Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/brfKmaHZgWhn9Y1IgcosJigVegE.roa
File: brfKmaHZgWhn9Y1IgcosJigVegE.roa (raw, json)
Hash identifier: hRHZ0HKst4J6nqgNJucpnxIpgDhzIMo76gGJN9N1kSE=
Subject key identifier: 6E:B7:CA:99:A1:D9:81:68:67:F5:8D:48:81:CA:2C:26:28:15:7A:01
Certificate issuer: /CN=aeac1b2129abbac6539f80da6550c49721d0a8c4
Certificate serial: 0194274880A0C37524FF3A24D3016C56BBD0
Authority key identifier: AE:AC:1B:21:29:AB:BA:C6:53:9F:80:DA:65:50:C4:97:21:D0:A8:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rqwbISmrusZTn4DaZVDElyHQqMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/brfKmaHZgWhn9Y1IgcosJigVegE.roa
Signing time: Thu 02 Jan 2025 13:50:50 +0000
ROA not before: Thu 02 Jan 2025 13:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199604
IP address blocks: 46.227.172.0/24 maxlen: 24
2a02:7a00:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:80:a0:c3:75:24:ff:3a:24:d3:01:6c:56:bb:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeac1b2129abbac6539f80da6550c49721d0a8c4
Validity
Not Before: Jan 2 13:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6eb7ca99a1d9816867f58d4881ca2c2628157a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:83:b0:15:92:17:3a:75:0e:95:c8:5b:f9:6a:
c9:90:59:09:42:bd:cf:fc:8a:12:e4:00:f3:e7:e1:
9d:f1:7f:91:9b:3d:f9:bc:43:39:18:46:53:b3:aa:
03:f9:5a:f8:0a:27:1e:ac:67:e0:41:10:9f:2e:0d:
b3:59:8a:61:79:31:48:2c:f9:32:9f:64:80:89:fb:
0a:20:3b:a1:fc:69:f9:76:bc:ff:e5:d0:93:64:66:
a4:38:d7:6c:98:8e:53:11:78:93:70:e5:72:59:34:
c1:c3:58:ec:be:ac:80:4f:cc:dd:5b:00:ee:c7:99:
cb:ed:c8:91:35:6b:cd:67:1f:23:66:fc:63:4f:4d:
c8:9f:50:02:08:cc:0f:ea:20:04:83:6f:42:ca:b1:
29:e8:d4:84:b5:a6:c8:26:de:59:07:fd:e6:32:4c:
84:5e:aa:db:bf:fc:12:09:f7:60:24:57:37:04:c9:
1b:a8:ff:ad:1f:a4:6b:9e:67:ae:16:10:6b:4e:c0:
c0:4c:4f:fd:22:e6:ea:f6:ab:40:a1:db:03:a4:6f:
63:48:f7:62:a0:f4:9e:db:4b:30:c9:b6:20:73:02:
c0:d2:e1:87:ab:e4:eb:eb:8c:57:4c:57:02:53:02:
ea:bd:57:25:8d:4d:e9:65:28:a2:5f:12:46:8f:be:
f0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B7:CA:99:A1:D9:81:68:67:F5:8D:48:81:CA:2C:26:28:15:7A:01
X509v3 Authority Key Identifier:
keyid:AE:AC:1B:21:29:AB:BA:C6:53:9F:80:DA:65:50:C4:97:21:D0:A8:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rqwbISmrusZTn4DaZVDElyHQqMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/brfKmaHZgWhn9Y1IgcosJigVegE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/b9bb7f-166d-41af-a1db-866b2b021fc5/1/rqwbISmrusZTn4DaZVDElyHQqMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.172.0/24
IPv6:
2a02:7a00:2::/48
Signature Algorithm: sha256WithRSAEncryption
63:bf:a0:37:24:b8:8c:c5:94:c2:57:7b:e5:d6:31:3f:78:f1:
8d:3f:e1:fb:dd:c9:37:08:b9:6d:43:a0:54:27:9a:cb:b2:34:
a2:b1:0c:4e:d4:dc:1a:66:8c:79:0c:e2:80:53:ce:42:54:33:
f2:57:8f:77:10:fa:e1:d6:5e:f8:87:56:b7:55:31:bd:3d:8d:
e0:47:57:26:64:1e:6a:a1:3a:5e:de:83:8a:52:0b:bc:44:c4:
6b:b6:81:77:b4:c2:05:01:5f:8e:ee:16:d7:a4:a0:f3:e3:4f:
58:2a:d2:44:01:aa:6c:c5:ee:f7:6f:4b:4f:b1:47:a6:1d:78:
66:a1:8c:5d:74:e8:49:2d:b4:65:c7:fd:d6:7a:a3:bc:0f:49:
20:56:b5:fa:9d:93:9d:3f:b9:a6:27:20:90:b9:45:ac:9a:2b:
e6:1c:d2:27:e9:29:61:3b:a6:3e:c1:eb:1c:f7:f5:cd:ff:a3:
ff:7e:45:65:8b:10:dc:01:48:6e:97:be:a0:55:c2:d0:83:9e:
74:a6:56:c3:32:4c:26:b7:85:87:f7:03:49:94:0f:4e:06:ce:
c9:6a:20:52:ea:91:1b:61:91:4a:4f:d0:00:d3:29:48:fd:a0:
0a:90:3f:d6:3d:a1:9e:66:60:da:26:b2:3a:07:67:4f:15:88:
81:c7:95:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQnSICgw3Uk/zok0wFsVrvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYWMxYjIxMjlhYmJhYzY1MzlmODBkYTY1NTBjNDk3MjFk
MGE4YzQwHhcNMjUwMTAyMTM1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWI3Y2E5OWExZDk4MTY4NjdmNThkNDg4MWNhMmMyNjI4MTU3YTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoOwFZIXOnUOlchb+WrJkFkJQr3P
/IoS5ADz5+Gd8X+Rmz35vEM5GEZTs6oD+Vr4CicerGfgQRCfLg2zWYpheTFILPky
n2SAifsKIDuh/Gn5drz/5dCTZGakONdsmI5TEXiTcOVyWTTBw1jsvqyAT8zdWwDu
x5nL7ciRNWvNZx8jZvxjT03In1ACCMwP6iAEg29CyrEp6NSEtabIJt5ZB/3mMkyE
Xqrbv/wSCfdgJFc3BMkbqP+tH6RrnmeuFhBrTsDATE/9Iubq9qtAodsDpG9jSPdi
oPSe20swybYgcwLA0uGHq+Tr64xXTFcCUwLqvVcljU3pZSiiXxJGj77wMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG63ypmh2YFoZ/WNSIHKLCYoFXoBMB8GA1UdIwQY
MBaAFK6sGyEpq7rGU5+A2mVQxJch0KjEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnF3YklTbXJ1c1pUbjREYVpWREVseUhRcU1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9iOWJiN2YtMTY2ZC00MWFmLWExZGIt
ODY2YjJiMDIxZmM1LzEvYnJmS21hSFpnV2huOVkxSWdjb3NKaWdWZWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9iOWJiN2YtMTY2ZC00MWFmLWExZGItODY2YjJiMDIxZmM1
LzEvcnF3YklTbXJ1c1pUbjREYVpWREVseUhRcU1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALuOsMA8E
AgACMAkDBwAqAnoAAAIwDQYJKoZIhvcNAQELBQADggEBAGO/oDckuIzFlMJXe+XW
MT948Y0/4fvdyTcIuW1DoFQnmsuyNKKxDE7U3BpmjHkM4oBTzkJUM/JXj3cQ+uHW
XviHVrdVMb09jeBHVyZkHmqhOl7eg4pSC7xExGu2gXe0wgUBX47uFtekoPPjT1gq
0kQBqmzF7vdvS0+xR6YdeGahjF106EkttGXH/dZ6o7wPSSBWtfqdk50/uaYnIJC5
RayaK+Yc0ifpKWE7pj7B6xz39c3/o/9+RWWLENwBSG6XvqBVwtCDnnSmVsMyTCa3
hYf3A0mUD04GzslqIFLqkRthkUpP0ADTKUj9oAqQP9Y9oZ5mYNomsjoHZ08ViIHH
lRI=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:49:12 2025 by rpki-client