Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/036tWscrBo3WQktUJkLutI8dnhI.roa
File: 036tWscrBo3WQktUJkLutI8dnhI.roa (raw, json)
Hash identifier: SbRgrcoBWhT2vLik5V86VTcCJ3Ave5F15tRHkOT5qDg=
Subject key identifier: D3:7E:AD:5A:C7:2B:06:8D:D6:42:4B:54:26:42:EE:B4:8F:1D:9E:12
Certificate issuer: /CN=2e8edab12215e29bd38c1da9b5e396bd0c96be09
Certificate serial: 019425FC3A881A4F29C57239506C012CFAF7
Authority key identifier: 2E:8E:DA:B1:22:15:E2:9B:D3:8C:1D:A9:B5:E3:96:BD:0C:96:BE:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lo7asSIV4pvTjB2pteOWvQyWvgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/036tWscrBo3WQktUJkLutI8dnhI.roa
Signing time: Thu 02 Jan 2025 07:47:54 +0000
ROA not before: Thu 02 Jan 2025 07:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29425
IP address blocks: 46.255.136.0/21 maxlen: 21
46.255.142.0/24 maxlen: 24
195.149.105.0/24 maxlen: 24
2a00:95a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:3a:88:1a:4f:29:c5:72:39:50:6c:01:2c:fa:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8edab12215e29bd38c1da9b5e396bd0c96be09
Validity
Not Before: Jan 2 07:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d37ead5ac72b068dd6424b542642eeb48f1d9e12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:54:04:d3:c9:8c:83:78:52:07:75:75:fd:e6:
fe:b4:82:b5:d8:c2:d6:e4:6b:7a:9a:44:3e:ca:d3:
f3:6e:1b:0a:79:ad:ac:d4:24:f0:8c:f1:e1:86:33:
0a:92:a9:9a:81:c0:90:ba:47:fb:b7:09:c2:68:3e:
c8:15:6b:22:41:e8:93:e4:0c:3f:0f:1e:67:67:53:
81:ba:76:0e:50:e4:f9:6b:40:1d:5f:9c:09:93:8c:
56:f5:78:46:ff:a9:b0:25:8d:45:63:31:1e:ed:2b:
9a:89:0a:3c:ff:5c:4b:3e:7c:d2:53:3b:aa:8b:72:
4f:dc:b9:5f:8a:15:9f:99:29:9c:1a:f6:72:30:d4:
bc:77:3b:ae:02:9b:0f:45:80:3a:97:4f:72:60:78:
c8:e2:bf:8d:b3:1a:93:ae:a0:99:4b:b9:df:7c:36:
84:a9:05:68:04:4a:43:66:e9:99:39:99:bf:c4:e4:
71:8e:44:97:78:cc:a9:97:de:56:2a:26:92:72:13:
3c:62:d2:b5:e4:58:68:f9:98:df:de:6d:de:be:9e:
12:52:5e:1c:bb:fc:fb:c9:c7:9c:43:7e:5b:1b:e0:
da:69:b3:43:71:5c:70:22:ff:31:5b:2e:cc:4c:b8:
e9:5f:f1:0f:fd:4a:e4:8b:86:de:5c:a1:53:d2:09:
d0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:7E:AD:5A:C7:2B:06:8D:D6:42:4B:54:26:42:EE:B4:8F:1D:9E:12
X509v3 Authority Key Identifier:
keyid:2E:8E:DA:B1:22:15:E2:9B:D3:8C:1D:A9:B5:E3:96:BD:0C:96:BE:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lo7asSIV4pvTjB2pteOWvQyWvgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/036tWscrBo3WQktUJkLutI8dnhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/Lo7asSIV4pvTjB2pteOWvQyWvgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.136.0/21
195.149.105.0/24
IPv6:
2a00:95a0::/32
Signature Algorithm: sha256WithRSAEncryption
9f:6a:cd:b9:ba:63:cb:e0:3d:de:97:b3:72:60:ba:6e:4a:13:
8f:6a:6f:03:c0:fe:a7:8f:71:eb:17:89:cc:a6:90:ed:8a:31:
11:3f:ff:48:21:a1:27:78:3c:d5:ba:68:64:ca:69:08:88:f5:
4e:fb:89:29:86:05:68:a0:41:2c:47:8d:e0:0c:98:49:1c:61:
74:0f:6e:62:99:e2:36:b6:7b:46:d0:e1:cd:1c:9d:df:68:7e:
7f:90:ed:08:41:29:e8:65:8b:ba:c5:aa:69:aa:3a:18:04:bc:
31:52:00:db:ac:3d:8a:8c:2a:fc:ac:f4:af:52:f6:44:d6:0c:
e8:9f:8c:48:9a:b2:5d:15:68:0a:7f:ba:de:c8:4e:2b:92:0c:
8d:ab:07:a8:35:cb:35:db:20:fa:c1:e5:3c:12:51:70:f8:bf:
fb:6f:9b:19:3c:9d:39:4c:68:0e:9c:1d:a8:61:65:30:ed:54:
cd:5a:98:24:ec:bc:4e:ac:ea:3a:bf:42:58:50:3a:78:09:b6:
65:8f:53:47:e3:78:72:7a:0b:6b:9d:2e:b5:0c:14:60:63:84:
51:d7:5f:ad:67:83:74:d5:22:59:20:ab:96:9c:bf:34:63:e3:
a2:61:25:f2:25:e3:4e:4a:6b:70:02:49:01:c9:ba:76:b1:50:
60:ba:bd:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/DqIGk8pxXI5UGwBLPr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGVkYWIxMjIxNWUyOWJkMzhjMWRhOWI1ZTM5NmJkMGM5
NmJlMDkwHhcNMjUwMTAyMDc0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzdlYWQ1YWM3MmIwNjhkZDY0MjRiNTQyNjQyZWViNDhmMWQ5ZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVQE08mMg3hSB3V1/eb+tIK12MLW
5Gt6mkQ+ytPzbhsKea2s1CTwjPHhhjMKkqmagcCQukf7twnCaD7IFWsiQeiT5Aw/
Dx5nZ1OBunYOUOT5a0AdX5wJk4xW9XhG/6mwJY1FYzEe7SuaiQo8/1xLPnzSUzuq
i3JP3LlfihWfmSmcGvZyMNS8dzuuApsPRYA6l09yYHjI4r+NsxqTrqCZS7nffDaE
qQVoBEpDZumZOZm/xORxjkSXeMypl95WKiaSchM8YtK15Fho+Zjf3m3evp4SUl4c
u/z7ycecQ35bG+DaabNDcVxwIv8xWy7MTLjpX/EP/Urki4beXKFT0gnQzwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNN+rVrHKwaN1kJLVCZC7rSPHZ4SMB8GA1UdIwQY
MBaAFC6O2rEiFeKb04wdqbXjlr0Mlr4JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG83YXNTSVY0cHZUakIycHRlT1d2UXlXdmdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9hZjc2ZTAtNmI3ZC00MGFjLTk2MjEt
NjQzYTJmYzQ0NzNlLzEvMDM2dFdzY3JCbzNXUWt0VUprTHV0SThkbmhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9hZjc2ZTAtNmI3ZC00MGFjLTk2MjEtNjQzYTJmYzQ0NzNl
LzEvTG83YXNTSVY0cHZUakIycHRlT1d2UXlXdmdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLv+IAwQA
w5VpMA0EAgACMAcDBQAqAJWgMA0GCSqGSIb3DQEBCwUAA4IBAQCfas25umPL4D3e
l7NyYLpuShOPam8DwP6nj3HrF4nMppDtijERP/9IIaEneDzVumhkymkIiPVO+4kp
hgVooEEsR43gDJhJHGF0D25imeI2tntG0OHNHJ3faH5/kO0IQSnoZYu6xappqjoY
BLwxUgDbrD2KjCr8rPSvUvZE1gzon4xImrJdFWgKf7reyE4rkgyNqweoNcs12yD6
weU8ElFw+L/7b5sZPJ05TGgOnB2oYWUw7VTNWpgk7LxOrOo6v0JYUDp4CbZlj1NH
43hyegtrnS61DBRgY4RR11+tZ4N01SJZIKuWnL80Y+OiYSXyJeNOSmtwAkkBybp2
sVBgur20
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:19:49 2025 by rpki-client