Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/2prUFfcWnh9lgfuneUgUhRLhvHo.roa
File: 2prUFfcWnh9lgfuneUgUhRLhvHo.roa (raw, json)
Hash identifier: +J6ztDLMf312P+nFSc286+Tl+BdFnufwiNmO1oygSqw=
Subject key identifier: DA:9A:D4:15:F7:16:9E:1F:65:81:FB:A7:79:48:14:85:12:E1:BC:7A
Certificate issuer: /CN=23d480b0795617e2e26e6e18264377e7a96c78f3
Certificate serial: 019427B63C992597BD742367F2B713B9DAF3
Authority key identifier: 23:D4:80:B0:79:56:17:E2:E2:6E:6E:18:26:43:77:E7:A9:6C:78:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9SAsHlWF-Libm4YJkN356lsePM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/2prUFfcWnh9lgfuneUgUhRLhvHo.roa
Signing time: Thu 02 Jan 2025 15:50:41 +0000
ROA not before: Thu 02 Jan 2025 15:50:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31059
IP address blocks: 46.227.160.0/23 maxlen: 23
46.227.162.0/24 maxlen: 24
46.227.164.0/24 maxlen: 24
46.227.166.0/24 maxlen: 24
46.227.167.0/24 maxlen: 24
95.143.0.0/21 maxlen: 24
95.143.4.0/24 maxlen: 24
95.143.5.0/24 maxlen: 24
95.143.8.0/23 maxlen: 23
95.143.10.0/24 maxlen: 24
95.143.11.0/24 maxlen: 24
95.143.12.0/24 maxlen: 24
95.143.13.0/24 maxlen: 24
95.143.14.0/23 maxlen: 23
185.72.224.0/24 maxlen: 24
185.72.225.0/24 maxlen: 24
185.72.226.0/24 maxlen: 24
185.72.227.0/24 maxlen: 24
193.242.176.0/22 maxlen: 22
2a02:1328:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:3c:99:25:97:bd:74:23:67:f2:b7:13:b9:da:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d480b0795617e2e26e6e18264377e7a96c78f3
Validity
Not Before: Jan 2 15:50:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da9ad415f7169e1f6581fba77948148512e1bc7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:71:f1:a4:99:87:7f:c3:ea:08:89:f3:f6:a1:
cd:91:2d:dc:dc:e8:d5:cc:01:d5:f7:3c:bc:b3:0e:
ef:fd:95:25:40:f3:92:10:88:d1:9c:4a:d7:a7:dc:
a2:fa:d2:8c:c9:73:44:5b:47:80:92:50:f0:30:6c:
ba:ef:2d:6b:42:99:c3:8e:a3:e1:37:e2:50:b3:2e:
80:44:d0:d6:6d:38:eb:52:72:cb:09:c9:44:99:9f:
ab:4e:63:ce:a5:28:5c:12:f3:f8:6f:23:ac:68:86:
45:ae:64:b2:aa:1b:01:a5:3e:84:60:fc:42:d7:93:
11:cb:53:71:34:c4:6f:e7:1a:c1:f6:c1:86:e5:94:
fe:de:91:9c:61:9b:81:a9:5b:c0:0f:bb:01:26:11:
53:69:e8:f5:ff:33:48:b7:07:fa:cf:b6:a5:8f:48:
f9:77:29:88:50:16:1f:cb:3d:f4:31:dc:06:dc:49:
e6:60:24:b4:6b:d8:d4:90:a5:e9:ec:9d:04:1f:ab:
22:34:af:c5:c1:b5:e7:3f:9c:21:83:b7:10:4b:a4:
92:f6:74:ec:f4:f8:a9:70:5b:56:e6:07:7a:f2:85:
4f:9d:da:80:b5:3e:fe:d9:82:d3:44:df:94:7a:de:
e2:f7:ff:cd:76:b0:a6:ac:c0:9c:65:47:4e:7b:fb:
f4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9A:D4:15:F7:16:9E:1F:65:81:FB:A7:79:48:14:85:12:E1:BC:7A
X509v3 Authority Key Identifier:
keyid:23:D4:80:B0:79:56:17:E2:E2:6E:6E:18:26:43:77:E7:A9:6C:78:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9SAsHlWF-Libm4YJkN356lsePM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/2prUFfcWnh9lgfuneUgUhRLhvHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/664cab-ba9a-4c40-97f4-af98e49f11ae/1/I9SAsHlWF-Libm4YJkN356lsePM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.160.0-46.227.162.255
46.227.164.0/24
46.227.166.0/23
95.143.0.0/20
185.72.224.0/22
193.242.176.0/22
IPv6:
2a02:1328:2::/48
Signature Algorithm: sha256WithRSAEncryption
87:52:c1:7e:10:87:40:e9:13:ad:67:ed:56:c3:ce:b0:0f:eb:
8a:29:58:f7:99:2a:22:e0:8d:d3:55:22:b9:a2:69:c4:a1:e9:
36:7c:7f:07:68:9c:e6:0d:45:a2:b7:a4:ce:3a:b2:26:fd:b9:
f8:6c:48:0e:20:53:71:fe:e3:4b:dc:71:48:43:c3:03:bf:34:
10:56:cf:76:4c:90:ac:1f:88:5f:60:88:5a:d8:51:9b:03:bf:
96:12:27:e7:73:05:ff:4b:74:58:52:79:30:15:e5:46:74:b5:
4b:e6:1c:2f:a2:4a:03:bd:48:23:fb:88:0e:4f:9a:19:df:d5:
14:2c:a8:e2:45:07:82:f6:e5:cb:3b:27:03:9e:30:cf:31:df:
8f:c8:f2:cf:63:57:92:aa:1f:75:be:15:e7:37:eb:51:29:a5:
da:5f:a2:32:c1:77:e6:f7:29:3a:c0:2c:2c:eb:8b:36:f3:d2:
63:f2:15:20:3d:81:b6:fc:dd:2d:63:9c:da:7a:a0:d2:10:86:
eb:40:c7:bf:0e:76:8d:09:34:a9:3b:dd:13:c7:db:b6:0d:f7:
c4:0c:ce:08:14:bc:6d:85:de:e4:48:65:d6:cb:5d:3d:62:17:
1f:b6:c8:e8:c5:93:c8:14:64:7f:84:28:06:00:51:10:21:36:
e2:96:66:1f
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZQntjyZJZe9dCNn8rcTudrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDQ4MGIwNzk1NjE3ZTJlMjZlNmUxODI2NDM3N2U3YTk2
Yzc4ZjMwHhcNMjUwMTAyMTU1MDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTlhZDQxNWY3MTY5ZTFmNjU4MWZiYTc3OTQ4MTQ4NTEyZTFiYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHHxpJmHf8PqCInz9qHNkS3c3OjV
zAHV9zy8sw7v/ZUlQPOSEIjRnErXp9yi+tKMyXNEW0eAklDwMGy67y1rQpnDjqPh
N+JQsy6ARNDWbTjrUnLLCclEmZ+rTmPOpShcEvP4byOsaIZFrmSyqhsBpT6EYPxC
15MRy1NxNMRv5xrB9sGG5ZT+3pGcYZuBqVvAD7sBJhFTaej1/zNItwf6z7alj0j5
dymIUBYfyz30MdwG3EnmYCS0a9jUkKXp7J0EH6siNK/FwbXnP5whg7cQS6SS9nTs
9PipcFtW5gd68oVPndqAtT7+2YLTRN+Uet7i9//NdrCmrMCcZUdOe/v0JwIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFNqa1BX3Fp4fZYH7p3lIFIUS4bx6MB8GA1UdIwQY
MBaAFCPUgLB5Vhfi4m5uGCZDd+epbHjzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTlTQXNIbFdGLUxpYm00WUprTjM1NmxzZVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82NjRjYWItYmE5YS00YzQwLTk3ZjQt
YWY5OGU0OWYxMWFlLzEvMnByVUZmY1duaDlsZ2Z1bmVVZ1VoUkxodkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82NjRjYWItYmE5YS00YzQwLTk3ZjQtYWY5OGU0OWYxMWFl
LzEvSTlTQXNIbFdGLUxpYm00WUprTjM1NmxzZVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAyBAIAATAsMAwDBAUu46AD
BAAu46IDBAAu46QDBAEu46YDBARfjwADBAK5SOADBALB8rAwDwQCAAIwCQMHACoC
EygAAjANBgkqhkiG9w0BAQsFAAOCAQEAh1LBfhCHQOkTrWftVsPOsA/riilY95kq
IuCN01UiuaJpxKHpNnx/B2ic5g1ForekzjqyJv25+GxIDiBTcf7jS9xxSEPDA780
EFbPdkyQrB+IX2CIWthRmwO/lhIn53MF/0t0WFJ5MBXlRnS1S+YcL6JKA71II/uI
Dk+aGd/VFCyo4kUHgvblyzsnA54wzzHfj8jyz2NXkqofdb4V5zfrUSml2l+iMsF3
5vcpOsAsLOuLNvPSY/IVID2BtvzdLWOc2nqg0hCG60DHvw52jQk0qTvdE8fbtg33
xAzOCBS8bYXe5Ehl1stdPWIXH7bI6MWTyBRkf4QoBgBRECE24pZmHw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:02:09 2025 by rpki-client