Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/3IHX9JIlfr3Dk5XlRdW-7lg4QY0.roa
File: 3IHX9JIlfr3Dk5XlRdW-7lg4QY0.roa (raw, json)
Hash identifier: phVZ8bPQCWvi4f6XXfdBMOctC6oPETIwAjTgpAydR44=
Subject key identifier: DC:81:D7:F4:92:25:7E:BD:C3:93:95:E5:45:D5:BE:EE:58:38:41:8D
Certificate issuer: /CN=535db143e906aa20e5782907f845d4a76962ff7b
Certificate serial: 0194221FC704BAB4149D58EF18912879F537
Authority key identifier: 53:5D:B1:43:E9:06:AA:20:E5:78:29:07:F8:45:D4:A7:69:62:FF:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U12xQ-kGqiDleCkH-EXUp2li_3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/3IHX9JIlfr3Dk5XlRdW-7lg4QY0.roa
Signing time: Wed 01 Jan 2025 13:48:15 +0000
ROA not before: Wed 01 Jan 2025 13:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51785
IP address blocks: 46.18.248.0/21 maxlen: 21
46.18.248.0/23 maxlen: 23
46.18.248.0/24 maxlen: 24
46.18.249.0/24 maxlen: 24
46.18.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c7:04:ba:b4:14:9d:58:ef:18:91:28:79:f5:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535db143e906aa20e5782907f845d4a76962ff7b
Validity
Not Before: Jan 1 13:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc81d7f492257ebdc39395e545d5beee5838418d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:24:0f:22:29:86:0c:fe:22:d3:22:01:95:cf:
0e:e2:60:95:f9:46:2f:0c:01:5a:8e:f2:15:d8:e7:
ca:45:3e:60:d8:63:f0:72:fe:f1:b2:2c:48:f6:d5:
fd:ad:14:e2:e5:3a:6b:57:20:59:e1:90:59:5f:94:
9b:b7:8d:00:0f:fd:3d:9b:78:c3:8f:25:4e:ed:7a:
44:39:29:b8:e8:db:b7:a3:5f:ec:06:d8:a5:78:02:
8b:fc:f4:5c:8a:ec:3a:38:59:58:d1:d0:52:55:30:
eb:b6:3e:14:1e:0a:b4:25:6e:7c:ad:76:4c:39:24:
c3:00:df:3e:e6:0d:3a:71:08:78:e3:10:1e:a4:3b:
2d:c3:ca:e0:00:c2:62:c3:11:56:40:59:1a:7b:cd:
06:aa:63:7b:7a:94:e4:37:c3:f8:da:5c:0f:1a:b7:
1a:04:76:e3:4a:f9:a9:6b:14:30:3d:01:c0:15:a5:
ed:c2:e1:63:e8:fa:dd:46:13:38:2e:2e:41:2f:07:
75:dd:a5:87:d8:0f:c0:89:78:b4:5e:d5:01:98:55:
53:3c:fe:78:b7:a7:26:e6:f5:7c:35:83:c3:87:7b:
5c:b8:70:a4:ea:26:2f:d1:54:e9:2d:da:39:02:44:
1d:7d:15:2d:aa:85:33:13:a2:8e:5e:b4:80:06:2a:
cc:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:81:D7:F4:92:25:7E:BD:C3:93:95:E5:45:D5:BE:EE:58:38:41:8D
X509v3 Authority Key Identifier:
keyid:53:5D:B1:43:E9:06:AA:20:E5:78:29:07:F8:45:D4:A7:69:62:FF:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U12xQ-kGqiDleCkH-EXUp2li_3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/3IHX9JIlfr3Dk5XlRdW-7lg4QY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/1a8d98-34c9-4d26-97dc-48731b3c03a4/1/U12xQ-kGqiDleCkH-EXUp2li_3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.248.0/21
Signature Algorithm: sha256WithRSAEncryption
9f:34:b6:0c:9e:72:7a:1a:99:6c:2b:cf:f9:d3:3d:d9:38:0f:
88:2b:dd:ac:f3:96:98:d5:23:68:a2:0b:43:f8:eb:fc:6e:ff:
35:0b:e0:49:54:a8:11:fd:c3:3d:33:2e:19:d2:b2:cd:d6:70:
58:6f:1c:7a:a0:6f:78:1f:a0:ef:5d:80:9d:bd:3b:da:d4:ce:
6d:3f:5c:25:a5:d3:d6:fb:11:02:ec:2c:56:3e:94:f1:ca:d1:
69:5e:4a:5d:4b:48:e3:b5:2f:94:bd:49:cb:4b:20:22:37:a3:
af:52:d0:99:27:f7:ea:27:be:fe:58:4b:94:0e:15:e2:11:cb:
8a:47:88:08:b5:cd:76:4e:b3:89:9a:68:2d:33:ad:ab:14:38:
46:22:58:81:e8:2d:86:6d:d3:1a:66:33:72:4b:64:b7:3b:12:
58:07:7d:76:58:52:97:36:9d:c6:70:4b:2b:5a:db:2c:eb:24:
62:11:61:cc:8c:d7:77:6b:3b:e0:af:bd:2a:67:8e:3d:e2:99:
71:bc:5a:db:96:63:7a:80:ea:3c:12:96:41:9a:1f:64:ba:92:
02:1b:0e:2c:f3:f5:bd:a5:e2:8b:ce:0d:08:43:f3:70:73:5e:
ba:20:a2:9a:7a:5d:2c:4d:b4:37:c2:b1:52:d6:87:58:be:78:
83:23:75:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH8cEurQUnVjvGJEoefU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWRiMTQzZTkwNmFhMjBlNTc4MjkwN2Y4NDVkNGE3Njk2
MmZmN2IwHhcNMjUwMTAxMTM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzgxZDdmNDkyMjU3ZWJkYzM5Mzk1ZTU0NWQ1YmVlZTU4Mzg0MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiQPIimGDP4i0yIBlc8O4mCV+UYv
DAFajvIV2OfKRT5g2GPwcv7xsixI9tX9rRTi5TprVyBZ4ZBZX5Sbt40AD/09m3jD
jyVO7XpEOSm46Nu3o1/sBtileAKL/PRciuw6OFlY0dBSVTDrtj4UHgq0JW58rXZM
OSTDAN8+5g06cQh44xAepDstw8rgAMJiwxFWQFkae80GqmN7epTkN8P42lwPGrca
BHbjSvmpaxQwPQHAFaXtwuFj6PrdRhM4Li5BLwd13aWH2A/AiXi0XtUBmFVTPP54
t6cm5vV8NYPDh3tcuHCk6iYv0VTpLdo5AkQdfRUtqoUzE6KOXrSABirMpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyB1/SSJX69w5OV5UXVvu5YOEGNMB8GA1UdIwQY
MBaAFFNdsUPpBqog5XgpB/hF1KdpYv97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTEyeFEta0dxaURsZUNrSC1FWFVwMmxpXzNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8xYThkOTgtMzRjOS00ZDI2LTk3ZGMt
NDg3MzFiM2MwM2E0LzEvM0lIWDlKSWxmcjNEazVYbFJkVy03bGc0UVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8xYThkOTgtMzRjOS00ZDI2LTk3ZGMtNDg3MzFiM2MwM2E0
LzEvVTEyeFEta0dxaURsZUNrSC1FWFVwMmxpXzNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLhL4MA0G
CSqGSIb3DQEBCwUAA4IBAQCfNLYMnnJ6GplsK8/50z3ZOA+IK92s85aY1SNoogtD
+Ov8bv81C+BJVKgR/cM9My4Z0rLN1nBYbxx6oG94H6DvXYCdvTva1M5tP1wlpdPW
+xEC7CxWPpTxytFpXkpdS0jjtS+UvUnLSyAiN6OvUtCZJ/fqJ77+WEuUDhXiEcuK
R4gItc12TrOJmmgtM62rFDhGIliB6C2GbdMaZjNyS2S3OxJYB312WFKXNp3GcEsr
Wtss6yRiEWHMjNd3azvgr70qZ4494plxvFrblmN6gOo8EpZBmh9kupICGw4s8/W9
peKLzg0IQ/Nwc166IKKael0sTbQ3wrFS1odYvniDI3X4
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:03:27 2025 by rpki-client