Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/5dOeHmReGHpglp9CPLficnPxbRA.roa
File: 5dOeHmReGHpglp9CPLficnPxbRA.roa (raw, json)
Hash identifier: u/adm8/lzLOzXE337fHeCi8QttPIgGUNVZ/GPwCUh0o=
Subject key identifier: E5:D3:9E:1E:64:5E:18:7A:60:96:9F:42:3C:B7:E2:72:73:F1:6D:10
Certificate issuer: /CN=4b61cc8a365cc40382a31dad54f6cb723f58758a
Certificate serial: 019427B5E34C00980FF3B2732CB813B280EB
Authority key identifier: 4B:61:CC:8A:36:5C:C4:03:82:A3:1D:AD:54:F6:CB:72:3F:58:75:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2HMijZcxAOCox2tVPbLcj9YdYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/5dOeHmReGHpglp9CPLficnPxbRA.roa
Signing time: Thu 02 Jan 2025 15:50:19 +0000
ROA not before: Thu 02 Jan 2025 15:50:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42339
IP address blocks: 46.28.224.0/21 maxlen: 21
77.72.120.0/21 maxlen: 21
185.22.204.0/22 maxlen: 22
2a00:60a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:e3:4c:00:98:0f:f3:b2:73:2c:b8:13:b2:80:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b61cc8a365cc40382a31dad54f6cb723f58758a
Validity
Not Before: Jan 2 15:50:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5d39e1e645e187a60969f423cb7e27273f16d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:12:c7:6d:e8:24:ea:b9:96:9c:fa:9c:5b:c7:
43:5e:09:ce:7d:f9:29:21:ff:a5:92:ee:ae:64:2e:
01:ee:a0:d4:0c:54:88:84:40:5e:d4:24:7e:8f:ca:
de:ba:99:dc:88:35:59:6e:45:61:a0:91:bf:5b:91:
83:76:c3:14:34:b8:3d:2f:5d:bb:8d:0b:16:1c:cc:
1f:1f:74:68:39:85:f0:22:b2:8b:2d:7c:96:d3:a5:
e3:9c:84:5a:3c:e0:3b:f3:d8:c6:f0:64:13:90:73:
8e:7d:83:99:04:01:89:8c:3d:a8:81:e6:fd:93:4b:
8a:1d:a2:79:3d:cd:3f:8b:08:29:e6:8f:73:85:8f:
e6:f8:d6:40:b4:2c:11:48:76:4b:f5:33:c0:3f:30:
3d:3b:a2:7e:43:9c:a3:fe:d7:18:a4:3e:44:5d:b8:
84:2d:3c:f4:32:f7:f5:ea:36:8a:77:8c:14:df:87:
fe:dc:8d:71:a4:7d:df:61:48:3d:d6:f7:e2:d9:55:
dd:0e:35:ce:b0:a0:33:6a:2c:4d:dc:6f:b7:f6:20:
22:89:bf:dd:33:99:a0:93:ba:e5:be:b2:4e:86:18:
4d:57:f0:47:3a:30:7d:23:99:f6:50:ba:a3:47:f3:
a0:2c:44:ef:e5:08:27:71:1b:f8:c6:63:f1:71:92:
13:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D3:9E:1E:64:5E:18:7A:60:96:9F:42:3C:B7:E2:72:73:F1:6D:10
X509v3 Authority Key Identifier:
keyid:4B:61:CC:8A:36:5C:C4:03:82:A3:1D:AD:54:F6:CB:72:3F:58:75:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2HMijZcxAOCox2tVPbLcj9YdYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/5dOeHmReGHpglp9CPLficnPxbRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6b9ec0-9b10-4443-b5e6-c4fd53ebeb67/1/S2HMijZcxAOCox2tVPbLcj9YdYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.224.0/21
77.72.120.0/21
185.22.204.0/22
IPv6:
2a00:60a0::/32
Signature Algorithm: sha256WithRSAEncryption
09:af:ac:55:1f:ef:7a:41:e1:48:c1:04:47:79:62:84:22:1d:
51:4d:4c:c6:b9:f1:1c:ae:3d:13:5a:09:4f:be:25:93:fb:70:
82:cb:ba:be:79:b0:e6:25:b2:26:93:af:97:68:7f:0f:4e:2a:
d4:6f:95:cc:d1:cc:71:73:5d:68:58:76:f2:57:0a:a7:0c:b9:
29:84:05:da:c8:66:bd:c6:5e:4c:a9:94:3c:36:a2:ce:9c:e2:
23:a9:2c:6e:9e:a9:c3:bb:3e:6a:2a:0c:f7:a0:a0:e4:5d:eb:
21:f2:16:c4:96:3a:93:70:9c:dd:41:f9:d9:48:a9:f8:0c:98:
8c:69:9c:8d:53:13:72:66:10:bd:22:79:8f:a2:44:62:c8:2f:
1b:fc:80:9d:60:94:e3:42:b7:73:d1:ea:da:3e:f6:e6:02:96:
39:16:93:ec:ba:a2:65:8f:f9:51:58:12:e6:4f:94:79:88:4c:
c2:a3:5e:ef:56:d8:63:b1:64:65:0f:6a:fb:b0:c4:8a:9c:91:
20:e5:ce:c7:e0:f2:98:f4:94:da:0f:b6:3e:04:e6:0b:20:c0:
52:f3:80:2b:5e:23:81:00:46:75:96:16:77:f0:a2:40:0e:90:
da:6b:b6:37:8d:20:3a:25:00:00:dd:1b:90:b8:1a:0e:cf:15:
68:d8:22:2f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQnteNMAJgP87JzLLgTsoDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjFjYzhhMzY1Y2M0MDM4MmEzMWRhZDU0ZjZjYjcyM2Y1
ODc1OGEwHhcNMjUwMTAyMTU1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQzOWUxZTY0NWUxODdhNjA5NjlmNDIzY2I3ZTI3MjczZjE2ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xLHbegk6rmWnPqcW8dDXgnOffkp
If+lku6uZC4B7qDUDFSIhEBe1CR+j8reupnciDVZbkVhoJG/W5GDdsMUNLg9L127
jQsWHMwfH3RoOYXwIrKLLXyW06XjnIRaPOA789jG8GQTkHOOfYOZBAGJjD2ogeb9
k0uKHaJ5Pc0/iwgp5o9zhY/m+NZAtCwRSHZL9TPAPzA9O6J+Q5yj/tcYpD5EXbiE
LTz0Mvf16jaKd4wU34f+3I1xpH3fYUg91vfi2VXdDjXOsKAzaixN3G+39iAiib/d
M5mgk7rlvrJOhhhNV/BHOjB9I5n2ULqjR/OgLETv5QgncRv4xmPxcZITVwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOXTnh5kXhh6YJafQjy34nJz8W0QMB8GA1UdIwQY
MBaAFEthzIo2XMQDgqMdrVT2y3I/WHWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJITWlqWmN4QU9Db3gydFZQYkxjajlZZFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82YjllYzAtOWIxMC00NDQzLWI1ZTYt
YzRmZDUzZWJlYjY3LzEvNWRPZUhtUmVHSHBnbHA5Q1BMZmljblB4YlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82YjllYzAtOWIxMC00NDQzLWI1ZTYtYzRmZDUzZWJlYjY3
LzEvUzJITWlqWmN4QU9Db3gydFZQYkxjajlZZFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLhzgAwQD
TUh4AwQCuRbMMA0EAgACMAcDBQAqAGCgMA0GCSqGSIb3DQEBCwUAA4IBAQAJr6xV
H+96QeFIwQRHeWKEIh1RTUzGufEcrj0TWglPviWT+3CCy7q+ebDmJbImk6+XaH8P
TirUb5XM0cxxc11oWHbyVwqnDLkphAXayGa9xl5MqZQ8NqLOnOIjqSxunqnDuz5q
Kgz3oKDkXesh8hbEljqTcJzdQfnZSKn4DJiMaZyNUxNyZhC9InmPokRiyC8b/ICd
YJTjQrdz0eraPvbmApY5FpPsuqJlj/lRWBLmT5R5iEzCo17vVthjsWRlD2r7sMSK
nJEg5c7H4PKY9JTaD7Y+BOYLIMBS84ArXiOBAEZ1lhZ38KJADpDaa7Y3jSA6JQAA
3RuQuBoOzxVo2CIv
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:00:24 2025 by rpki-client