5f:dc:72:33:ee:05:4c:ee:01:31:68:cb:9c:07:6a:
ad:87:5d:3b:e4:61:61:e5:f5:00:e2:54:91:49:8f:38:93:d5:
b0:86:2c:aa:9d:94:a8:e1:11:1e:65:a4:ae:09:c1:e7:74:6c:
65:20:af:17
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYc8/vW8J4+fQbrxHcLLXiokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNDAxMTMyNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjUyNjVkYmI2ODgwMTcwMTkyNTQ2YzE2ODc0NGYwNWVjNjc5OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZKM/wAUSH7auGjKzh5uSrEHbHSu
y0uOmFuRx0l2D/jmt3nL8Gn2O6gSFNYbtRSSdH/htZ8h6eucvD3E2taddeQnFLsz
VjLYiiKaxSkuvYkaOe2EHuiwEI6qTCdNVyQVymVnc2bx8mRBSxr+L7DmS1EDz2to
/0MFefopIv6j5kxEu6zSGePfBLsJtha2gSTOeFWhi15R9FRQ7rD3pkWGuD7W0t3W
NlX3Y76suu/lFdwToExoS3k7fElnfsYw94pcthl8VXX920NxGeC0yy0aGAIc6iEt
tLeNRAyR+CglF8YA8CXFM0vbW5sruMxtmHpT55Hg0LFVfP92FC0TaUwGKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDJSZdu2iAFwGSVGwWh0TwXsZ5npMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvTWxKbDI3YUlBWEFaSlViQmFIUlBCZXhubWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABbIDAwQA
LhdgAwQALhdiAwQBLhdsMA0GCSqGSIb3DQEBCwUAA4IBAQAxb8Iv38ybc46uFEI0
Suw7TfuBeoj9Xn/rdiq71z3GgxK+r4U1YBnGrytnTUbg2FmdrdejIy82/N5v7gG/
dSYNiD+Woj5+b4SLCukoqk+5ILteOp+8Ros8N8eoaOO9F8gxroSomN6C/AMWC04G
t4hIXVS7bMbnolHLG0jyEPgZn+0pDMF7TK4OsSFXBykH5O0qps6MUw21WMjD6Tnz
70uZ3zhLyVA9wULeyMEQkuWt1ktv/eXBmdqPIREOqjTHOira8PZBCvW8EHpf3HIz
7gVM7gExaMucB2qth1075GFh5fUA4lSRSY84k9WwhiyqnZSo4REeZaSuCcHndGxl
IK8X
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:13 2025 by rpki-client