Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f63d76-2fb6-43a2-bfec-9f7aa094303b/1/xzawIGSZ9gaUq6klJYybOrl_u8k.roa
File: xzawIGSZ9gaUq6klJYybOrl_u8k.roa (raw, json)
Hash identifier: 1673awjNQrA/kSjVn3AcQmjZN9mvF8MpaJPKmYa0E/w=
Subject key identifier: C7:36:B0:20:64:99:F6:06:94:AB:A9:25:25:8C:9B:3A:B9:7F:BB:C9
Certificate issuer: /CN=b4f49698d08e8c283c0df2a82f16997e6259bab6
Certificate serial: 01942068793A70AEA68D1C27FE887245BC0C
Authority key identifier: B4:F4:96:98:D0:8E:8C:28:3C:0D:F2:A8:2F:16:99:7E:62:59:BA:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPSWmNCOjCg8DfKoLxaZfmJZurY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/f63d76-2fb6-43a2-bfec-9f7aa094303b/1/xzawIGSZ9gaUq6klJYybOrl_u8k.roa
Signing time: Wed 01 Jan 2025 05:48:25 +0000
ROA not before: Wed 01 Jan 2025 05:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202614
IP address blocks: 46.102.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:79:3a:70:ae:a6:8d:1c:27:fe:88:72:45:bc:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f49698d08e8c283c0df2a82f16997e6259bab6
Validity
Not Before: Jan 1 05:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c736b0206499f60694aba925258c9b3ab97fbbc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c9:b9:6c:d7:3b:45:99:78:e0:be:fa:d5:13:
21:8e:1a:b7:cc:07:1a:aa:f6:4a:cc:8f:6d:0e:1c:
15:6b:0f:77:e9:03:ee:88:1d:56:be:81:c9:7d:ad:
5e:b8:86:06:4d:01:bb:a2:e6:c7:86:a6:96:4e:08:
fd:7e:6c:1d:04:19:3b:80:6e:ff:ef:da:5f:67:99:
08:8e:e9:10:a7:2a:40:1c:25:1f:b4:bf:74:6b:d2:
c2:97:06:04:71:f2:bf:ef:7b:ed:48:67:c6:6f:53:
c8:68:80:62:5a:1f:5e:a8:03:d1:ae:fd:07:2c:39:
75:bd:39:6a:36:06:53:6f:56:f7:ac:52:43:d1:c0:
f6:d6:86:1a:c9:7a:04:b8:1a:43:e0:08:67:1d:fc:
a8:8f:30:0d:1a:b5:d9:12:58:57:71:db:57:bd:60:
e2:28:ad:63:53:96:54:6a:16:68:bc:19:a7:19:a3:
4b:79:3f:a5:38:32:c1:98:63:1e:3c:ac:66:8c:be:
a5:70:ce:28:ff:6e:42:b6:8f:2b:e0:22:08:8c:72:
c6:1b:7a:ff:3f:d9:1b:16:02:13:cb:6f:df:7f:42:
f2:d4:d7:83:89:4a:5b:ab:dd:3b:d1:8c:5e:75:bf:
2d:d9:db:ab:4b:4f:7d:ce:50:4e:f2:b6:4f:f2:b3:
af:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:36:B0:20:64:99:F6:06:94:AB:A9:25:25:8C:9B:3A:B9:7F:BB:C9
X509v3 Authority Key Identifier:
keyid:B4:F4:96:98:D0:8E:8C:28:3C:0D:F2:A8:2F:16:99:7E:62:59:BA:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPSWmNCOjCg8DfKoLxaZfmJZurY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f63d76-2fb6-43a2-bfec-9f7aa094303b/1/xzawIGSZ9gaUq6klJYybOrl_u8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f63d76-2fb6-43a2-bfec-9f7aa094303b/1/tPSWmNCOjCg8DfKoLxaZfmJZurY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.104.0/24
Signature Algorithm: sha256WithRSAEncryption
99:1b:cc:53:e6:b1:b4:f9:dc:7a:af:a5:7d:51:56:f1:60:f7:
8a:d8:6e:49:17:9b:e6:09:01:1f:11:11:48:00:b2:1c:ab:86:
e9:7f:f1:b7:37:20:1a:56:72:b1:57:9a:ee:47:7b:cb:4b:ad:
be:2d:1f:45:d3:80:6f:55:82:57:81:76:b9:bd:79:82:2e:57:
64:b1:82:34:3e:58:9e:5c:bb:36:62:53:3b:0a:b6:31:bd:e5:
23:42:ce:35:c0:79:46:9f:b3:4b:e1:2f:c0:b1:a5:7d:42:e6:
82:ba:22:22:af:69:d8:84:d2:ec:a9:d1:46:50:ef:7d:14:97:
04:12:89:06:e0:f9:10:52:52:7e:34:7c:5c:5d:a2:79:35:2c:
ea:56:df:57:17:f1:50:0b:28:fd:c0:ff:b8:31:3b:a7:7b:18:
28:26:72:06:9c:e8:1a:d1:f7:5a:e1:2c:b2:96:be:4a:7a:dc:
85:f2:7f:a8:6b:53:15:f6:01:c0:28:b1:84:9c:cc:d1:bc:d5:
8e:35:69:e7:1b:78:41:cb:e8:ee:06:59:e0:56:22:91:85:d7:
52:5b:67:97:41:04:4e:d2:18:d2:af:9b:ec:ab:8f:0e:14:13:
fb:1d:4d:f6:a7:c6:fd:01:8f:63:90:49:e6:93:14:d2:83:d2:
ab:c3:23:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaHk6cK6mjRwn/ohyRbwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZjQ5Njk4ZDA4ZThjMjgzYzBkZjJhODJmMTY5OTdlNjI1
OWJhYjYwHhcNMjUwMTAxMDU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzM2YjAyMDY0OTlmNjA2OTRhYmE5MjUyNThjOWIzYWI5N2ZiYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcm5bNc7RZl44L761RMhjhq3zAca
qvZKzI9tDhwVaw936QPuiB1WvoHJfa1euIYGTQG7oubHhqaWTgj9fmwdBBk7gG7/
79pfZ5kIjukQpypAHCUftL90a9LClwYEcfK/73vtSGfGb1PIaIBiWh9eqAPRrv0H
LDl1vTlqNgZTb1b3rFJD0cD21oYayXoEuBpD4AhnHfyojzANGrXZElhXcdtXvWDi
KK1jU5ZUahZovBmnGaNLeT+lODLBmGMePKxmjL6lcM4o/25Cto8r4CIIjHLGG3r/
P9kbFgITy2/ff0Ly1NeDiUpbq9070Yxedb8t2durS099zlBO8rZP8rOv8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMc2sCBkmfYGlKupJSWMmzq5f7vJMB8GA1UdIwQY
MBaAFLT0lpjQjowoPA3yqC8WmX5iWbq2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBTV21OQ09qQ2c4RGZLb0x4YVpmbUpadXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mNjNkNzYtMmZiNi00M2EyLWJmZWMt
OWY3YWEwOTQzMDNiLzEveHphd0lHU1o5Z2FVcTZrbEpZeWJPcmxfdThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9mNjNkNzYtMmZiNi00M2EyLWJmZWMtOWY3YWEwOTQzMDNi
LzEvdFBTV21OQ09qQ2c4RGZLb0x4YVpmbUpadXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALmZoMA0G
CSqGSIb3DQEBCwUAA4IBAQCZG8xT5rG0+dx6r6V9UVbxYPeK2G5JF5vmCQEfERFI
ALIcq4bpf/G3NyAaVnKxV5ruR3vLS62+LR9F04BvVYJXgXa5vXmCLldksYI0Plie
XLs2YlM7CrYxveUjQs41wHlGn7NL4S/AsaV9QuaCuiIir2nYhNLsqdFGUO99FJcE
EokG4PkQUlJ+NHxcXaJ5NSzqVt9XF/FQCyj9wP+4MTunexgoJnIGnOga0fda4Syy
lr5KetyF8n+oa1MV9gHAKLGEnMzRvNWONWnnG3hBy+juBlngViKRhddSW2eXQQRO
0hjSr5vsq48OFBP7HU32p8b9AY9jkEnmkxTSg9KrwyMz
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:01:36 2025 by rpki-client