Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/Zc3EPNVFRcdWBGFghDwIYYsiutk.roa
File: Zc3EPNVFRcdWBGFghDwIYYsiutk.roa (raw, json)
Hash identifier: m81UKM1wAmpf9BPJ2gZjuvXEWH2Fd1esmxulacEVZrY=
Subject key identifier: 65:CD:C4:3C:D5:45:45:C7:56:04:61:60:84:3C:08:61:8B:22:BA:D9
Certificate issuer: /CN=f7aa039b886b226578bdb6a42781bf59044bb138
Certificate serial: 019424B3344B82E003FB7C588F561F001B45
Authority key identifier: F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/Zc3EPNVFRcdWBGFghDwIYYsiutk.roa
Signing time: Thu 02 Jan 2025 01:48:31 +0000
ROA not before: Thu 02 Jan 2025 01:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48225
IP address blocks: 46.252.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:34:4b:82:e0:03:fb:7c:58:8f:56:1f:00:1b:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7aa039b886b226578bdb6a42781bf59044bb138
Validity
Not Before: Jan 2 01:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65cdc43cd54545c756046160843c08618b22bad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c4:2a:d8:48:b5:f2:ff:98:3d:76:d5:ca:25:
b2:8e:fb:38:ec:77:c6:04:35:0b:9b:a7:f9:a3:32:
0d:0c:29:81:b7:e3:86:dd:1f:26:8f:61:f2:3c:a3:
f9:5a:44:87:00:70:c3:0b:99:4d:60:bc:df:f0:3f:
7c:34:3d:74:2f:42:87:43:50:26:61:cf:01:4a:28:
be:dc:82:1b:6a:e9:0a:4f:e5:20:42:f9:f9:d8:6d:
8e:3d:14:4c:de:09:0d:9b:4d:55:6f:a2:60:2a:94:
46:2d:42:ed:24:ee:dd:9a:a5:dd:24:49:76:71:ba:
55:c7:50:ab:8e:1e:58:53:6d:a8:d9:f2:b9:09:d6:
30:1c:b1:df:39:71:40:80:9b:57:37:6a:01:9f:f3:
fe:1b:e2:56:79:7b:47:48:16:e5:d8:03:64:01:f8:
22:df:af:3e:95:51:b4:f1:52:8b:30:56:d9:a8:27:
9f:65:a6:cf:17:31:bb:e7:13:19:fa:95:5e:d0:04:
6d:07:0b:8a:a3:1b:3d:af:82:07:68:6a:08:f7:e8:
30:62:03:35:53:a4:a6:86:8c:8a:f5:4f:8e:89:10:
dc:0e:19:05:6e:18:aa:7c:fe:9a:5c:05:78:ed:6f:
03:2f:92:5a:67:8d:dc:68:db:8e:eb:fa:fe:44:5f:
a8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:CD:C4:3C:D5:45:45:C7:56:04:61:60:84:3C:08:61:8B:22:BA:D9
X509v3 Authority Key Identifier:
keyid:F7:AA:03:9B:88:6B:22:65:78:BD:B6:A4:27:81:BF:59:04:4B:B1:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/96oDm4hrImV4vbakJ4G_WQRLsTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/Zc3EPNVFRcdWBGFghDwIYYsiutk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4bbd6c-91ef-4461-821b-6f621d736aff/1/96oDm4hrImV4vbakJ4G_WQRLsTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.251.0/24
Signature Algorithm: sha256WithRSAEncryption
45:5e:b1:d5:c1:2a:d3:e2:a2:f0:18:77:6a:fa:a8:01:d0:01:
8b:13:ba:a7:74:32:3a:05:ce:f1:fe:1d:44:0e:57:eb:26:f4:
78:70:9b:69:58:10:18:d9:cc:a1:1e:b4:ac:f9:88:3c:82:b2:
13:b3:87:2e:3b:27:49:f9:b9:b0:73:29:5b:78:13:70:29:94:
be:63:1c:3c:f9:6e:be:d8:27:9a:0a:12:b8:da:7a:da:ec:66:
bf:a8:3e:62:f1:a6:b5:12:a5:19:57:6d:36:4f:60:ab:5c:c1:
ab:3b:44:c8:12:1e:d6:fa:74:7a:1e:8e:46:37:75:c6:55:24:
6e:80:32:1f:a0:31:1a:15:bd:84:f4:ae:41:74:76:59:0f:7c:
45:b3:c9:57:03:56:8c:8f:86:29:17:e4:15:24:a3:dd:08:1f:
96:ab:23:2f:2f:ad:f8:a4:2b:a7:d8:d4:f4:c7:49:15:37:9c:
df:a2:25:77:02:f1:0b:63:19:ff:74:3d:8c:6f:91:50:8d:66:
b0:7b:cc:e4:83:fd:fe:42:52:a5:b1:31:93:6f:c6:cb:28:07:
a8:66:94:3a:a4:2c:ce:6f:0f:40:d2:ac:ff:36:2a:c8:b8:9f:
f7:8a:ad:88:b6:3e:07:b7:08:82:6c:a6:f6:9a:b7:34:14:4c:
7c:ed:c8:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkszRLguAD+3xYj1YfABtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YWEwMzliODg2YjIyNjU3OGJkYjZhNDI3ODFiZjU5MDQ0
YmIxMzgwHhcNMjUwMTAyMDE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWNkYzQzY2Q1NDU0NWM3NTYwNDYxNjA4NDNjMDg2MThiMjJiYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcQq2Ei18v+YPXbVyiWyjvs47HfG
BDULm6f5ozINDCmBt+OG3R8mj2HyPKP5WkSHAHDDC5lNYLzf8D98ND10L0KHQ1Am
Yc8BSii+3IIbaukKT+UgQvn52G2OPRRM3gkNm01Vb6JgKpRGLULtJO7dmqXdJEl2
cbpVx1Crjh5YU22o2fK5CdYwHLHfOXFAgJtXN2oBn/P+G+JWeXtHSBbl2ANkAfgi
368+lVG08VKLMFbZqCefZabPFzG75xMZ+pVe0ARtBwuKoxs9r4IHaGoI9+gwYgM1
U6SmhoyK9U+OiRDcDhkFbhiqfP6aXAV47W8DL5JaZ43caNuO6/r+RF+oLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGXNxDzVRUXHVgRhYIQ8CGGLIrrZMB8GA1UdIwQY
MBaAFPeqA5uIayJleL22pCeBv1kES7E4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWIt
NmY2MjFkNzM2YWZmLzEvWmMzRVBOVkZSY2RXQkdGZ2hEd0lZWXNpdXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80YmJkNmMtOTFlZi00NDYxLTgyMWItNmY2MjFkNzM2YWZm
LzEvOTZvRG00aHJJbVY0dmJha0o0R19XUVJMc1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALvz7MA0G
CSqGSIb3DQEBCwUAA4IBAQBFXrHVwSrT4qLwGHdq+qgB0AGLE7qndDI6Bc7x/h1E
DlfrJvR4cJtpWBAY2cyhHrSs+Yg8grITs4cuOydJ+bmwcylbeBNwKZS+Yxw8+W6+
2CeaChK42nra7Ga/qD5i8aa1EqUZV202T2CrXMGrO0TIEh7W+nR6Ho5GN3XGVSRu
gDIfoDEaFb2E9K5BdHZZD3xFs8lXA1aMj4YpF+QVJKPdCB+WqyMvL634pCun2NT0
x0kVN5zfoiV3AvELYxn/dD2Mb5FQjWawe8zkg/3+QlKlsTGTb8bLKAeoZpQ6pCzO
bw9A0qz/NirIuJ/3iq2Itj4HtwiCbKb2mrc0FEx87cgV
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:47 2025 by rpki-client