Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/883carP1hhWb3_MmiKGn80hphf0.roa
File: 883carP1hhWb3_MmiKGn80hphf0.roa (raw, json)
Hash identifier: cPZWjDagkqb5tEO5wfwI807e/U08AzhpwxGlaqpcxgI=
Subject key identifier: F3:CD:DC:6A:B3:F5:86:15:9B:DF:F3:26:88:A1:A7:F3:48:69:85:FD
Certificate issuer: /CN=e2b1e2e4c508c6c7a98b6598528745c813fad31d
Certificate serial: 01956FE8FB36FA5FAA9420B5C245728BBF52
Authority key identifier: E2:B1:E2:E4:C5:08:C6:C7:A9:8B:65:98:52:87:45:C8:13:FA:D3:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4rHi5MUIxsepi2WYUodFyBP60x0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/883carP1hhWb3_MmiKGn80hphf0.roa
Signing time: Fri 07 Mar 2025 09:21:34 +0000
ROA not before: Fri 07 Mar 2025 09:21:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31198
IP address blocks: 46.18.152.0/21 maxlen: 24
217.173.48.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6f:e8:fb:36:fa:5f:aa:94:20:b5:c2:45:72:8b:bf:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2b1e2e4c508c6c7a98b6598528745c813fad31d
Validity
Not Before: Mar 7 09:21:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3cddc6ab3f586159bdff32688a1a7f3486985fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4b:f2:df:d5:da:13:f3:f7:b4:bf:52:e0:69:
c8:02:d2:1e:38:d5:85:42:96:cf:02:d4:58:a1:af:
40:88:b7:76:2b:66:ea:61:86:4d:b0:1e:51:80:41:
8a:29:28:e1:d9:ac:3a:34:aa:ce:8f:66:b1:21:f1:
e1:2f:22:76:e6:e8:14:89:99:c6:7e:7d:03:b3:11:
f2:32:ff:ce:fa:a1:56:20:3c:ca:a2:53:fb:fd:88:
8d:b7:90:c5:96:d4:6a:d2:e2:0a:67:6f:30:8d:ae:
83:cf:32:4a:7e:61:8f:9c:f1:98:63:2c:d6:dc:ce:
9d:9d:99:40:3b:cf:10:fb:2f:94:08:71:c6:51:c5:
30:49:fb:b8:c3:b4:de:47:ba:7b:89:2e:6e:c0:e3:
74:c4:91:77:31:04:55:50:c1:46:c2:8d:c9:26:99:
c1:98:3a:bd:bb:a8:27:96:6b:b5:50:14:4b:c7:d5:
f4:9f:d6:5e:2d:69:ec:0d:4a:fb:9a:08:e7:17:2c:
db:8b:e6:b4:f0:1e:b0:6b:bc:3f:fa:16:3f:06:f2:
08:c5:7d:2d:44:6a:bb:20:ff:68:15:7a:c4:0b:bc:
fb:e1:9b:4d:b1:5f:8c:30:34:b6:39:9c:54:0a:38:
aa:66:39:f7:53:61:88:c7:6f:a3:46:bc:23:9a:f6:
0e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CD:DC:6A:B3:F5:86:15:9B:DF:F3:26:88:A1:A7:F3:48:69:85:FD
X509v3 Authority Key Identifier:
keyid:E2:B1:E2:E4:C5:08:C6:C7:A9:8B:65:98:52:87:45:C8:13:FA:D3:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4rHi5MUIxsepi2WYUodFyBP60x0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/883carP1hhWb3_MmiKGn80hphf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d31e5f-0f52-4623-867a-543d6182e294/1/4rHi5MUIxsepi2WYUodFyBP60x0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.152.0/21
217.173.48.0/24
Signature Algorithm: sha256WithRSAEncryption
09:c3:2d:cf:38:1f:f7:ba:4e:6f:26:67:3b:87:01:f2:4f:eb:
39:50:43:db:b5:52:ae:0b:8c:c4:5b:e4:47:cd:fd:1e:cb:a7:
fa:03:fe:57:a2:9f:eb:9f:4b:e0:f5:f2:40:9e:81:cf:9e:e1:
33:72:41:3b:6e:aa:63:96:31:05:04:39:b5:1d:d8:fe:38:e3:
c0:64:dc:d6:2e:39:c1:f2:81:ad:43:31:6f:c0:6e:88:ea:ba:
30:8d:98:0d:76:42:a9:a4:e0:96:b0:10:6e:e9:a4:85:03:17:
bf:69:15:33:52:d5:4c:1c:75:dc:5e:07:00:b7:34:6f:24:53:
fb:f9:52:63:57:13:08:c4:1c:9f:c3:a0:c0:67:cc:cb:53:88:
19:ae:26:fc:9a:c7:0a:3b:52:ed:74:ac:7f:7a:86:7d:71:93:
d6:e8:0c:aa:c9:da:bd:72:d6:2e:a0:1e:17:3e:d5:1f:82:d7:
60:04:8a:af:67:ae:74:b2:c5:75:f2:fd:94:f3:b5:9c:d7:f9:
93:90:fe:83:80:c9:03:ee:9a:80:bf:db:8b:01:77:89:bc:0e:
89:8b:9d:43:ea:0c:74:59:ac:9a:22:1d:ef:80:10:12:4f:b5:
c0:c9:26:54:25:5f:7a:e7:27:f2:14:78:84:59:07:d4:c9:97:
b8:c3:5a:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVv6Ps2+l+qlCC1wkVyi79SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYjFlMmU0YzUwOGM2YzdhOThiNjU5ODUyODc0NWM4MTNm
YWQzMWQwHhcNMjUwMzA3MDkyMTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2NkZGM2YWIzZjU4NjE1OWJkZmYzMjY4OGExYTdmMzQ4Njk4NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Uvy39XaE/P3tL9S4GnIAtIeONWF
QpbPAtRYoa9AiLd2K2bqYYZNsB5RgEGKKSjh2aw6NKrOj2axIfHhLyJ25ugUiZnG
fn0DsxHyMv/O+qFWIDzKolP7/YiNt5DFltRq0uIKZ28wja6DzzJKfmGPnPGYYyzW
3M6dnZlAO88Q+y+UCHHGUcUwSfu4w7TeR7p7iS5uwON0xJF3MQRVUMFGwo3JJpnB
mDq9u6gnlmu1UBRLx9X0n9ZeLWnsDUr7mgjnFyzbi+a08B6wa7w/+hY/BvIIxX0t
RGq7IP9oFXrEC7z74ZtNsV+MMDS2OZxUCjiqZjn3U2GIx2+jRrwjmvYOnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPPN3Gqz9YYVm9/zJoihp/NIaYX9MB8GA1UdIwQY
MBaAFOKx4uTFCMbHqYtlmFKHRcgT+tMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHJIaTVNVUl4c2VwaTJXWVVvZEZ5QlA2MHgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kMzFlNWYtMGY1Mi00NjIzLTg2N2Et
NTQzZDYxODJlMjk0LzEvODgzY2FyUDFoaFdiM19NbWlLR244MGhwaGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kMzFlNWYtMGY1Mi00NjIzLTg2N2EtNTQzZDYxODJlMjk0
LzEvNHJIaTVNVUl4c2VwaTJXWVVvZEZ5QlA2MHgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLhKYAwQA
2a0wMA0GCSqGSIb3DQEBCwUAA4IBAQAJwy3POB/3uk5vJmc7hwHyT+s5UEPbtVKu
C4zEW+RHzf0ey6f6A/5Xop/rn0vg9fJAnoHPnuEzckE7bqpjljEFBDm1Hdj+OOPA
ZNzWLjnB8oGtQzFvwG6I6rowjZgNdkKppOCWsBBu6aSFAxe/aRUzUtVMHHXcXgcA
tzRvJFP7+VJjVxMIxByfw6DAZ8zLU4gZrib8mscKO1LtdKx/eoZ9cZPW6Ayqydq9
ctYuoB4XPtUfgtdgBIqvZ650ssV18v2U87Wc1/mTkP6DgMkD7pqAv9uLAXeJvA6J
i51D6gx0WayaIh3vgBAST7XAySZUJV965yfyFHiEWQfUyZe4w1pZ
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:03 2025 by rpki-client on console.sobornost.net