Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/0zY-sGp0Ft0AM9Sf-NYlNdybUWg.roa
File: 0zY-sGp0Ft0AM9Sf-NYlNdybUWg.roa (raw, json)
Hash identifier: eX1zp0GC5bqV6hOy4nxEisONQ8sH8x4mX06jY0ZL3fw=
Subject key identifier: D3:36:3E:B0:6A:74:16:DD:00:33:D4:9F:F8:D6:25:35:DC:9B:51:68
Certificate issuer: /CN=2aa14bff83480d10cd0fbebb80b2cb5091fcf82f
Certificate serial: 019420D65B8BC000F6F0C7B4277C09999D84
Authority key identifier: 2A:A1:4B:FF:83:48:0D:10:CD:0F:BE:BB:80:B2:CB:50:91:FC:F8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqFL_4NIDRDND767gLLLUJH8-C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/0zY-sGp0Ft0AM9Sf-NYlNdybUWg.roa
Signing time: Wed 01 Jan 2025 07:48:26 +0000
ROA not before: Wed 01 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47562
IP address blocks: 46.175.192.0/21 maxlen: 24
62.122.144.0/21 maxlen: 24
93.91.112.0/20 maxlen: 24
94.198.32.0/21 maxlen: 24
185.46.96.0/22 maxlen: 24
2a03:ce80::/32 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5b:8b:c0:00:f6:f0:c7:b4:27:7c:09:99:9d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa14bff83480d10cd0fbebb80b2cb5091fcf82f
Validity
Not Before: Jan 1 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3363eb06a7416dd0033d49ff8d62535dc9b5168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:57:b8:9b:6a:96:a1:07:ad:15:85:8f:d3:9d:
c3:d9:10:15:e3:bf:c6:33:87:b7:ed:d2:e7:3e:96:
de:e5:17:e7:f0:cf:ab:5e:b4:4d:2e:e6:89:35:e0:
94:42:b7:65:5a:f3:91:4b:d0:d5:13:f8:ee:24:d9:
a0:7b:db:c1:47:74:0a:98:12:6f:79:7c:64:03:d0:
fa:67:e9:05:86:2c:33:fe:88:ad:80:a5:f6:c3:9f:
25:08:95:18:72:66:32:29:c8:8c:0c:72:b0:bb:cb:
90:ef:ad:78:15:8f:26:fe:41:97:cb:8e:52:ec:19:
f1:b0:df:68:b5:50:64:00:0d:7d:5f:83:d3:df:d0:
d7:99:dd:a4:45:fe:34:9c:50:dd:22:e5:42:a3:08:
cc:14:83:f6:ee:b9:cd:0f:17:95:1a:e3:e8:75:bf:
dc:ad:e3:10:8c:2a:46:5d:a2:8d:28:10:0f:42:26:
22:e7:5b:da:ae:5b:5c:3e:d5:5e:06:0e:14:ae:e7:
3b:62:54:48:85:95:80:c5:b3:58:05:17:0d:f1:71:
23:c6:bb:6c:75:4a:01:10:5d:54:f5:de:02:c4:43:
35:29:e2:e7:72:98:66:a0:73:3b:09:05:31:89:4a:
82:3b:95:33:a8:0d:a9:0a:c8:1c:f9:78:79:fe:fc:
05:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:36:3E:B0:6A:74:16:DD:00:33:D4:9F:F8:D6:25:35:DC:9B:51:68
X509v3 Authority Key Identifier:
keyid:2A:A1:4B:FF:83:48:0D:10:CD:0F:BE:BB:80:B2:CB:50:91:FC:F8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqFL_4NIDRDND767gLLLUJH8-C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/0zY-sGp0Ft0AM9Sf-NYlNdybUWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b19811-fa23-47b0-b577-17698f88c3bd/1/KqFL_4NIDRDND767gLLLUJH8-C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.192.0/21
62.122.144.0/21
93.91.112.0/20
94.198.32.0/21
185.46.96.0/22
IPv6:
2a03:ce80::/32
Signature Algorithm: sha256WithRSAEncryption
7f:b5:3d:fa:f4:52:64:18:31:28:90:01:32:c0:ba:f5:8b:12:
9f:b7:82:6d:ea:ce:e5:21:ab:f1:3b:75:d1:74:25:2b:ee:7a:
41:41:66:b1:92:3e:9e:17:9a:54:d6:4b:a0:59:92:d4:80:03:
36:dd:8e:c5:2f:6e:03:59:5f:96:e1:b8:c6:46:a3:f0:f9:e2:
48:58:3a:57:a5:b9:fe:fa:80:1e:be:a6:36:4c:37:66:f7:22:
2d:fc:bc:2f:b1:24:00:51:80:84:0b:82:10:c7:47:6b:b3:27:
8b:8b:91:c1:b7:92:1c:00:88:27:18:66:99:be:76:38:9d:52:
85:4b:77:5f:13:66:b1:a2:20:cd:f3:0e:26:40:50:85:08:70:
6d:5b:e6:cd:07:a7:e2:59:ef:9c:11:f0:86:23:d7:cc:1c:ee:
f1:0a:43:34:e4:b6:e0:cd:ff:96:81:7e:da:6e:83:32:73:b0:
a8:87:d7:f7:1f:e3:46:50:18:ab:9d:bd:d9:c9:d9:0a:19:c1:
24:e8:be:d0:5c:21:25:0a:82:f6:5f:73:44:96:29:06:37:91:
58:1b:70:e0:1a:ae:2b:9d:a6:3f:c8:a0:97:b3:11:f7:2e:7e:
6b:76:04:84:c5:21:49:c0:b1:b9:17:db:ac:0d:5e:f3:e5:ed:
66:34:b3:0d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQg1luLwAD28Me0J3wJmZ2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTE0YmZmODM0ODBkMTBjZDBmYmViYjgwYjJjYjUwOTFm
Y2Y4MmYwHhcNMjUwMTAxMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzM2M2ViMDZhNzQxNmRkMDAzM2Q0OWZmOGQ2MjUzNWRjOWI1MTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1e4m2qWoQetFYWP053D2RAV47/G
M4e37dLnPpbe5Rfn8M+rXrRNLuaJNeCUQrdlWvORS9DVE/juJNmge9vBR3QKmBJv
eXxkA9D6Z+kFhiwz/oitgKX2w58lCJUYcmYyKciMDHKwu8uQ7614FY8m/kGXy45S
7BnxsN9otVBkAA19X4PT39DXmd2kRf40nFDdIuVCowjMFIP27rnNDxeVGuPodb/c
reMQjCpGXaKNKBAPQiYi51varltcPtVeBg4Uruc7YlRIhZWAxbNYBRcN8XEjxrts
dUoBEF1U9d4CxEM1KeLncphmoHM7CQUxiUqCO5UzqA2pCsgc+Xh5/vwFSQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNM2PrBqdBbdADPUn/jWJTXcm1FoMB8GA1UdIwQY
MBaAFCqhS/+DSA0QzQ++u4Cyy1CR/PgvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FGTF80TklEUkRORDc2N2dMTExVSkg4LUM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iMTk4MTEtZmEyMy00N2IwLWI1Nzct
MTc2OThmODhjM2JkLzEvMHpZLXNHcDBGdDBBTTlTZi1OWWxOZHliVVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iMTk4MTEtZmEyMy00N2IwLWI1NzctMTc2OThmODhjM2Jk
LzEvS3FGTF80TklEUkRORDc2N2dMTExVSkg4LUM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLq/AAwQD
PnqQAwQEXVtwAwQDXsYgAwQCuS5gMA0EAgACMAcDBQAqA86AMA0GCSqGSIb3DQEB
CwUAA4IBAQB/tT369FJkGDEokAEywLr1ixKft4Jt6s7lIavxO3XRdCUr7npBQWax
kj6eF5pU1kugWZLUgAM23Y7FL24DWV+W4bjGRqPw+eJIWDpXpbn++oAevqY2TDdm
9yIt/LwvsSQAUYCEC4IQx0drsyeLi5HBt5IcAIgnGGaZvnY4nVKFS3dfE2axoiDN
8w4mQFCFCHBtW+bNB6fiWe+cEfCGI9fMHO7xCkM05Lbgzf+WgX7aboMyc7Coh9f3
H+NGUBirnb3ZydkKGcEk6L7QXCElCoL2X3NElikGN5FYG3DgGq4rnaY/yKCXsxH3
Ln5rdgSExSFJwLG5F9usDV7z5e1mNLMN
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:06:25 2025 by rpki-client