Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/rHz8kaauSx9yjUtMHgkc7yNJ95o.roa
File: rHz8kaauSx9yjUtMHgkc7yNJ95o.roa (raw, json)
Hash identifier: PhKHXgs0bJsWkyri4OmHbJXKHUs8Dv3fw5JQFOIgfUI=
Subject key identifier: AC:7C:FC:91:A6:AE:4B:1F:72:8D:4B:4C:1E:09:1C:EF:23:49:F7:9A
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 019423D7136EE9EDED61B16633E66809E45A
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/rHz8kaauSx9yjUtMHgkc7yNJ95o.roa
Signing time: Wed 01 Jan 2025 21:48:05 +0000
ROA not before: Wed 01 Jan 2025 21:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213402
IP address blocks: 46.32.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:13:6e:e9:ed:ed:61:b1:66:33:e6:68:09:e4:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Jan 1 21:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac7cfc91a6ae4b1f728d4b4c1e091cef2349f79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:49:31:87:ce:1e:a1:80:23:a6:53:0a:72:4b:
0c:86:74:85:25:9b:5c:76:96:a2:0f:ad:65:7f:72:
a9:bc:b5:62:39:d0:22:87:61:e4:db:3c:62:91:9f:
e6:a2:70:55:91:09:a5:c4:97:cc:8c:d3:78:91:b0:
74:8d:eb:ce:4a:ba:5d:e3:12:9c:f3:4b:f9:bf:34:
d3:1e:23:7c:f8:4b:e1:bd:41:38:ce:94:3a:66:92:
c6:af:e3:a0:ce:64:f7:ff:ad:70:91:75:d3:c7:72:
94:56:42:04:b4:43:29:ec:62:d4:7e:ae:bf:47:a2:
0b:ab:0a:8a:bc:e1:af:aa:3c:19:2c:e0:18:cb:05:
7d:cf:12:b1:8f:1e:36:a9:af:c8:e5:88:32:c0:12:
8c:b6:1f:63:a4:a3:61:1c:0e:9a:90:54:6e:91:a8:
d3:1e:76:77:dc:30:fc:1c:e7:d9:f9:da:13:f0:db:
67:ee:00:8d:50:9a:54:b3:e6:83:b4:6f:42:30:5e:
4d:19:ae:d1:74:e3:9f:1b:5a:9e:08:c3:39:50:a7:
25:b1:af:6f:5f:cf:20:6f:2f:96:74:0a:87:a4:b9:
76:c5:1a:a0:bd:d2:0b:2b:60:af:ce:0a:b4:21:a7:
52:1b:f3:63:7d:8e:03:93:56:ab:ea:6c:5f:4f:86:
89:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:7C:FC:91:A6:AE:4B:1F:72:8D:4B:4C:1E:09:1C:EF:23:49:F7:9A
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/rHz8kaauSx9yjUtMHgkc7yNJ95o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.172.0/24
Signature Algorithm: sha256WithRSAEncryption
77:59:69:16:4a:29:c2:41:ba:1d:45:07:77:4a:f6:c6:89:a1:
fb:95:9e:1c:13:c6:a5:e6:85:c0:fe:80:2a:de:52:c3:f8:54:
bc:f4:36:f0:b5:04:15:e3:99:ce:83:78:da:c8:00:d5:cd:78:
78:2b:04:0b:21:80:43:a9:78:29:c6:e0:94:ab:6d:d6:53:9c:
10:e4:c8:b0:cf:99:0a:9f:d9:ca:02:c1:2c:d4:a3:b5:06:8d:
c4:d4:9e:3d:0a:0e:99:d8:dd:60:c2:b1:70:ce:3e:a8:90:c8:
ad:78:fe:e9:ca:2b:98:c1:15:26:25:a1:dc:ea:f4:81:c0:69:
3f:e9:c2:6a:86:72:7e:fa:2f:8c:d5:ea:dd:f6:0e:b1:fc:ef:
69:a4:dd:d5:2b:85:29:81:1c:47:10:71:5a:36:30:73:4a:f4:
02:d0:45:84:cb:f2:3d:86:e4:7d:f9:13:44:a1:73:3a:6b:53:
c4:cf:19:b6:05:cb:ae:81:a9:bd:d9:41:fd:9d:88:90:38:dc:
38:5b:7b:4b:a4:dd:cd:00:d8:76:81:fe:ea:e1:cd:ef:28:d0:
0b:d1:4a:d9:11:0f:23:25:5c:c4:11:fa:a1:af:e5:bf:8f:1e:
30:db:b9:8d:d8:17:f8:a4:18:d1:b3:a3:3a:db:68:a0:bf:ff:
61:e8:cd:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1xNu6e3tYbFmM+ZoCeRaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjUwMTAxMjE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzdjZmM5MWE2YWU0YjFmNzI4ZDRiNGMxZTA5MWNlZjIzNDlmNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA90kxh84eoYAjplMKcksMhnSFJZtc
dpaiD61lf3KpvLViOdAih2Hk2zxikZ/monBVkQmlxJfMjNN4kbB0jevOSrpd4xKc
80v5vzTTHiN8+EvhvUE4zpQ6ZpLGr+OgzmT3/61wkXXTx3KUVkIEtEMp7GLUfq6/
R6ILqwqKvOGvqjwZLOAYywV9zxKxjx42qa/I5YgywBKMth9jpKNhHA6akFRukajT
HnZ33DD8HOfZ+doT8Ntn7gCNUJpUs+aDtG9CMF5NGa7RdOOfG1qeCMM5UKclsa9v
X88gby+WdAqHpLl2xRqgvdILK2Cvzgq0IadSG/NjfY4Dk1ar6mxfT4aJ6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKx8/JGmrksfco1LTB4JHO8jSfeaMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvckh6OGthYXVTeDl5alV0TUhna2M3eU5KOTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiCsMA0G
CSqGSIb3DQEBCwUAA4IBAQB3WWkWSinCQbodRQd3SvbGiaH7lZ4cE8al5oXA/oAq
3lLD+FS89DbwtQQV45nOg3jayADVzXh4KwQLIYBDqXgpxuCUq23WU5wQ5Miwz5kK
n9nKAsEs1KO1Bo3E1J49Cg6Z2N1gwrFwzj6okMiteP7pyiuYwRUmJaHc6vSBwGk/
6cJqhnJ++i+M1erd9g6x/O9ppN3VK4UpgRxHEHFaNjBzSvQC0EWEy/I9huR9+RNE
oXM6a1PEzxm2Bcuugam92UH9nYiQONw4W3tLpN3NANh2gf7q4c3vKNAL0UrZEQ8j
JVzEEfqhr+W/jx4w27mN2Bf4pBjRs6M622igv/9h6M2c
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:49:24 2025 by rpki-client