Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/QmDTegVSmEYF6fnpKbqY_97oaSM.roa
File: QmDTegVSmEYF6fnpKbqY_97oaSM.roa (raw, json)
Hash identifier: tHb5J/NaAqeZ3yJpUfHC3cRpeW6+mrRMysLZDeKxz2M=
Subject key identifier: 42:60:D3:7A:05:52:98:46:05:E9:F9:E9:29:BA:98:FF:DE:E8:69:23
Certificate issuer: /CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Certificate serial: 019421B1E1833CEDD7F3F47173CF7DFE4911
Authority key identifier: 2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/QmDTegVSmEYF6fnpKbqY_97oaSM.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16645
IP address blocks: 46.236.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e1:83:3c:ed:d7:f3:f4:71:73:cf:7d:fe:49:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2be53d340a8bf47c1bf34d3255e102efb181ad19
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4260d37a0552984605e9f9e929ba98ffdee86923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:bc:b5:15:75:0f:3e:6f:d8:ce:1a:45:43:32:
9c:71:60:ee:58:c7:fd:14:c5:2d:c5:2b:f7:88:22:
f2:8c:64:e8:85:5c:ae:42:9e:9d:f1:14:ad:46:34:
84:c6:2c:32:4f:af:2d:73:3a:c5:d7:df:37:e2:88:
25:c5:c8:7b:6e:ea:75:25:aa:32:f4:4e:23:83:fe:
a0:01:69:15:e5:1c:90:fa:d4:82:7f:2b:f0:a9:da:
bb:37:f4:a8:bf:b1:cf:68:c9:a9:00:14:f5:bf:d1:
bb:b4:f6:80:ea:a5:32:af:7e:de:77:26:65:73:a7:
89:85:bb:ed:c1:f1:83:e0:a4:5c:8c:a3:0a:39:e1:
aa:89:5f:52:18:51:d2:79:5b:09:b5:02:ec:8a:90:
ab:71:a8:8a:24:42:d1:a0:f9:7f:6a:da:b1:e4:69:
a3:ac:67:be:0c:9b:5a:ba:13:98:9c:35:74:10:2a:
48:81:7a:d1:52:62:99:db:f0:c8:0f:56:7b:50:ef:
f1:c1:0a:30:27:bc:9d:c1:d2:57:a9:fa:1e:7c:48:
e4:01:13:6f:53:8e:d3:52:44:c6:3a:65:a2:ab:b1:
9d:ec:ae:98:ee:b7:cf:29:52:e4:e6:03:af:ab:b5:
10:59:ec:1c:49:fe:2e:75:17:5f:9b:66:ff:2e:c9:
0d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:60:D3:7A:05:52:98:46:05:E9:F9:E9:29:BA:98:FF:DE:E8:69:23
X509v3 Authority Key Identifier:
keyid:2B:E5:3D:34:0A:8B:F4:7C:1B:F3:4D:32:55:E1:02:EF:B1:81:AD:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K-U9NAqL9Hwb800yVeEC77GBrRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/QmDTegVSmEYF6fnpKbqY_97oaSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/f72562-45f5-4019-83a1-74f0c3e663cb/1/K-U9NAqL9Hwb800yVeEC77GBrRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.56.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:fb:9e:d2:3f:d2:a3:f2:4f:b6:5c:7f:b1:3f:df:f5:8c:42:
f9:23:17:ce:38:a9:cd:1d:6d:e3:6a:f5:f3:16:9f:cb:79:e5:
af:43:d9:fd:3c:00:c4:28:d2:a7:40:8c:3e:a3:49:84:3e:a1:
c8:02:b4:21:6d:2e:29:1f:c4:3a:9b:4d:41:2d:92:74:26:15:
26:f1:cd:86:08:f4:82:e5:00:0f:b8:bc:28:8c:91:1c:fd:ff:
43:b0:b7:08:2b:4e:53:cb:44:ec:e6:d2:7d:dc:26:c7:2a:a2:
f3:3a:de:53:cc:88:2d:f5:92:94:a5:16:97:68:ed:e9:50:94:
fe:32:d4:9f:26:17:5f:4c:e4:3b:c9:a7:94:9b:b1:53:0a:bf:
74:74:51:38:e9:25:d4:af:d3:9a:8f:c5:81:07:c8:94:db:6f:
16:a0:1e:46:2b:88:ee:ee:34:9f:dc:d1:19:50:ca:7b:35:a4:
d7:0f:85:c3:d5:3a:1a:29:4b:5c:fe:a4:ae:04:ba:2c:26:75:
6a:bc:5f:5e:0a:2b:fa:d5:17:c1:2a:ad:78:c1:3d:e5:44:8b:
b7:11:23:35:14:90:48:64:9c:a9:fb:e7:0d:f8:c5:1a:c1:73:
c7:de:c8:89:0d:66:0e:75:95:cd:f8:96:da:df:17:b3:66:48:
48:96:40:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhseGDPO3X8/Rxc899/kkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZTUzZDM0MGE4YmY0N2MxYmYzNGQzMjU1ZTEwMmVmYjE4
MWFkMTkwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjYwZDM3YTA1NTI5ODQ2MDVlOWY5ZTkyOWJhOThmZmRlZTg2OTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7y1FXUPPm/YzhpFQzKccWDuWMf9
FMUtxSv3iCLyjGTohVyuQp6d8RStRjSExiwyT68tczrF19834oglxch7bup1Jaoy
9E4jg/6gAWkV5RyQ+tSCfyvwqdq7N/Sov7HPaMmpABT1v9G7tPaA6qUyr37edyZl
c6eJhbvtwfGD4KRcjKMKOeGqiV9SGFHSeVsJtQLsipCrcaiKJELRoPl/atqx5Gmj
rGe+DJtauhOYnDV0ECpIgXrRUmKZ2/DID1Z7UO/xwQowJ7ydwdJXqfoefEjkARNv
U47TUkTGOmWiq7Gd7K6Y7rfPKVLk5gOvq7UQWewcSf4udRdfm2b/LskNEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEJg03oFUphGBen56Sm6mP/e6GkjMB8GA1UdIwQY
MBaAFCvlPTQKi/R8G/NNMlXhAu+xga0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSy1VOU5BcUw5SHdiODAweVZlRUM3N0dCclJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9mNzI1NjItNDVmNS00MDE5LTgzYTEt
NzRmMGMzZTY2M2NiLzEvUW1EVGVnVlNtRVlGNmZucEticVlfOTdvYVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9mNzI1NjItNDVmNS00MDE5LTgzYTEtNzRmMGMzZTY2M2Ni
LzEvSy1VOU5BcUw5SHdiODAweVZlRUM3N0dCclJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuw4MA0G
CSqGSIb3DQEBCwUAA4IBAQA7+57SP9Kj8k+2XH+xP9/1jEL5IxfOOKnNHW3javXz
Fp/LeeWvQ9n9PADEKNKnQIw+o0mEPqHIArQhbS4pH8Q6m01BLZJ0JhUm8c2GCPSC
5QAPuLwojJEc/f9DsLcIK05Ty0Ts5tJ93CbHKqLzOt5TzIgt9ZKUpRaXaO3pUJT+
MtSfJhdfTOQ7yaeUm7FTCr90dFE46SXUr9Oaj8WBB8iU228WoB5GK4ju7jSf3NEZ
UMp7NaTXD4XD1ToaKUtc/qSuBLosJnVqvF9eCiv61RfBKq14wT3lRIu3ESM1FJBI
ZJyp++cN+MUawXPH3siJDWYOdZXN+Jba3xezZkhIlkBX
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:28:17 2025 by rpki-client