Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/ffVCJAudGRklTh6J2p53gbRPIvk.roa
File: ffVCJAudGRklTh6J2p53gbRPIvk.roa (raw, json)
Hash identifier: DvmrtTZ+4GX+XZD2/G6E6Uk/XxFpGuY4Z0oM1q4ZEeI=
Subject key identifier: 7D:F5:42:24:0B:9D:19:19:25:4E:1E:89:DA:9E:77:81:B4:4F:22:F9
Certificate issuer: /CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Certificate serial: 019422FB042A3ECD07E3AABADC36FDA45037
Authority key identifier: 98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/ffVCJAudGRklTh6J2p53gbRPIvk.roa
Signing time: Wed 01 Jan 2025 17:47:43 +0000
ROA not before: Wed 01 Jan 2025 17:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206518
IP address blocks: 46.45.118.0/23 maxlen: 23
46.45.118.0/24 maxlen: 24
46.45.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:04:2a:3e:cd:07:e3:aa:ba:dc:36:fd:a4:50:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9813e2f6351d3b4d1e61aa4016f1b2cfa62d7cdf
Validity
Not Before: Jan 1 17:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7df542240b9d1919254e1e89da9e7781b44f22f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:da:1e:0c:20:20:09:82:06:3e:59:e3:f0:41:
05:c5:2e:93:00:f8:32:68:5d:a5:cf:88:15:e9:3c:
40:b6:01:4c:95:6c:81:fd:1e:a9:93:a0:14:e5:5c:
44:8b:ec:90:d6:3e:04:0b:61:13:8d:38:2d:10:ca:
c9:82:18:2b:02:8c:e7:2c:57:3a:a7:3b:79:3c:34:
7d:ab:7e:83:ab:cf:0c:07:96:dc:f0:7d:85:10:6a:
75:0a:88:95:2c:37:67:fa:06:52:72:e8:40:d0:c1:
1e:c3:d3:95:a9:ee:1c:54:0c:67:cd:42:0a:b6:e9:
9c:19:c6:4c:dd:74:f9:7b:66:d7:33:14:3f:58:21:
a2:cd:f9:6a:fe:83:ac:52:a2:42:73:8a:c2:56:ba:
21:99:4a:15:69:14:43:fd:91:6c:e2:d4:78:9b:9e:
34:e0:3b:57:79:fd:0e:b2:af:7e:a6:b4:53:dc:82:
65:67:68:2c:1f:df:a9:00:bc:67:ed:28:a1:26:77:
a2:d1:87:46:ad:21:23:f1:d8:9f:bd:ad:5d:05:b1:
ce:5e:4a:96:5d:50:5e:35:e1:45:6d:86:69:8e:42:
13:d8:5d:17:17:72:e6:20:c5:bb:a5:e0:88:15:d9:
de:f8:17:a7:09:23:8f:1f:d3:31:05:e5:80:7a:95:
95:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F5:42:24:0B:9D:19:19:25:4E:1E:89:DA:9E:77:81:B4:4F:22:F9
X509v3 Authority Key Identifier:
keyid:98:13:E2:F6:35:1D:3B:4D:1E:61:AA:40:16:F1:B2:CF:A6:2D:7C:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBPi9jUdO00eYapAFvGyz6YtfN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/ffVCJAudGRklTh6J2p53gbRPIvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f7463-4d4f-41a6-8d72-3951378aa766/1/mBPi9jUdO00eYapAFvGyz6YtfN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.45.118.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:43:a3:01:d6:18:90:31:61:5a:e6:b9:1c:29:3b:19:b6:d0:
b7:47:f2:f6:63:4a:c0:fe:df:c4:9b:03:24:8a:af:a9:1c:be:
a2:3a:8f:9b:7e:f2:38:90:7d:cc:87:71:aa:e0:ea:7a:5b:48:
85:8d:12:52:69:d7:dd:aa:80:b7:75:e0:2b:97:d2:87:cc:15:
e5:e6:0a:db:99:b7:cc:7a:4a:10:f5:9e:7c:d0:e9:32:7e:1d:
10:13:d9:9d:82:7d:41:cf:c9:aa:dc:00:56:3a:40:a3:3f:35:
a3:58:3c:fc:e7:33:c8:01:34:72:86:bb:29:2f:20:04:65:3f:
02:b9:b5:21:65:89:c5:bd:33:7b:25:43:77:fa:4e:47:4c:b2:
ea:20:9a:79:05:b1:6a:1f:42:5a:20:cb:b9:b4:6e:4b:b4:b9:
aa:96:8d:7b:af:a4:93:41:07:f1:8f:bc:d9:b1:fc:ff:35:27:
ad:11:76:ac:93:1e:c7:8b:1f:cd:c7:60:15:bf:1b:30:16:9e:
a4:78:67:01:21:ce:ad:e8:43:01:56:91:ee:f7:3c:b4:49:e8:
15:e6:33:a6:38:ba:e4:65:ab:72:eb:9d:23:12:6e:7e:b1:0b:
39:75:dd:bb:a4:37:d9:b7:f7:48:8a:37:1d:bd:dd:e2:75:eb:
11:a6:21:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+wQqPs0H46q63Db9pFA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTNlMmY2MzUxZDNiNGQxZTYxYWE0MDE2ZjFiMmNmYTYy
ZDdjZGYwHhcNMjUwMTAxMTc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGY1NDIyNDBiOWQxOTE5MjU0ZTFlODlkYTllNzc4MWI0NGYyMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1toeDCAgCYIGPlnj8EEFxS6TAPgy
aF2lz4gV6TxAtgFMlWyB/R6pk6AU5VxEi+yQ1j4EC2ETjTgtEMrJghgrAoznLFc6
pzt5PDR9q36Dq88MB5bc8H2FEGp1CoiVLDdn+gZScuhA0MEew9OVqe4cVAxnzUIK
tumcGcZM3XT5e2bXMxQ/WCGizflq/oOsUqJCc4rCVrohmUoVaRRD/ZFs4tR4m540
4DtXef0Osq9+prRT3IJlZ2gsH9+pALxn7SihJnei0YdGrSEj8difva1dBbHOXkqW
XVBeNeFFbYZpjkIT2F0XF3LmIMW7peCIFdne+BenCSOPH9MxBeWAepWVTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH31QiQLnRkZJU4eidqed4G0TyL5MB8GA1UdIwQY
MBaAFJgT4vY1HTtNHmGqQBbxss+mLXzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzIt
Mzk1MTM3OGFhNzY2LzEvZmZWQ0pBdWRHUmtsVGg2SjJwNTNnYlJQSXZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zZjc0NjMtNGQ0Zi00MWE2LThkNzItMzk1MTM3OGFhNzY2
LzEvbUJQaTlqVWRPMDBlWWFwQUZ2R3l6Nll0Zk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLi12MA0G
CSqGSIb3DQEBCwUAA4IBAQCoQ6MB1hiQMWFa5rkcKTsZttC3R/L2Y0rA/t/EmwMk
iq+pHL6iOo+bfvI4kH3Mh3Gq4Op6W0iFjRJSadfdqoC3deArl9KHzBXl5grbmbfM
ekoQ9Z580Okyfh0QE9mdgn1Bz8mq3ABWOkCjPzWjWDz85zPIATRyhrspLyAEZT8C
ubUhZYnFvTN7JUN3+k5HTLLqIJp5BbFqH0JaIMu5tG5LtLmqlo17r6STQQfxj7zZ
sfz/NSetEXaskx7Hix/Nx2AVvxswFp6keGcBIc6t6EMBVpHu9zy0SegV5jOmOLrk
Zaty650jEm5+sQs5dd27pDfZt/dIijcdvd3idesRpiGm
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:50:07 2025 by rpki-client