Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/jwF2Fe8ZjLBRTo3L_7TINNi10fQ.roa
File: jwF2Fe8ZjLBRTo3L_7TINNi10fQ.roa (raw, json)
Hash identifier: Ap/raQBvujEIQc3hDUBU94DRN1La9dL+OAKrqJu5rbU=
Subject key identifier: 8F:01:76:15:EF:19:8C:B0:51:4E:8D:CB:FF:B4:C8:34:D8:B5:D1:F4
Certificate issuer: /CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Certificate serial: 01942826EE1B2868AF25584969EFDDD8A9EF
Authority key identifier: 91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/jwF2Fe8ZjLBRTo3L_7TINNi10fQ.roa
Signing time: Thu 02 Jan 2025 17:53:47 +0000
ROA not before: Thu 02 Jan 2025 17:53:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49675
IP address blocks: 46.17.200.0/21 maxlen: 21
46.17.200.0/24 maxlen: 24
46.17.201.0/24 maxlen: 24
46.17.202.0/24 maxlen: 24
46.17.203.0/24 maxlen: 24
46.17.204.0/24 maxlen: 24
46.17.205.0/24 maxlen: 24
46.17.206.0/24 maxlen: 24
46.17.207.0/24 maxlen: 24
89.169.16.0/22 maxlen: 22
89.169.16.0/24 maxlen: 24
89.169.17.0/24 maxlen: 24
89.169.18.0/24 maxlen: 24
89.169.19.0/24 maxlen: 24
185.161.180.0/22 maxlen: 22
185.161.180.0/24 maxlen: 24
185.161.181.0/24 maxlen: 24
185.161.182.0/24 maxlen: 24
185.161.183.0/24 maxlen: 24
2a02:26a8:3::/48 maxlen: 48
2a02:26a8:f001::/48 maxlen: 48
2a02:26a8:fffe::/48 maxlen: 48
2a02:26a8:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:ee:1b:28:68:af:25:58:49:69:ef:dd:d8:a9:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d01c47f00e64f35cc752d03b34a71b71406b3f
Validity
Not Before: Jan 2 17:53:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f017615ef198cb0514e8dcbffb4c834d8b5d1f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f2:fc:07:41:31:3d:8c:74:e2:22:d4:53:b6:
79:1f:89:78:88:9d:ff:f0:fd:06:bb:96:4a:a6:f6:
72:c4:39:ab:70:41:36:98:f9:c9:f3:13:a2:31:07:
86:51:23:12:4d:3c:98:2c:2b:27:5b:cc:98:d3:53:
ff:93:cd:9b:db:6e:ca:de:94:7a:c8:30:1a:ff:c4:
18:e4:91:f9:8f:1c:81:37:2e:12:32:26:e0:83:be:
3c:52:2b:ec:fe:33:8f:5f:65:d7:86:aa:8a:68:ea:
8b:04:7e:1e:1e:fb:fb:ba:75:2b:31:8d:ee:ce:fb:
1d:d1:34:81:57:8a:1c:6e:21:8d:f3:88:71:b3:29:
19:33:95:c3:08:da:d8:03:cb:c6:57:99:ed:49:05:
23:ef:c2:93:da:87:87:5a:8d:19:0f:f8:25:b3:91:
4f:ef:15:05:a7:36:6d:f4:c6:57:39:bb:3a:d7:0d:
b6:2f:9b:ce:4f:1b:7e:bd:ea:9d:8c:15:50:9a:37:
10:3e:03:4d:b6:2b:0c:52:5c:b7:ed:f6:2e:7b:75:
ca:3d:41:56:c7:30:36:9b:cc:31:7a:80:62:ae:a1:
37:9c:fa:21:e0:48:62:f0:80:8c:69:9e:fa:f4:78:
95:f0:7c:85:e3:6e:0b:7f:23:52:73:78:16:1e:c3:
d4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:01:76:15:EF:19:8C:B0:51:4E:8D:CB:FF:B4:C8:34:D8:B5:D1:F4
X509v3 Authority Key Identifier:
keyid:91:D0:1C:47:F0:0E:64:F3:5C:C7:52:D0:3B:34:A7:1B:71:40:6B:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdAcR_AOZPNcx1LQOzSnG3FAaz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/jwF2Fe8ZjLBRTo3L_7TINNi10fQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b0fc0c-c537-40b4-9b5b-56b006ef0d3b/1/kdAcR_AOZPNcx1LQOzSnG3FAaz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.200.0/21
89.169.16.0/22
185.161.180.0/22
IPv6:
2a02:26a8:3::/48
2a02:26a8:f001::/48
2a02:26a8:fffe::/47
Signature Algorithm: sha256WithRSAEncryption
47:07:2e:e2:fb:2a:59:98:4d:9b:b0:68:9b:9b:18:67:02:ef:
e8:4d:70:3c:1d:b0:52:cb:5c:fd:7a:9a:33:66:b9:d2:b5:d6:
98:bc:32:4d:e8:88:31:ed:b2:4c:0f:98:0f:52:47:1b:ee:aa:
3b:b9:f0:f0:58:0c:85:97:78:aa:d1:e1:e9:63:da:9a:d1:f4:
0f:1b:3d:58:2f:cc:03:88:46:94:8b:7b:33:88:5a:5d:0f:20:
70:84:7a:7d:a2:6e:14:2e:f3:32:47:5a:5c:a6:b0:1b:0c:ea:
09:03:30:4f:a4:68:07:f8:4b:8e:e2:fd:29:a7:c0:6b:56:95:
6e:ad:78:2b:5a:ee:3f:5a:89:35:16:26:09:2c:e8:8c:e7:53:
dd:0a:d5:c4:0b:8f:c5:dc:8d:68:5c:72:22:c7:c9:b2:a7:ef:
47:b3:e8:3c:4f:c2:ca:e5:ec:49:d5:fb:62:dd:a4:30:0d:72:
92:9e:0c:a2:88:bb:a3:35:30:8e:ee:49:c4:b0:e4:d6:1f:f3:
bf:28:cf:0e:4d:1a:82:42:2a:08:56:b2:16:0c:de:f6:19:c2:
0b:0f:1f:18:0e:e9:8a:7c:2b:f6:fb:1c:25:32:f0:6e:0b:d9:
68:bf:d4:20:d4:06:4e:e1:45:5f:5f:d0:fa:60:93:ea:84:3e:
1d:57:ef:23
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQoJu4bKGivJVhJae/d2KnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDAxYzQ3ZjAwZTY0ZjM1Y2M3NTJkMDNiMzRhNzFiNzE0
MDZiM2YwHhcNMjUwMTAyMTc1MzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjAxNzYxNWVmMTk4Y2IwNTE0ZThkY2JmZmI0YzgzNGQ4YjVkMWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPL8B0ExPYx04iLUU7Z5H4l4iJ3/
8P0Gu5ZKpvZyxDmrcEE2mPnJ8xOiMQeGUSMSTTyYLCsnW8yY01P/k82b227K3pR6
yDAa/8QY5JH5jxyBNy4SMibgg748Uivs/jOPX2XXhqqKaOqLBH4eHvv7unUrMY3u
zvsd0TSBV4ocbiGN84hxsykZM5XDCNrYA8vGV5ntSQUj78KT2oeHWo0ZD/gls5FP
7xUFpzZt9MZXObs61w22L5vOTxt+veqdjBVQmjcQPgNNtisMUly37fYue3XKPUFW
xzA2m8wxeoBirqE3nPoh4Ehi8ICMaZ769HiV8HyF424LfyNSc3gWHsPUDQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFI8BdhXvGYywUU6Ny/+0yDTYtdH0MB8GA1UdIwQY
MBaAFJHQHEfwDmTzXMdS0Ds0pxtxQGs/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWIt
NTZiMDA2ZWYwZDNiLzEvandGMkZlOFpqTEJSVG8zTF83VElOTmkxMGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9iMGZjMGMtYzUzNy00MGI0LTliNWItNTZiMDA2ZWYwZDNi
LzEva2RBY1JfQU9aUE5jeDFMUU96U25HM0ZBYXo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQDLhHIAwQC
WakQAwQCuaG0MCEEAgACMBsDBwAqAiaoAAMDBwAqAiao8AEDBwEqAiao//4wDQYJ
KoZIhvcNAQELBQADggEBAEcHLuL7KlmYTZuwaJubGGcC7+hNcDwdsFLLXP16mjNm
udK11pi8Mk3oiDHtskwPmA9SRxvuqju58PBYDIWXeKrR4elj2prR9A8bPVgvzAOI
RpSLezOIWl0PIHCEen2ibhQu8zJHWlymsBsM6gkDME+kaAf4S47i/SmnwGtWlW6t
eCta7j9aiTUWJgks6IznU90K1cQLj8XcjWhcciLHybKn70ez6DxPwsrl7EnV+2Ld
pDANcpKeDKKIu6M1MI7uScSw5NYf878ozw5NGoJCKghWshYM3vYZwgsPHxgO6Yp8
K/b7HCUy8G4L2Wi/1CDUBk7hRV9f0Ppgk+qEPh1X7yM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:56:26 2025 by rpki-client