Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/D46VMQb05uTNgl5dbNVDFYzDjzE.roa
File: D46VMQb05uTNgl5dbNVDFYzDjzE.roa (raw, json)
Hash identifier: V0B6OmfcULHphu50p4sAuyLvveC3GQAGdFvTao1f9Y8=
Subject key identifier: 0F:8E:95:31:06:F4:E6:E4:CD:82:5E:5D:6C:D5:43:15:8C:C3:8F:31
Certificate issuer: /CN=bbbe9612d1440bc6c704e0465f0ef5d6ca7397a6
Certificate serial: 0194228E3DCBAD46C9489DF41E276C50FD9E
Authority key identifier: BB:BE:96:12:D1:44:0B:C6:C7:04:E0:46:5F:0E:F5:D6:CA:73:97:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u76WEtFEC8bHBOBGXw711spzl6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/D46VMQb05uTNgl5dbNVDFYzDjzE.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31272
IP address blocks: 5.255.32.0/20 maxlen: 32
37.25.96.0/19 maxlen: 32
46.33.224.0/19 maxlen: 32
77.247.16.0/20 maxlen: 32
80.252.240.0/20 maxlen: 32
109.104.160.0/19 maxlen: 32
141.101.0.0/19 maxlen: 32
185.35.100.0/22 maxlen: 32
185.147.60.0/22 maxlen: 32
185.147.196.0/22 maxlen: 32
185.148.56.0/22 maxlen: 32
185.159.160.0/22 maxlen: 32
212.92.224.0/19 maxlen: 32
217.77.208.0/20 maxlen: 32
2a00:bc00::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3d:cb:ad:46:c9:48:9d:f4:1e:27:6c:50:fd:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbbe9612d1440bc6c704e0465f0ef5d6ca7397a6
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f8e953106f4e6e4cd825e5d6cd543158cc38f31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6f:dc:10:a8:28:ac:41:df:55:67:dd:96:5b:
50:4a:0f:13:5a:af:7f:d0:4f:cc:01:95:0c:55:01:
f5:1b:63:30:97:42:23:88:c1:1c:d0:b0:3e:9a:fd:
25:0c:41:24:d6:c5:3f:b4:e7:d8:0e:30:b4:8d:5a:
fd:d8:53:b2:72:8f:6c:64:df:b4:2b:1d:81:ba:6e:
e8:4b:d4:17:23:47:89:8f:4b:67:21:65:c6:44:3a:
65:52:3c:be:57:bc:c3:d5:e8:43:ef:2a:af:44:f8:
6d:d1:94:7b:26:24:ca:15:df:67:a0:93:2c:49:c6:
36:e0:ce:5f:f1:b3:d4:7b:1b:b9:ed:df:aa:34:7e:
24:19:f9:d0:a0:af:d8:ba:a1:33:8a:8b:0e:63:ba:
46:4c:fe:5c:d2:fe:70:a6:c5:54:fc:ce:b9:19:95:
50:5f:28:ab:86:70:ee:48:d1:d3:78:6a:c3:7a:b6:
56:3a:3e:c7:fa:0b:62:34:66:44:e9:52:60:d0:3b:
cf:9d:8d:7c:50:a0:5e:11:84:10:1c:f9:f0:38:48:
e2:be:dc:8f:28:81:95:fa:68:44:ed:cf:77:a2:19:
34:df:71:83:6f:47:e6:2a:41:17:01:15:ca:5e:ff:
06:bb:ee:d2:2f:0b:d6:38:83:76:00:9a:86:24:9c:
bf:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8E:95:31:06:F4:E6:E4:CD:82:5E:5D:6C:D5:43:15:8C:C3:8F:31
X509v3 Authority Key Identifier:
keyid:BB:BE:96:12:D1:44:0B:C6:C7:04:E0:46:5F:0E:F5:D6:CA:73:97:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u76WEtFEC8bHBOBGXw711spzl6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/D46VMQb05uTNgl5dbNVDFYzDjzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/u76WEtFEC8bHBOBGXw711spzl6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.32.0/20
37.25.96.0/19
46.33.224.0/19
77.247.16.0/20
80.252.240.0/20
109.104.160.0/19
141.101.0.0/19
185.35.100.0/22
185.147.60.0/22
185.147.196.0/22
185.148.56.0/22
185.159.160.0/22
212.92.224.0/19
217.77.208.0/20
IPv6:
2a00:bc00::/32
Signature Algorithm: sha256WithRSAEncryption
69:c6:10:27:f2:ac:fb:b2:ed:24:d9:4e:74:30:a3:ad:03:98:
35:a7:94:46:99:85:e5:d4:e8:f0:fd:cf:f5:4b:dd:32:af:9f:
b8:1b:96:e5:a7:29:2e:49:90:3a:63:7c:4a:02:05:eb:15:83:
6b:53:61:7a:18:9f:78:7f:8c:f2:e2:a7:a1:d7:36:1f:74:ca:
07:7b:57:3e:e6:85:fe:90:fa:01:5c:dc:dc:56:be:c1:50:7a:
8d:6e:a5:b9:09:fb:81:c5:d5:70:7f:f7:21:2e:2b:07:96:66:
6a:7c:3e:44:75:23:f3:af:fb:d8:05:6a:a4:2b:df:67:de:ad:
3c:20:41:fc:02:96:e2:07:f7:fb:57:c1:51:52:9e:ad:e7:8a:
47:2a:1a:b9:e7:8f:90:ae:d5:ed:35:1e:2a:7d:7c:84:7c:3a:
c8:2a:c2:cd:36:57:47:0d:59:50:4a:a4:68:61:84:52:f9:7f:
7d:ff:f5:a4:b7:bb:d2:97:6b:aa:52:d0:47:81:a8:15:f6:19:
7a:a6:f4:2d:c9:40:e4:5f:ea:74:14:1d:36:8d:83:6f:a7:27:
2d:5c:ca:23:b7:53:f2:71:cf:28:2a:2e:bf:24:fe:61:6e:92:
4e:16:2b:02:5d:3e:b7:93:60:71:a5:99:5f:d9:dd:96:73:0c:
0c:93:35:15
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZQijj3LrUbJSJ30HidsUP2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYmU5NjEyZDE0NDBiYzZjNzA0ZTA0NjVmMGVmNWQ2Y2E3
Mzk3YTYwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjhlOTUzMTA2ZjRlNmU0Y2Q4MjVlNWQ2Y2Q1NDMxNThjYzM4ZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW/cEKgorEHfVWfdlltQSg8TWq9/
0E/MAZUMVQH1G2Mwl0IjiMEc0LA+mv0lDEEk1sU/tOfYDjC0jVr92FOyco9sZN+0
Kx2Bum7oS9QXI0eJj0tnIWXGRDplUjy+V7zD1ehD7yqvRPht0ZR7JiTKFd9noJMs
ScY24M5f8bPUexu57d+qNH4kGfnQoK/YuqEziosOY7pGTP5c0v5wpsVU/M65GZVQ
XyirhnDuSNHTeGrDerZWOj7H+gtiNGZE6VJg0DvPnY18UKBeEYQQHPnwOEjivtyP
KIGV+mhE7c93ohk033GDb0fmKkEXARXKXv8Gu+7SLwvWOIN2AJqGJJy/tQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFA+OlTEG9ObkzYJeXWzVQxWMw48xMB8GA1UdIwQY
MBaAFLu+lhLRRAvGxwTgRl8O9dbKc5emMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTc2V0V0RkVDOGJIQk9CR1h3NzExc3B6bDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9mMjY0MGEtNDZlNy00NjUwLTgzYzUt
Y2M1NWI4MTMwMmNmLzEvRDQ2Vk1RYjA1dVROZ2w1ZGJOVkRGWXpEanpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9mMjY0MGEtNDZlNy00NjUwLTgzYzUtY2M1NWI4MTMwMmNm
LzEvdTc2V0V0RkVDOGJIQk9CR1h3NzExc3B6bDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQEBf8gAwQF
JRlgAwQFLiHgAwQETfcQAwQEUPzwAwQFbWigAwQFjWUAAwQCuSNkAwQCuZM8AwQC
uZPEAwQCuZQ4AwQCuZ+gAwQF1FzgAwQE2U3QMA0EAgACMAcDBQAqALwAMA0GCSqG
SIb3DQEBCwUAA4IBAQBpxhAn8qz7su0k2U50MKOtA5g1p5RGmYXl1Ojw/c/1S90y
r5+4G5blpykuSZA6Y3xKAgXrFYNrU2F6GJ94f4zy4qeh1zYfdMoHe1c+5oX+kPoB
XNzcVr7BUHqNbqW5CfuBxdVwf/chLisHlmZqfD5EdSPzr/vYBWqkK99n3q08IEH8
ApbiB/f7V8FRUp6t54pHKhq554+QrtXtNR4qfXyEfDrIKsLNNldHDVlQSqRoYYRS
+X99//Wkt7vSl2uqUtBHgagV9hl6pvQtyUDkX+p0FB02jYNvpyctXMojt1Pycc8o
Ki6/JP5hbpJOFisCXT63k2BxpZlf2d2WcwwMkzUV
-----END CERTIFICATE-----
Generated at Thu May 1 16:06:17 2025 by rpki-client