Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/o2P4F8wGwS7Hu_Z9DavQWwnt9SU.roa
File: o2P4F8wGwS7Hu_Z9DavQWwnt9SU.roa (raw, json)
Hash identifier: vp0AJWW08FmlyogXHIG/NX7ZAqoKcGLBFnnNS6LdgqQ=
Subject key identifier: A3:63:F8:17:CC:06:C1:2E:C7:BB:F6:7D:0D:AB:D0:5B:09:ED:F5:25
Certificate issuer: /CN=02d0e88885ef48b20c87b76fd85d42e6eb3d7183
Certificate serial: 019427B60C52DE933470B3E451410557A434
Authority key identifier: 02:D0:E8:88:85:EF:48:B2:0C:87:B7:6F:D8:5D:42:E6:EB:3D:71:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AtDoiIXvSLIMh7dv2F1C5us9cYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/o2P4F8wGwS7Hu_Z9DavQWwnt9SU.roa
Signing time: Thu 02 Jan 2025 15:50:29 +0000
ROA not before: Thu 02 Jan 2025 15:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51764
IP address blocks: 46.31.0.0/21 maxlen: 24
46.31.6.0/24 maxlen: 24
91.102.200.0/21 maxlen: 24
91.102.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:0c:52:de:93:34:70:b3:e4:51:41:05:57:a4:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02d0e88885ef48b20c87b76fd85d42e6eb3d7183
Validity
Not Before: Jan 2 15:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a363f817cc06c12ec7bbf67d0dabd05b09edf525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:b3:49:f0:89:81:e1:21:3c:ab:9c:33:15:9d:
b4:02:a3:a6:4f:9c:5d:9a:e3:dc:ef:bc:2e:12:ae:
42:10:de:97:dc:d9:09:24:26:8c:7a:de:d6:64:91:
f0:0f:cc:60:8b:75:41:53:5b:dc:c5:b1:c3:3f:46:
5a:50:df:5c:f0:ef:ce:63:1e:20:a7:15:72:9d:3e:
d4:06:ac:f7:1d:58:7f:74:ae:c2:fc:42:46:c6:6d:
6d:22:44:05:8b:a9:9c:3a:37:6b:d8:55:5c:14:16:
eb:61:fb:59:f5:8c:26:c6:7d:88:cd:98:47:10:e9:
47:f6:b7:8e:ba:5d:9d:2b:4c:36:33:7d:c2:81:94:
b8:f8:7e:06:43:9f:34:19:f0:fd:bd:31:a0:23:8e:
d1:14:69:b6:41:80:3e:42:a6:24:1e:30:5b:a4:a5:
11:6b:3e:7c:9b:a4:72:b4:15:ed:21:fc:1a:3c:32:
66:f1:7a:c9:95:db:89:da:37:47:33:54:2c:f9:f1:
7f:75:e3:41:c5:d0:ab:41:ea:ac:0f:84:22:7b:6b:
cb:ba:6f:a3:19:8f:1c:89:b2:33:cb:39:43:2b:37:
de:ab:bf:8c:45:1a:63:01:5f:c5:48:da:0e:c3:22:
13:73:e4:98:17:d8:43:be:c2:5e:9a:60:3f:45:83:
a5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:63:F8:17:CC:06:C1:2E:C7:BB:F6:7D:0D:AB:D0:5B:09:ED:F5:25
X509v3 Authority Key Identifier:
keyid:02:D0:E8:88:85:EF:48:B2:0C:87:B7:6F:D8:5D:42:E6:EB:3D:71:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AtDoiIXvSLIMh7dv2F1C5us9cYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/o2P4F8wGwS7Hu_Z9DavQWwnt9SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f4eb6-6026-4098-88d7-953c68506d5c/1/AtDoiIXvSLIMh7dv2F1C5us9cYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.0.0/21
91.102.200.0/21
Signature Algorithm: sha256WithRSAEncryption
06:9c:96:cc:1f:b9:4d:95:79:87:1b:f0:56:27:04:99:70:52:
b1:e2:a1:31:0e:ee:20:1d:ae:ca:43:3d:0d:6e:76:ae:4b:fe:
8f:84:cf:e7:19:82:54:c1:23:03:b6:79:0a:66:45:b4:ce:42:
2f:01:43:2e:c3:47:a2:91:f4:22:2d:93:02:61:a8:98:4e:1b:
9d:4e:90:43:b1:06:87:dd:d2:e6:98:99:c9:f8:db:05:1b:5e:
3b:84:69:ec:75:82:a3:6b:fd:8b:55:0b:4d:db:e0:e7:cc:f3:
b2:56:27:e8:13:ce:6d:13:0b:ab:80:1d:92:5a:6a:aa:59:ef:
90:a9:8e:14:7a:94:4c:9f:77:ce:f6:29:2b:f6:77:4f:ac:d7:
c8:82:0f:89:0f:d6:48:ba:6c:71:6b:da:35:0d:16:ea:24:6b:
72:2b:9d:c6:4e:22:91:35:6c:00:41:33:ef:9c:68:c4:b1:42:
ab:1e:20:fe:5c:2d:7c:c4:1d:ba:b3:a3:e3:77:d2:53:4c:4b:
27:ff:58:fd:45:65:ec:52:0f:e1:23:d1:5f:15:57:8c:39:24:
2f:f4:a6:68:6c:7f:8b:ff:4c:ed:d3:e7:ea:fd:57:7f:b6:7b:
af:b9:cf:4c:3b:f4:0b:cf:6c:5e:21:9d:ba:8e:a5:f2:fd:ae:
99:2e:44:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntgxS3pM0cLPkUUEFV6Q0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZDBlODg4ODVlZjQ4YjIwYzg3Yjc2ZmQ4NWQ0MmU2ZWIz
ZDcxODMwHhcNMjUwMTAyMTU1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzYzZjgxN2NjMDZjMTJlYzdiYmY2N2QwZGFiZDA1YjA5ZWRmNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8LNJ8ImB4SE8q5wzFZ20AqOmT5xd
muPc77wuEq5CEN6X3NkJJCaMet7WZJHwD8xgi3VBU1vcxbHDP0ZaUN9c8O/OYx4g
pxVynT7UBqz3HVh/dK7C/EJGxm1tIkQFi6mcOjdr2FVcFBbrYftZ9Ywmxn2IzZhH
EOlH9reOul2dK0w2M33CgZS4+H4GQ580GfD9vTGgI47RFGm2QYA+QqYkHjBbpKUR
az58m6RytBXtIfwaPDJm8XrJlduJ2jdHM1Qs+fF/deNBxdCrQeqsD4Qie2vLum+j
GY8cibIzyzlDKzfeq7+MRRpjAV/FSNoOwyITc+SYF9hDvsJemmA/RYOlkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKNj+BfMBsEux7v2fQ2r0FsJ7fUlMB8GA1UdIwQY
MBaAFALQ6IiF70iyDIe3b9hdQubrPXGDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXREb2lJWHZTTElNaDdkdjJGMUM1dXM5Y1lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjRlYjYtNjAyNi00MDk4LTg4ZDct
OTUzYzY4NTA2ZDVjLzEvbzJQNEY4d0d3UzdIdV9aOURhdlFXd250OVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjRlYjYtNjAyNi00MDk4LTg4ZDctOTUzYzY4NTA2ZDVj
LzEvQXREb2lJWHZTTElNaDdkdjJGMUM1dXM5Y1lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLh8AAwQD
W2bIMA0GCSqGSIb3DQEBCwUAA4IBAQAGnJbMH7lNlXmHG/BWJwSZcFKx4qExDu4g
Ha7KQz0NbnauS/6PhM/nGYJUwSMDtnkKZkW0zkIvAUMuw0eikfQiLZMCYaiYThud
TpBDsQaH3dLmmJnJ+NsFG147hGnsdYKja/2LVQtN2+DnzPOyVifoE85tEwurgB2S
WmqqWe+QqY4UepRMn3fO9ikr9ndPrNfIgg+JD9ZIumxxa9o1DRbqJGtyK53GTiKR
NWwAQTPvnGjEsUKrHiD+XC18xB26s6Pjd9JTTEsn/1j9RWXsUg/hI9FfFVeMOSQv
9KZobH+L/0zt0+fq/Vd/tnuvuc9MO/QLz2xeIZ26jqXy/a6ZLkSe
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:50 2025 by rpki-client on console.sobornost.net