Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/0i2nUtRKmB3lhZOxzG3njrwbmME.roa
File: 0i2nUtRKmB3lhZOxzG3njrwbmME.roa (raw, json)
Hash identifier: dpZHm/KEbm95HKs7W7IrS4dN/fteRpx/stGG7Xu0VS8=
Subject key identifier: D2:2D:A7:52:D4:4A:98:1D:E5:85:93:B1:CC:6D:E7:8E:BC:1B:98:C1
Certificate issuer: /CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Certificate serial: 0196246548943822A1619AF86070BF2D2D56
Authority key identifier: A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/0i2nUtRKmB3lhZOxzG3njrwbmME.roa
Signing time: Fri 11 Apr 2025 10:28:59 +0000
ROA not before: Fri 11 Apr 2025 10:28:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137517
IP address blocks: 46.236.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:65:48:94:38:22:a1:61:9a:f8:60:70:bf:2d:2d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Validity
Not Before: Apr 11 10:28:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d22da752d44a981de58593b1cc6de78ebc1b98c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a9:a5:cf:4c:16:0c:f3:92:78:c9:b4:de:84:
21:cb:20:d7:fd:7e:bc:15:27:4f:fa:1f:48:64:e3:
c9:70:68:42:e9:96:f0:e5:cf:86:1a:00:ca:33:11:
a3:2d:cf:25:2d:c8:29:7d:91:c1:3f:20:fc:65:93:
67:c2:2c:38:10:77:cb:1c:02:eb:b7:d3:af:46:1c:
01:aa:c4:2c:19:45:d0:7e:96:1a:78:fd:e4:c9:3a:
96:0b:1f:43:2e:b2:ee:0e:85:d7:37:ac:49:e8:00:
6e:cd:2a:61:31:58:c9:db:71:1b:2a:89:1b:4d:74:
33:13:b0:f1:e0:40:b6:60:95:cf:95:be:8d:bb:18:
ce:50:6b:91:4c:84:81:38:fd:c9:f5:68:1e:02:7d:
2d:58:c3:a8:9e:f5:fc:12:66:45:1e:3f:53:9e:e1:
0b:52:26:5a:4b:5d:13:15:53:8a:bb:16:c0:b9:7c:
a0:7a:26:7f:d7:48:83:6f:34:71:04:42:4b:2f:3d:
3d:b3:67:38:ca:1b:11:bf:06:b9:a2:a1:70:ac:47:
ed:82:50:e0:75:f1:5a:9e:ef:4f:70:39:d2:24:91:
38:6e:e3:b3:61:0e:43:25:29:fb:90:7d:07:4e:6c:
45:3b:7f:1f:c1:d1:8a:24:df:59:a0:83:b6:04:c9:
57:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2D:A7:52:D4:4A:98:1D:E5:85:93:B1:CC:6D:E7:8E:BC:1B:98:C1
X509v3 Authority Key Identifier:
keyid:A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/0i2nUtRKmB3lhZOxzG3njrwbmME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.207.0/24
Signature Algorithm: sha256WithRSAEncryption
97:98:bc:5a:d3:24:32:b4:19:27:e4:05:36:4c:55:c2:e5:b4:
93:a9:59:78:b7:b8:12:03:8a:17:45:06:4b:41:c2:40:75:c9:
04:bb:73:38:f6:18:28:5b:de:c5:7a:10:df:6d:73:c1:7d:47:
53:3a:2e:cf:81:2e:4d:78:b1:94:f7:4f:2c:87:4d:98:fa:6b:
34:b9:86:e2:bf:05:65:45:78:42:68:07:b0:d5:6b:0a:9d:bf:
a5:a3:08:c6:3a:92:75:30:78:e6:4a:ef:f9:20:56:c6:72:bd:
bf:55:5d:04:03:55:db:e2:34:21:e1:3b:d2:58:fe:25:07:6b:
a8:5e:b6:7d:bc:5b:38:f0:86:c2:5a:00:db:a3:54:49:a1:01:
c5:65:4a:49:85:7c:41:d2:a6:18:2f:31:6e:45:b2:5b:bf:16:
a3:8c:ac:b0:99:45:0c:80:15:e9:a4:72:67:51:5b:68:87:a3:
cd:8d:18:d2:7b:af:66:34:42:c4:98:ba:13:9a:7b:82:ce:c9:
68:a2:56:4d:1c:c0:db:a4:63:45:a1:dc:f7:dd:e1:c1:37:8b:
3c:5b:1e:00:b3:27:44:e3:9b:c2:d1:7f:8f:05:67:0d:5e:f0:
e4:20:9c:97:e2:0c:47:e2:d7:79:53:c6:ad:26:25:a7:4b:cf:
5f:c5:81:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYkZUiUOCKhYZr4YHC/LS1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjEyZThkZjNhYmQ1NTU5ZjljZjk2ODBhZjY1ZGQxNjU4
OWRlODYwHhcNMjUwNDExMTAyODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjJkYTc1MmQ0NGE5ODFkZTU4NTkzYjFjYzZkZTc4ZWJjMWI5OGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqmlz0wWDPOSeMm03oQhyyDX/X68
FSdP+h9IZOPJcGhC6Zbw5c+GGgDKMxGjLc8lLcgpfZHBPyD8ZZNnwiw4EHfLHALr
t9OvRhwBqsQsGUXQfpYaeP3kyTqWCx9DLrLuDoXXN6xJ6ABuzSphMVjJ23EbKokb
TXQzE7Dx4EC2YJXPlb6NuxjOUGuRTISBOP3J9WgeAn0tWMOonvX8EmZFHj9TnuEL
UiZaS10TFVOKuxbAuXygeiZ/10iDbzRxBEJLLz09s2c4yhsRvwa5oqFwrEftglDg
dfFanu9PcDnSJJE4buOzYQ5DJSn7kH0HTmxFO38fwdGKJN9ZoIO2BMlX/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNItp1LUSpgd5YWTscxt5468G5jBMB8GA1UdIwQY
MBaAFKKxLo3zq9VVn5z5aAr2XdFlid6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEt
YjRjYjYzN2RhOGMzLzEvMGkyblV0UkttQjNsaFpPeHpHM25qcndibU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEtYjRjYjYzN2RhOGMz
LzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuzPMA0G
CSqGSIb3DQEBCwUAA4IBAQCXmLxa0yQytBkn5AU2TFXC5bSTqVl4t7gSA4oXRQZL
QcJAdckEu3M49hgoW97FehDfbXPBfUdTOi7PgS5NeLGU908sh02Y+ms0uYbivwVl
RXhCaAew1WsKnb+lowjGOpJ1MHjmSu/5IFbGcr2/VV0EA1Xb4jQh4TvSWP4lB2uo
XrZ9vFs48IbCWgDbo1RJoQHFZUpJhXxB0qYYLzFuRbJbvxajjKywmUUMgBXppHJn
UVtoh6PNjRjSe69mNELEmLoTmnuCzsloolZNHMDbpGNFodz33eHBN4s8Wx4AsydE
45vC0X+PBWcNXvDkIJyX4gxH4td5U8atJiWnS89fxYGP
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:39 2025 by rpki-client on console.sobornost.net