Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/Ug41i06gdv9Ukc46NZ5XcrOupdE.roa
File: Ug41i06gdv9Ukc46NZ5XcrOupdE.roa (raw, json)
Hash identifier: llRNNcmXFkFqLY4QgsxGuCXjBef7WAi2K7CKwj9Mkc8=
Subject key identifier: 52:0E:35:8B:4E:A0:76:FF:54:91:CE:3A:35:9E:57:72:B3:AE:A5:D1
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 019423D70F5D8736201FADA306DDA08A463A
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/Ug41i06gdv9Ukc46NZ5XcrOupdE.roa
Signing time: Wed 01 Jan 2025 21:48:04 +0000
ROA not before: Wed 01 Jan 2025 21:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200154
IP address blocks: 46.32.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:0f:5d:87:36:20:1f:ad:a3:06:dd:a0:8a:46:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Jan 1 21:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=520e358b4ea076ff5491ce3a359e5772b3aea5d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1e:4b:29:85:38:51:dc:36:0c:05:a3:a9:80:
bf:5e:91:e9:48:7d:d1:1b:7e:c5:47:bc:72:7c:01:
9b:f0:ae:87:2d:bd:17:b8:f4:74:1d:b3:92:d5:bd:
2b:5a:e1:e9:18:ec:ee:7d:9d:bd:ae:f9:2b:45:ab:
6d:e3:dc:75:e1:b4:70:e6:88:37:50:88:f6:6e:12:
64:e0:9b:4f:e4:65:e4:5f:43:fe:05:93:c6:f5:d3:
d5:ba:e8:6c:9a:83:8f:59:dc:95:b5:48:62:25:cb:
5d:3f:50:00:16:40:62:50:6e:a7:cc:76:b6:ba:5d:
06:53:b9:0a:67:d2:cc:fa:59:4f:51:d2:8f:e9:de:
f3:73:36:c9:c1:20:18:da:2c:d0:d1:ff:83:f8:95:
57:63:b3:a1:6a:a9:5e:dc:76:2a:74:8b:75:53:e2:
74:fe:77:91:47:f8:f2:28:27:d1:28:63:a9:b0:9d:
30:0b:0a:81:73:dd:ee:30:a0:a0:06:4d:7f:dc:88:
72:4f:9c:d4:9b:ce:f6:fc:d1:d7:64:32:d0:ef:b9:
6f:82:93:94:de:72:a0:f5:99:c7:cb:5d:3c:b5:cc:
60:ae:e0:57:89:55:cf:4f:fb:5b:2c:a5:1e:4c:d4:
99:73:cb:90:56:4a:7f:ea:f5:3f:72:f7:3c:a8:5e:
20:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:0E:35:8B:4E:A0:76:FF:54:91:CE:3A:35:9E:57:72:B3:AE:A5:D1
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/Ug41i06gdv9Ukc46NZ5XcrOupdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.163.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:b3:13:17:aa:56:99:85:b7:2c:e2:b2:bb:7a:fd:76:b3:b3:
79:33:d4:49:1d:fc:8b:08:f0:69:18:31:fb:18:80:4c:cd:0b:
86:c2:54:32:b1:3e:17:bb:e1:8c:ab:c5:fd:9a:ea:c7:72:93:
80:b5:63:b0:f3:be:1f:83:52:66:eb:6c:40:1f:76:1a:5b:73:
df:dc:88:2a:fb:6a:03:24:8b:ff:f3:61:98:9f:94:43:15:e2:
36:1d:0e:59:39:96:b0:df:32:ce:c6:a4:bf:40:bf:e2:47:f6:
e4:3c:e9:56:72:6e:94:7a:36:b4:64:56:8c:c5:41:9f:96:c9:
71:91:9e:15:43:fc:16:5a:19:49:0d:50:d8:52:c1:a9:50:f6:
8f:c9:3d:a5:a3:8d:f6:c6:8c:f4:a2:db:2d:12:4d:c0:46:61:
39:65:9e:01:17:b4:8c:7b:70:6a:91:16:7f:0e:3b:20:58:79:
86:8c:be:bf:e0:a5:d2:a2:b3:61:13:be:8f:7a:cb:22:b8:7c:
ed:a8:4f:b0:6b:2b:f4:33:e7:af:9c:d4:40:0e:09:14:68:a9:
51:48:0c:7e:0f:42:72:67:e2:3f:d4:aa:eb:18:9d:d3:d4:dd:
84:c4:9d:d4:cb:61:84:3d:c5:1c:da:f4:2e:71:3a:7d:29:ac:
aa:38:e5:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1w9dhzYgH62jBt2gikY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjUwMTAxMjE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjBlMzU4YjRlYTA3NmZmNTQ5MWNlM2EzNTllNTc3MmIzYWVhNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR5LKYU4Udw2DAWjqYC/XpHpSH3R
G37FR7xyfAGb8K6HLb0XuPR0HbOS1b0rWuHpGOzufZ29rvkrRatt49x14bRw5og3
UIj2bhJk4JtP5GXkX0P+BZPG9dPVuuhsmoOPWdyVtUhiJctdP1AAFkBiUG6nzHa2
ul0GU7kKZ9LM+llPUdKP6d7zczbJwSAY2izQ0f+D+JVXY7Ohaqle3HYqdIt1U+J0
/neRR/jyKCfRKGOpsJ0wCwqBc93uMKCgBk1/3IhyT5zUm872/NHXZDLQ77lvgpOU
3nKg9ZnHy108tcxgruBXiVXPT/tbLKUeTNSZc8uQVkp/6vU/cvc8qF4gHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFIONYtOoHb/VJHOOjWeV3KzrqXRMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvVWc0MWkwNmdkdjlVa2M0Nk5aNVhjck91cGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiCjMA0G
CSqGSIb3DQEBCwUAA4IBAQAMsxMXqlaZhbcs4rK7ev12s7N5M9RJHfyLCPBpGDH7
GIBMzQuGwlQysT4Xu+GMq8X9murHcpOAtWOw874fg1Jm62xAH3YaW3Pf3Igq+2oD
JIv/82GYn5RDFeI2HQ5ZOZaw3zLOxqS/QL/iR/bkPOlWcm6Ueja0ZFaMxUGflslx
kZ4VQ/wWWhlJDVDYUsGpUPaPyT2lo432xoz0otstEk3ARmE5ZZ4BF7SMe3BqkRZ/
DjsgWHmGjL6/4KXSorNhE76PessiuHztqE+wayv0M+evnNRADgkUaKlRSAx+D0Jy
Z+I/1KrrGJ3T1N2ExJ3Uy2GEPcUc2vQucTp9KayqOOVf
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:56:34 2025 by rpki-client