Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/L9HnYDWvNpMZS4pIu5zArdvE5v8.roa
File: L9HnYDWvNpMZS4pIu5zArdvE5v8.roa (raw, json)
Hash identifier: 0/PRNPNH9PE5TqzwlxbNtq6foN9oanZ3LsojHdx7xuw=
Subject key identifier: 2F:D1:E7:60:35:AF:36:93:19:4B:8A:48:BB:9C:C0:AD:DB:C4:E6:FF
Certificate issuer: /CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Certificate serial: 019420D5CCFCB5BBF1DE6AEDAC3AFA312C8F
Authority key identifier: C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/L9HnYDWvNpMZS4pIu5zArdvE5v8.roa
Signing time: Wed 01 Jan 2025 07:47:49 +0000
ROA not before: Wed 01 Jan 2025 07:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204818
IP address blocks: 46.182.4.0/22 maxlen: 22
185.158.4.0/22 maxlen: 22
217.16.0.0/20 maxlen: 20
2a05:36c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:cc:fc:b5:bb:f1:de:6a:ed:ac:3a:fa:31:2c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Validity
Not Before: Jan 1 07:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fd1e76035af3693194b8a48bb9cc0addbc4e6ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:80:b4:44:cc:85:35:0b:b6:f3:dd:c5:ff:
ff:a3:49:f9:eb:78:57:1f:b5:05:44:67:3c:06:21:
e6:6a:e7:47:08:f1:81:26:20:6d:d1:48:77:c3:74:
d4:79:fe:c7:a7:2c:ad:5f:dd:11:1e:6c:c3:15:73:
3d:63:6a:35:fb:dd:51:aa:bc:83:d0:56:55:20:e7:
77:13:36:d9:35:64:10:83:cc:0b:ce:0f:a6:45:19:
11:e6:c0:3d:89:04:60:5f:75:83:c0:fb:f5:19:eb:
08:c2:bf:d2:33:59:11:99:ed:a6:21:b6:7e:ba:76:
76:f3:2c:fa:0e:40:75:ff:fe:6c:39:55:78:55:45:
1b:da:a5:4b:8c:9a:20:3d:a3:a4:3c:27:12:e2:06:
f5:45:7a:f5:ec:be:b1:05:ff:29:a1:0b:bb:70:ec:
1d:88:19:6f:39:77:34:21:26:09:86:ef:4a:4e:58:
15:1f:cf:e1:d7:4c:7a:a8:4b:84:3c:ad:f8:1e:c2:
15:a1:e9:b0:50:00:6e:3b:e3:f6:15:c6:da:ce:34:
89:85:0c:da:a4:e4:f7:68:ff:12:0e:3b:44:f7:3e:
5b:cd:de:3a:c8:ee:7e:b9:e6:c3:c0:7a:ca:43:61:
c7:b9:7e:a9:12:a3:01:a6:db:b2:b0:27:1b:5a:43:
21:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D1:E7:60:35:AF:36:93:19:4B:8A:48:BB:9C:C0:AD:DB:C4:E6:FF
X509v3 Authority Key Identifier:
keyid:C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/L9HnYDWvNpMZS4pIu5zArdvE5v8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/wq_BTc5FCwXshsfFMHDNa7bbx-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.4.0/22
185.158.4.0/22
217.16.0.0/20
IPv6:
2a05:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
31:13:5b:7d:89:df:71:93:7d:fc:83:88:44:ed:bc:57:01:b8:
3e:fb:5d:43:24:14:c3:cf:56:83:e2:7c:19:e9:04:58:f3:6a:
e9:53:3f:5f:32:59:55:e8:6c:0d:40:95:23:92:4f:3b:2c:62:
f4:59:a0:20:f8:05:f8:42:ab:6e:2b:5a:78:3f:96:68:70:50:
28:02:0c:17:36:96:a1:3b:4c:fd:06:eb:a3:0d:f3:77:e5:64:
f3:07:12:03:fa:72:c9:95:99:b1:c5:6e:af:c7:67:0d:40:76:
25:ce:a8:08:93:29:fa:37:10:73:96:c9:0c:7e:07:7f:99:51:
38:5e:48:89:fa:61:89:4e:dd:b8:2d:da:53:05:d2:fd:8c:ae:
c0:53:bf:ab:80:26:63:8a:f3:b0:79:5a:78:7c:8e:87:b2:81:
99:70:80:46:17:f5:b5:94:5e:4e:46:0a:d3:2e:b6:07:da:af:
7c:e5:f1:52:4d:ec:3a:d1:e2:a8:a6:60:d9:c2:3b:50:61:20:
47:4f:9d:d6:f3:c2:dc:d1:6c:76:47:70:0c:98:8a:47:30:5a:
09:7c:47:bc:7d:19:a0:e7:b1:85:78:76:dd:3b:0a:88:ae:eb:
28:4d:79:cb:f3:30:87:b4:ba:a4:dc:f1:ad:de:9b:26:35:03:
37:98:10:62
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQg1cz8tbvx3mrtrDr6MSyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYWZjMTRkY2U0NTBiMDVlYzg2YzdjNTMwNzBjZDZiYjZk
YmM3ZWUwHhcNMjUwMTAxMDc0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmQxZTc2MDM1YWYzNjkzMTk0YjhhNDhiYjljYzBhZGRiYzRlNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuWAtETMhTULtvPdxf//o0n563hX
H7UFRGc8BiHmaudHCPGBJiBt0Uh3w3TUef7HpyytX90RHmzDFXM9Y2o1+91RqryD
0FZVIOd3EzbZNWQQg8wLzg+mRRkR5sA9iQRgX3WDwPv1GesIwr/SM1kRme2mIbZ+
unZ28yz6DkB1//5sOVV4VUUb2qVLjJogPaOkPCcS4gb1RXr17L6xBf8poQu7cOwd
iBlvOXc0ISYJhu9KTlgVH8/h10x6qEuEPK34HsIVoemwUABuO+P2FcbazjSJhQza
pOT3aP8SDjtE9z5bzd46yO5+uebDwHrKQ2HHuX6pEqMBptuysCcbWkMh0wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFC/R52A1rzaTGUuKSLucwK3bxOb/MB8GA1UdIwQY
MBaAFMKvwU3ORQsF7IbHxTBwzWu228fuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgt
MTg0N2NiODhlODNhLzEvTDlIbllEV3ZOcE1aUzRwSXU1ekFyZHZFNXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgtMTg0N2NiODhlODNh
LzEvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLrYEAwQC
uZ4EAwQE2RAAMA0EAgACMAcDBQMqBTbAMA0GCSqGSIb3DQEBCwUAA4IBAQAxE1t9
id9xk338g4hE7bxXAbg++11DJBTDz1aD4nwZ6QRY82rpUz9fMllV6GwNQJUjkk87
LGL0WaAg+AX4QqtuK1p4P5ZocFAoAgwXNpahO0z9BuujDfN35WTzBxID+nLJlZmx
xW6vx2cNQHYlzqgIkyn6NxBzlskMfgd/mVE4XkiJ+mGJTt24LdpTBdL9jK7AU7+r
gCZjivOweVp4fI6HsoGZcIBGF/W1lF5ORgrTLrYH2q985fFSTew60eKopmDZwjtQ
YSBHT53W88Lc0Wx2R3AMmIpHMFoJfEe8fRmg57GFeHbdOwqIrusoTXnL8zCHtLqk
3PGt3psmNQM3mBBi
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:04:13 2025 by rpki-client