Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/14225b-bf95-45c9-8d7b-fc25d455af85/1/5BpJC5kfYpwnpQHv48KWy-JUppU.roa
File: 5BpJC5kfYpwnpQHv48KWy-JUppU.roa (raw, json)
Hash identifier: CrCPGt1FnNwvHaRxzi66Coran28PbWoZQZiC83vw/u0=
Subject key identifier: E4:1A:49:0B:99:1F:62:9C:27:A5:01:EF:E3:C2:96:CB:E2:54:A6:95
Certificate issuer: /CN=5281b841f12769489d5fd343b72ba44f90c96f32
Certificate serial: 019422FB51CEF7A465F64507EA53ABCFFFC9
Authority key identifier: 52:81:B8:41:F1:27:69:48:9D:5F:D3:43:B7:2B:A4:4F:90:C9:6F:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UoG4QfEnaUidX9NDtyukT5DJbzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/14225b-bf95-45c9-8d7b-fc25d455af85/1/5BpJC5kfYpwnpQHv48KWy-JUppU.roa
Signing time: Wed 01 Jan 2025 17:48:03 +0000
ROA not before: Wed 01 Jan 2025 17:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44141
IP address blocks: 46.31.40.0/21 maxlen: 21
91.198.44.0/24 maxlen: 24
185.13.64.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:51:ce:f7:a4:65:f6:45:07:ea:53:ab:cf:ff:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5281b841f12769489d5fd343b72ba44f90c96f32
Validity
Not Before: Jan 1 17:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e41a490b991f629c27a501efe3c296cbe254a695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8d:64:cc:71:50:52:a1:b2:2a:1a:a9:3f:a9:
65:e0:d0:be:ec:4d:2f:29:5a:31:98:dc:55:66:37:
4e:4f:49:f6:74:5c:85:29:10:96:6d:53:dd:d4:92:
d5:8d:e2:0c:ee:e0:ab:31:e9:bd:89:36:63:25:29:
41:b9:30:37:f2:d2:e4:27:b1:9d:1b:ef:93:23:28:
be:2b:7f:8d:82:17:3b:a2:22:16:af:57:dc:84:ec:
6f:c3:87:7b:31:9b:41:cd:de:e8:81:33:33:07:41:
45:ef:d8:b3:a9:67:49:59:0d:72:88:91:af:a9:c1:
58:7f:d4:51:b3:1b:a5:9d:b7:88:19:1d:3c:bb:83:
81:82:7d:d1:f0:bd:cc:24:01:27:60:f2:30:fd:70:
d9:ed:a7:cc:c0:4c:43:d1:79:86:2b:18:1f:6d:90:
0b:92:cd:df:51:25:5e:d2:24:6c:f3:c1:aa:d4:1b:
35:2a:b3:bd:4a:dc:eb:60:94:09:b4:5b:99:a4:ac:
bc:2a:c1:3a:42:9c:35:2a:be:2a:1a:c3:bd:3f:77:
5a:fa:b7:71:21:c3:98:9a:63:50:80:0e:a5:8a:61:
40:1f:77:f1:09:29:8b:c7:62:d3:be:58:28:20:f5:
68:0c:db:e5:33:ad:90:91:49:2f:b6:ba:7e:5e:5c:
96:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1A:49:0B:99:1F:62:9C:27:A5:01:EF:E3:C2:96:CB:E2:54:A6:95
X509v3 Authority Key Identifier:
keyid:52:81:B8:41:F1:27:69:48:9D:5F:D3:43:B7:2B:A4:4F:90:C9:6F:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UoG4QfEnaUidX9NDtyukT5DJbzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/14225b-bf95-45c9-8d7b-fc25d455af85/1/5BpJC5kfYpwnpQHv48KWy-JUppU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/14225b-bf95-45c9-8d7b-fc25d455af85/1/UoG4QfEnaUidX9NDtyukT5DJbzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.40.0/21
91.198.44.0/24
185.13.64.0/22
Signature Algorithm: sha256WithRSAEncryption
36:aa:3d:7d:af:ed:ac:28:22:0f:df:ce:a8:3d:b2:34:bb:50:
66:0a:dd:03:e3:bd:ab:2b:05:dc:ad:af:3c:48:88:10:a9:5d:
90:62:ec:5e:5b:34:87:b2:ac:32:82:c8:47:67:fa:a6:6c:8e:
5c:98:59:17:32:ae:89:09:c6:e8:55:79:3b:cd:97:b2:ea:b3:
3b:90:c2:72:c5:a9:a0:00:87:a6:9a:c3:b9:46:55:a7:20:03:
b6:51:20:a7:95:f1:44:e4:5f:d5:71:49:4a:fe:ff:e8:73:4f:
b3:af:87:2a:a9:f8:bd:ec:19:86:59:8a:59:78:2f:0d:f0:96:
64:c1:1e:79:7d:f0:84:aa:f5:43:7e:ba:d4:78:bf:0c:c6:e0:
e9:88:41:b3:d7:cb:e1:6b:f7:c8:38:5b:e4:c0:b9:07:a0:e2:
31:e2:2b:e6:a9:75:80:62:26:61:e3:6a:b8:a2:ca:02:36:45:
8b:b7:c8:1d:ce:ed:51:92:71:a9:96:79:ac:79:eb:65:d8:ed:
1f:1d:9b:ee:20:66:76:83:3c:50:90:b9:c2:3f:bb:04:8f:6a:
d7:78:47:2a:da:a0:19:50:5a:a6:e7:20:e5:32:70:2c:75:d3:
c2:07:c6:1f:63:28:07:c2:7a:20:51:b6:46:0d:54:5e:74:60:
41:aa:10:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQi+1HO96Rl9kUH6lOrz//JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyODFiODQxZjEyNzY5NDg5ZDVmZDM0M2I3MmJhNDRmOTBj
OTZmMzIwHhcNMjUwMTAxMTc0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDFhNDkwYjk5MWY2MjljMjdhNTAxZWZlM2MyOTZjYmUyNTRhNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY1kzHFQUqGyKhqpP6ll4NC+7E0v
KVoxmNxVZjdOT0n2dFyFKRCWbVPd1JLVjeIM7uCrMem9iTZjJSlBuTA38tLkJ7Gd
G++TIyi+K3+Nghc7oiIWr1fchOxvw4d7MZtBzd7ogTMzB0FF79izqWdJWQ1yiJGv
qcFYf9RRsxulnbeIGR08u4OBgn3R8L3MJAEnYPIw/XDZ7afMwExD0XmGKxgfbZAL
ks3fUSVe0iRs88Gq1Bs1KrO9StzrYJQJtFuZpKy8KsE6Qpw1Kr4qGsO9P3da+rdx
IcOYmmNQgA6limFAH3fxCSmLx2LTvlgoIPVoDNvlM62QkUkvtrp+XlyWkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOQaSQuZH2KcJ6UB7+PClsviVKaVMB8GA1UdIwQY
MBaAFFKBuEHxJ2lInV/TQ7crpE+QyW8yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW9HNFFmRW5hVWlkWDlORHR5dWtUNURKYnpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xNDIyNWItYmY5NS00NWM5LThkN2It
ZmMyNWQ0NTVhZjg1LzEvNUJwSkM1a2ZZcHducFFIdjQ4S1d5LUpVcHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8xNDIyNWItYmY5NS00NWM5LThkN2ItZmMyNWQ0NTVhZjg1
LzEvVW9HNFFmRW5hVWlkWDlORHR5dWtUNURKYnpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLh8oAwQA
W8YsAwQCuQ1AMA0GCSqGSIb3DQEBCwUAA4IBAQA2qj19r+2sKCIP386oPbI0u1Bm
Ct0D472rKwXcra88SIgQqV2QYuxeWzSHsqwygshHZ/qmbI5cmFkXMq6JCcboVXk7
zZey6rM7kMJyxamgAIemmsO5RlWnIAO2USCnlfFE5F/VcUlK/v/oc0+zr4cqqfi9
7BmGWYpZeC8N8JZkwR55ffCEqvVDfrrUeL8MxuDpiEGz18vha/fIOFvkwLkHoOIx
4ivmqXWAYiZh42q4osoCNkWLt8gdzu1RknGplnmseetl2O0fHZvuIGZ2gzxQkLnC
P7sEj2rXeEcq2qAZUFqm5yDlMnAsddPCB8YfYygHwnogUbZGDVRedGBBqhCN
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:36:41 2025 by rpki-client