Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/20uDmGvfBsJesoT5BrUQFzxosjo.roa
File: 20uDmGvfBsJesoT5BrUQFzxosjo.roa (raw, json)
Hash identifier: 0VZjOP9T4ID3wlDH0TbfHCtVho9BJQgblzpHlm0skyY=
Subject key identifier: DB:4B:83:98:6B:DF:06:C2:5E:B2:84:F9:06:B5:10:17:3C:68:B2:3A
Certificate issuer: /CN=59ce1cc57acd4d8181ed305385dee78db175e221
Certificate serial: 019427B3C626B60C7771C2104D0248ED6D9C
Authority key identifier: 59:CE:1C:C5:7A:CD:4D:81:81:ED:30:53:85:DE:E7:8D:B1:75:E2:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wc4cxXrNTYGB7TBThd7njbF14iE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/20uDmGvfBsJesoT5BrUQFzxosjo.roa
Signing time: Thu 02 Jan 2025 15:48:00 +0000
ROA not before: Thu 02 Jan 2025 15:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205254
IP address blocks: 46.161.192.0/21 maxlen: 21
46.161.192.0/24 maxlen: 24
46.161.193.0/24 maxlen: 24
46.161.194.0/24 maxlen: 24
46.161.195.0/24 maxlen: 24
46.161.196.0/24 maxlen: 24
46.161.197.0/24 maxlen: 24
46.161.198.0/24 maxlen: 24
46.161.199.0/24 maxlen: 24
185.255.44.0/22 maxlen: 22
185.255.44.0/24 maxlen: 24
185.255.45.0/24 maxlen: 24
185.255.46.0/24 maxlen: 24
185.255.47.0/24 maxlen: 24
2a0c:58c0::/29 maxlen: 29
2a0c:58c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:c6:26:b6:0c:77:71:c2:10:4d:02:48:ed:6d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59ce1cc57acd4d8181ed305385dee78db175e221
Validity
Not Before: Jan 2 15:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db4b83986bdf06c25eb284f906b510173c68b23a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fb:d5:2b:d2:8c:c1:59:d0:69:f6:37:26:56:
9d:b1:37:31:6c:8f:78:2d:19:9f:d3:b0:2a:e3:12:
b7:ea:44:40:7c:f6:e2:2a:df:4a:ac:35:10:07:f6:
0a:da:c0:1b:20:b8:4b:8b:9b:ec:fa:67:c0:2e:6a:
29:77:db:bf:19:02:81:be:fc:93:66:66:fa:32:ae:
d1:c5:76:97:73:bb:53:c6:7c:5c:7e:0f:d0:fe:fa:
a9:c0:63:aa:3f:ff:cc:78:ff:11:23:75:75:7b:15:
db:81:c9:7d:2f:cd:90:04:81:4b:0f:35:ca:76:f0:
ae:6b:1d:37:f1:03:52:86:94:13:a2:bd:2c:a6:3a:
8b:73:27:9d:e2:f5:c7:5f:90:44:5c:ba:0a:f6:fe:
41:6c:e0:c7:76:0d:9b:29:0a:94:96:a6:ac:0b:7c:
07:bb:f1:ed:7a:62:b3:1c:00:1e:1b:27:93:c3:00:
15:57:3b:4a:bc:95:6d:2c:18:07:94:5c:58:ba:be:
48:7f:ee:42:9d:fc:7b:28:4f:9a:94:74:cf:1a:5f:
3d:d7:0e:80:20:15:7d:39:ff:91:29:41:64:8b:98:
9d:2d:da:b9:c3:78:a6:85:51:09:06:ca:f8:65:3e:
00:5f:4e:fc:12:a2:b9:56:a4:1c:80:ae:79:0d:ca:
b8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4B:83:98:6B:DF:06:C2:5E:B2:84:F9:06:B5:10:17:3C:68:B2:3A
X509v3 Authority Key Identifier:
keyid:59:CE:1C:C5:7A:CD:4D:81:81:ED:30:53:85:DE:E7:8D:B1:75:E2:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wc4cxXrNTYGB7TBThd7njbF14iE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/20uDmGvfBsJesoT5BrUQFzxosjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/c144dc-f562-4a3e-b6ca-c162ddfdee73/1/Wc4cxXrNTYGB7TBThd7njbF14iE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.192.0/21
185.255.44.0/22
IPv6:
2a0c:58c0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:82:3e:0a:dc:3a:96:d5:62:f1:a0:e2:72:ed:8c:0c:5c:9f:
df:e6:1d:85:06:e4:8c:b1:5b:0f:a1:3b:07:42:c6:51:6e:0a:
9e:02:cb:a7:76:24:70:c7:9e:80:ef:43:e2:7b:76:99:90:aa:
76:1e:f3:dc:1d:75:97:b1:6a:24:d8:4e:82:a4:3d:a0:c0:bb:
51:e3:6d:c2:42:8b:5b:b9:1c:b7:0f:60:75:36:8c:60:dd:3d:
ad:7b:0f:17:48:01:f1:ff:05:d0:08:55:a1:b9:ae:5a:8b:20:
8b:6c:9e:82:60:7e:11:b1:19:0a:0c:a6:2f:5f:cb:5a:ec:7a:
b7:bb:9a:c7:67:9e:29:6e:35:4b:81:14:09:e9:ff:2f:10:82:
69:17:a9:9a:24:c0:36:0e:5b:63:a1:78:4e:7d:eb:d7:76:e0:
69:43:9f:7b:c0:cf:df:0c:0c:df:b0:c9:e7:8c:a7:12:1c:cd:
d4:b4:c9:47:2b:b8:7e:35:7f:40:52:52:1c:c7:b3:c1:ec:f9:
53:a4:a1:bc:54:e2:86:7e:7b:ad:ad:28:f7:99:45:65:25:69:
ef:12:1f:19:48:e4:4f:e3:b6:bf:c7:c8:24:44:a0:5e:ec:b2:
19:8d:63:11:d2:4a:de:e7:bb:1e:29:c9:f0:4c:18:5b:52:2a:
e2:dc:16:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQns8Ymtgx3ccIQTQJI7W2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5Y2UxY2M1N2FjZDRkODE4MWVkMzA1Mzg1ZGVlNzhkYjE3
NWUyMjEwHhcNMjUwMTAyMTU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjRiODM5ODZiZGYwNmMyNWViMjg0ZjkwNmI1MTAxNzNjNjhiMjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfvVK9KMwVnQafY3JladsTcxbI94
LRmf07Aq4xK36kRAfPbiKt9KrDUQB/YK2sAbILhLi5vs+mfALmopd9u/GQKBvvyT
Zmb6Mq7RxXaXc7tTxnxcfg/Q/vqpwGOqP//MeP8RI3V1exXbgcl9L82QBIFLDzXK
dvCuax038QNShpQTor0spjqLcyed4vXHX5BEXLoK9v5BbODHdg2bKQqUlqasC3wH
u/HtemKzHAAeGyeTwwAVVztKvJVtLBgHlFxYur5If+5Cnfx7KE+alHTPGl891w6A
IBV9Of+RKUFki5idLdq5w3imhVEJBsr4ZT4AX078EqK5VqQcgK55Dcq4dwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNtLg5hr3wbCXrKE+Qa1EBc8aLI6MB8GA1UdIwQY
MBaAFFnOHMV6zU2Bge0wU4Xe542xdeIhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2M0Y3hYck5UWUdCN1RCVGhkN25qYkYxNGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9jMTQ0ZGMtZjU2Mi00YTNlLWI2Y2Et
YzE2MmRkZmRlZTczLzEvMjB1RG1HdmZCc0plc29UNUJyVVFGenhvc2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9jMTQ0ZGMtZjU2Mi00YTNlLWI2Y2EtYzE2MmRkZmRlZTcz
LzEvV2M0Y3hYck5UWUdCN1RCVGhkN25qYkYxNGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLqHAAwQC
uf8sMA0EAgACMAcDBQMqDFjAMA0GCSqGSIb3DQEBCwUAA4IBAQC3gj4K3DqW1WLx
oOJy7YwMXJ/f5h2FBuSMsVsPoTsHQsZRbgqeAsundiRwx56A70Pie3aZkKp2HvPc
HXWXsWok2E6CpD2gwLtR423CQotbuRy3D2B1Noxg3T2tew8XSAHx/wXQCFWhua5a
iyCLbJ6CYH4RsRkKDKYvX8ta7Hq3u5rHZ54pbjVLgRQJ6f8vEIJpF6maJMA2Dltj
oXhOfevXduBpQ597wM/fDAzfsMnnjKcSHM3UtMlHK7h+NX9AUlIcx7PB7PlTpKG8
VOKGfnutrSj3mUVlJWnvEh8ZSORP47a/x8gkRKBe7LIZjWMR0kre57seKcnwTBhb
Uiri3BYg
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:26:05 2025 by rpki-client