Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/kXDtSEP8wehej7ozup3ULNF_kxE.roa
File: kXDtSEP8wehej7ozup3ULNF_kxE.roa (raw, json)
Hash identifier: pFGVv12QjKqbl/zBNnLTn7joQ5O/ICyXPOVOcqhZ97Q=
Subject key identifier: 91:70:ED:48:43:FC:C1:E8:5E:8F:BA:33:BA:9D:D4:2C:D1:7F:93:11
Certificate issuer: /CN=66f90e75df98afb43019ce750350e769b99fbc13
Certificate serial: 019425FCA20429982C6A6CDB7F102AC1C10A
Authority key identifier: 66:F9:0E:75:DF:98:AF:B4:30:19:CE:75:03:50:E7:69:B9:9F:BC:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvkOdd-Yr7QwGc51A1DnabmfvBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/kXDtSEP8wehej7ozup3ULNF_kxE.roa
Signing time: Thu 02 Jan 2025 07:48:21 +0000
ROA not before: Thu 02 Jan 2025 07:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29075
IP address blocks: 46.23.240.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:a2:04:29:98:2c:6a:6c:db:7f:10:2a:c1:c1:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f90e75df98afb43019ce750350e769b99fbc13
Validity
Not Before: Jan 2 07:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9170ed4843fcc1e85e8fba33ba9dd42cd17f9311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:73:4b:6c:c0:65:eb:54:9a:e2:13:8a:de:80:
0f:84:da:4f:99:fc:b8:d9:8b:27:74:31:95:fb:1a:
94:f7:ec:86:34:98:d0:9d:a8:f3:54:7f:2d:a2:98:
fc:27:cd:44:55:d8:f8:a0:3e:c5:9a:50:0b:19:93:
39:e0:97:49:3e:3c:2a:96:9d:f0:15:67:5d:1c:1c:
8a:82:fb:6b:91:ab:17:75:8c:87:42:8d:31:f6:21:
8a:d3:d6:76:c2:03:3e:48:68:e9:4e:a7:b9:35:a0:
73:95:5b:53:88:0d:f6:dc:ba:f6:2d:1b:f1:bc:9a:
32:71:20:df:42:7a:4c:46:d9:b5:5e:30:4a:c3:3b:
f1:71:5e:12:d4:dc:68:4c:45:7b:67:ef:69:94:30:
5e:30:bb:4a:d1:6d:06:08:b5:dc:b1:9d:53:84:8e:
b4:1b:fc:12:9c:c6:5b:1e:b7:46:a2:69:61:9c:90:
10:6a:25:6a:36:40:da:41:2f:f7:5d:cb:16:5c:d0:
b2:f0:ad:df:ab:1a:97:a0:a3:4a:41:ef:35:d2:ca:
6d:ae:ec:a2:92:63:59:82:97:70:0a:5b:ab:2b:6a:
00:fe:f9:e6:07:70:24:c2:c8:52:d0:f7:bb:3b:0e:
d5:81:bf:c4:a4:4b:21:70:11:3d:91:53:a8:1f:ae:
f0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:70:ED:48:43:FC:C1:E8:5E:8F:BA:33:BA:9D:D4:2C:D1:7F:93:11
X509v3 Authority Key Identifier:
keyid:66:F9:0E:75:DF:98:AF:B4:30:19:CE:75:03:50:E7:69:B9:9F:BC:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvkOdd-Yr7QwGc51A1DnabmfvBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/kXDtSEP8wehej7ozup3ULNF_kxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5a698d-998a-48ba-8dc5-333f0c99279e/1/ZvkOdd-Yr7QwGc51A1DnabmfvBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.240.0/20
Signature Algorithm: sha256WithRSAEncryption
5c:d1:4c:8b:36:2d:a2:4e:3a:ef:70:e0:16:88:de:af:4f:5d:
c3:72:3e:ef:43:0c:ab:4f:8f:98:03:61:ae:5a:a7:a4:3c:fd:
a8:d0:ce:ea:09:7f:4b:fe:0e:56:5b:ab:86:2a:77:2a:56:f8:
5d:65:3c:5d:07:b0:5a:5e:03:b9:0f:b6:e8:32:35:98:6b:9e:
2d:e8:28:38:f2:65:e3:ea:77:eb:f7:f4:e0:3a:2a:92:95:42:
7b:1a:b1:08:56:53:39:1d:f9:be:29:47:9d:cf:da:0c:26:19:
de:8f:18:dc:d9:e3:c5:b1:6e:00:5e:2c:db:ea:ee:93:7d:01:
9e:16:64:6e:80:b9:4e:a9:81:29:72:88:98:df:c0:c3:18:74:
1a:c3:7d:05:81:ea:a5:3b:1d:02:2a:4c:8a:17:28:05:6d:97:
a2:48:85:50:2e:22:b3:09:80:f4:47:21:f3:7a:ba:90:36:dc:
e6:68:b5:3e:a6:c1:f7:e4:37:64:66:3c:ee:4f:70:09:2b:0c:
d5:1f:42:39:59:45:de:40:31:f4:9d:61:88:84:3b:98:c3:92:
57:91:bd:a4:9b:fe:90:ec:0a:67:d0:72:42:48:c6:01:c7:c9:
9c:7f:4f:12:8b:e9:46:2b:b5:c5:ba:9c:e9:23:16:95:3d:30:
3f:71:7f:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/KIEKZgsamzbfxAqwcEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjkwZTc1ZGY5OGFmYjQzMDE5Y2U3NTAzNTBlNzY5Yjk5
ZmJjMTMwHhcNMjUwMTAyMDc0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTcwZWQ0ODQzZmNjMWU4NWU4ZmJhMzNiYTlkZDQyY2QxN2Y5MzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHNLbMBl61Sa4hOK3oAPhNpPmfy4
2YsndDGV+xqU9+yGNJjQnajzVH8topj8J81EVdj4oD7FmlALGZM54JdJPjwqlp3w
FWddHByKgvtrkasXdYyHQo0x9iGK09Z2wgM+SGjpTqe5NaBzlVtTiA323Lr2LRvx
vJoycSDfQnpMRtm1XjBKwzvxcV4S1NxoTEV7Z+9plDBeMLtK0W0GCLXcsZ1ThI60
G/wSnMZbHrdGomlhnJAQaiVqNkDaQS/3XcsWXNCy8K3fqxqXoKNKQe810sptruyi
kmNZgpdwClurK2oA/vnmB3AkwshS0Pe7Ow7Vgb/EpEshcBE9kVOoH67wdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFw7UhD/MHoXo+6M7qd1CzRf5MRMB8GA1UdIwQY
MBaAFGb5DnXfmK+0MBnOdQNQ52m5n7wTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZrT2RkLVlyN1F3R2M1MUExRG5hYm1mdkJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81YTY5OGQtOTk4YS00OGJhLThkYzUt
MzMzZjBjOTkyNzllLzEva1hEdFNFUDh3ZWhlajdvenVwM1VMTkZfa3hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81YTY5OGQtOTk4YS00OGJhLThkYzUtMzMzZjBjOTkyNzll
LzEvWnZrT2RkLVlyN1F3R2M1MUExRG5hYm1mdkJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQELhfwMA0G
CSqGSIb3DQEBCwUAA4IBAQBc0UyLNi2iTjrvcOAWiN6vT13Dcj7vQwyrT4+YA2Gu
WqekPP2o0M7qCX9L/g5WW6uGKncqVvhdZTxdB7BaXgO5D7boMjWYa54t6Cg48mXj
6nfr9/TgOiqSlUJ7GrEIVlM5Hfm+KUedz9oMJhnejxjc2ePFsW4AXizb6u6TfQGe
FmRugLlOqYEpcoiY38DDGHQaw30FgeqlOx0CKkyKFygFbZeiSIVQLiKzCYD0RyHz
erqQNtzmaLU+psH35DdkZjzuT3AJKwzVH0I5WUXeQDH0nWGIhDuYw5JXkb2km/6Q
7Apn0HJCSMYBx8mcf08Si+lGK7XFupzpIxaVPTA/cX8d
-----END CERTIFICATE-----
Generated at Sat Apr 26 23:01:59 2025 by rpki-client