Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/WHxsA1CWO5DozwsAC-jJXN6HAeQ.roa
File: WHxsA1CWO5DozwsAC-jJXN6HAeQ.roa (raw, json)
Hash identifier: 4uRGXACzH7jHP+bV4saoaynHmQNNhR8V6kKDmqOWxA0=
Subject key identifier: 58:7C:6C:03:50:96:3B:90:E8:CF:0B:00:0B:E8:C9:5C:DE:87:01:E4
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 019484A756F3593D3957E708A1D4BC871973
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/WHxsA1CWO5DozwsAC-jJXN6HAeQ.roa
Signing time: Mon 20 Jan 2025 16:59:06 +0000
ROA not before: Mon 20 Jan 2025 16:59:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.151.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:84:a7:56:f3:59:3d:39:57:e7:08:a1:d4:bc:87:19:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 20 16:59:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=587c6c0350963b90e8cf0b000be8c95cde8701e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2a:e9:4a:c4:b2:63:a5:fd:7f:23:4c:2c:e6:
b1:64:40:76:b4:c1:ef:fe:7b:1f:aa:3b:ef:1b:86:
34:d8:4c:bd:30:11:17:a7:fc:c8:fc:99:30:3d:bb:
07:52:6b:76:c6:79:eb:71:d5:27:00:e7:59:de:65:
99:b1:93:72:5e:86:10:9a:71:ab:e2:e9:19:73:b3:
ed:04:90:9b:e6:6b:59:1e:9e:3e:aa:79:2e:76:11:
39:98:60:6a:66:34:88:d4:2c:3f:f3:92:d9:3a:6d:
d5:f0:7f:89:97:28:d7:4c:b3:59:95:08:7c:d7:61:
84:ba:17:79:01:e2:f3:0a:34:bf:ea:bd:2c:cf:e2:
fb:38:33:9e:11:fd:5b:41:ad:40:eb:9e:8b:16:05:
a2:02:2e:fd:92:15:3f:22:43:8a:41:0e:ac:8a:b3:
c9:61:a1:9b:2f:29:85:2c:7d:3a:40:fd:28:23:27:
1c:b7:10:2e:c0:ab:f6:13:06:fc:25:2c:38:04:fa:
66:2f:4a:0d:15:98:45:34:03:59:1b:e5:60:60:e8:
0b:a7:42:81:9f:b8:de:d8:61:94:8a:c2:8a:06:77:
6a:0e:e6:69:23:68:5c:9f:a9:28:86:6f:35:aa:0c:
82:09:93:b4:ff:ab:23:ff:85:56:53:b3:75:bb:b0:
f3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:7C:6C:03:50:96:3B:90:E8:CF:0B:00:0B:E8:C9:5C:DE:87:01:E4
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/WHxsA1CWO5DozwsAC-jJXN6HAeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
46.38.151.0/24
185.24.150.0/24
185.29.220.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
9d:2f:6c:ff:08:9b:d5:c4:8b:04:c3:aa:e3:95:da:4d:9b:f8:
10:73:9f:7f:9e:c4:00:78:5b:ba:a0:dd:59:c1:6a:e6:bd:aa:
d8:18:e5:5b:32:e1:11:d6:65:d4:e1:55:c3:77:16:78:5b:5a:
ba:9a:c8:f8:c5:6d:07:d5:ef:35:db:f2:ca:3d:d2:eb:71:1c:
de:25:b0:b1:4b:87:b2:88:4c:af:13:7a:1b:61:26:bf:bf:08:
26:05:74:bf:9f:cb:39:36:a8:5b:62:60:37:f2:6b:a5:0f:49:
06:49:a9:c7:b5:15:f5:c8:59:a7:c5:58:fa:56:20:ec:f4:6b:
8f:9d:9e:a6:dd:ff:de:91:cb:fd:ae:33:1f:cd:d1:86:1c:4a:
d9:dc:4f:fe:c2:1c:e3:90:72:68:91:8f:e9:8a:b1:fb:38:e0:
28:9d:ac:59:59:a9:15:ec:c7:d2:07:5c:a0:38:54:99:ea:93:
16:7d:fc:9a:a3:32:45:3c:99:86:aa:50:33:46:98:90:e4:14:
7e:ad:de:e8:9c:a4:94:35:4a:58:90:7b:44:8f:07:73:60:9f:
16:26:1d:8b:9c:6d:f3:3d:a3:f9:c9:87:91:ce:04:75:b8:e1:
a9:87:f1:b7:0c:0a:b2:53:d2:cc:94:02:0a:46:9b:af:cc:8f:
d0:61:4b:36
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZSEp1bzWT05V+cIodS8hxlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMTIwMTY1OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODdjNmMwMzUwOTYzYjkwZThjZjBiMDAwYmU4Yzk1Y2RlODcwMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCrpSsSyY6X9fyNMLOaxZEB2tMHv
/nsfqjvvG4Y02Ey9MBEXp/zI/JkwPbsHUmt2xnnrcdUnAOdZ3mWZsZNyXoYQmnGr
4ukZc7PtBJCb5mtZHp4+qnkudhE5mGBqZjSI1Cw/85LZOm3V8H+JlyjXTLNZlQh8
12GEuhd5AeLzCjS/6r0sz+L7ODOeEf1bQa1A656LFgWiAi79khU/IkOKQQ6sirPJ
YaGbLymFLH06QP0oIycctxAuwKv2Ewb8JSw4BPpmL0oNFZhFNANZG+VgYOgLp0KB
n7je2GGUisKKBndqDuZpI2hcn6kohm81qgyCCZO0/6sj/4VWU7N1u7DzZwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFFh8bANQljuQ6M8LAAvoyVzehwHkMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvV0h4c0ExQ1dPNURvendzQUMtakpYTjZIQWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQALiaBAwQA
LiaDAwQALiaMAwQALiaXAwQAuRiWAwQBuR3cAwQF1BBAAwQF1FAAMA0EAgACMAcD
BQMqAH2AMA0GCSqGSIb3DQEBCwUAA4IBAQCdL2z/CJvVxIsEw6rjldpNm/gQc59/
nsQAeFu6oN1ZwWrmvarYGOVbMuER1mXU4VXDdxZ4W1q6msj4xW0H1e812/LKPdLr
cRzeJbCxS4eyiEyvE3obYSa/vwgmBXS/n8s5NqhbYmA38mulD0kGSanHtRX1yFmn
xVj6ViDs9GuPnZ6m3f/ekcv9rjMfzdGGHErZ3E/+whzjkHJokY/pirH7OOAonaxZ
WakV7MfSB1ygOFSZ6pMWffyaozJFPJmGqlAzRpiQ5BR+rd7onKSUNUpYkHtEjwdz
YJ8WJh2LnG3zPaP5yYeRzgR1uOGph/G3DAqyU9LMlAIKRpuvzI/QYUs2
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:43:19 2025 by rpki-client