Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/joLjnXq5TOYYW_4FuKC8bo1yPOw.roa
File: joLjnXq5TOYYW_4FuKC8bo1yPOw.roa (raw, json)
Hash identifier: dCtqRZeV+2Jmc1BP05sZQckjaKmrERFPrTJOGDnM+kM=
Subject key identifier: 8E:82:E3:9D:7A:B9:4C:E6:18:5B:FE:05:B8:A0:BC:6E:8D:72:3C:EC
Certificate issuer: /CN=1792806c34f57583899dc52dca407e25cf9d3622
Certificate serial: 01942823B35B4183EB8F8B8B54180A411A80
Authority key identifier: 17:92:80:6C:34:F5:75:83:89:9D:C5:2D:CA:40:7E:25:CF:9D:36:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5KAbDT1dYOJncUtykB-Jc-dNiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/joLjnXq5TOYYW_4FuKC8bo1yPOw.roa
Signing time: Thu 02 Jan 2025 17:50:15 +0000
ROA not before: Thu 02 Jan 2025 17:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20552
IP address blocks: 46.227.240.0/21 maxlen: 21
2a01:7600::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:b3:5b:41:83:eb:8f:8b:8b:54:18:0a:41:1a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1792806c34f57583899dc52dca407e25cf9d3622
Validity
Not Before: Jan 2 17:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e82e39d7ab94ce6185bfe05b8a0bc6e8d723cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:96:2e:99:fb:8a:67:6a:a9:9b:45:56:22:53:
32:a5:30:ac:ee:74:c5:09:62:47:26:36:c1:75:62:
89:4a:e0:91:f2:c6:69:c2:56:43:23:9e:ee:a8:40:
b2:b8:20:36:9d:b6:82:43:eb:e8:78:54:08:a8:5c:
96:28:77:ef:58:c4:2c:e8:d5:58:0f:ed:f4:4a:ee:
44:e6:8e:33:cb:ad:ce:67:fe:49:2a:6d:2b:98:5e:
00:19:e0:7d:d5:9c:81:71:e7:07:24:45:50:f8:49:
f9:8d:c9:4d:46:6d:98:d1:46:b7:69:6d:6a:5e:7e:
2c:55:a8:06:f3:06:e5:cf:f5:6b:a3:f9:ed:0f:4d:
11:b1:90:3c:5e:12:10:90:93:6e:de:f8:cd:1d:32:
7e:4a:d7:c5:27:94:d8:96:25:54:62:65:90:c6:f6:
88:a0:33:cc:a4:4e:f2:9f:93:b3:f3:32:e9:db:b0:
bf:db:ab:26:52:3e:f0:b5:b9:88:42:0b:4c:87:c5:
2c:8d:c8:41:d9:30:a3:ec:46:5d:8e:ed:85:c0:ae:
de:cb:65:ae:c3:dd:52:d6:91:06:4c:0c:2b:1c:43:
3b:6c:13:18:53:28:77:94:19:40:15:e6:09:0f:b5:
7d:a8:40:12:2d:09:eb:db:ac:06:42:26:bd:b2:7f:
af:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:82:E3:9D:7A:B9:4C:E6:18:5B:FE:05:B8:A0:BC:6E:8D:72:3C:EC
X509v3 Authority Key Identifier:
keyid:17:92:80:6C:34:F5:75:83:89:9D:C5:2D:CA:40:7E:25:CF:9D:36:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5KAbDT1dYOJncUtykB-Jc-dNiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/joLjnXq5TOYYW_4FuKC8bo1yPOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/96520f-7bd8-4fc8-8c7f-7ef2d70d708f/1/F5KAbDT1dYOJncUtykB-Jc-dNiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.240.0/21
IPv6:
2a01:7600::/32
Signature Algorithm: sha256WithRSAEncryption
58:b7:5b:f8:d8:d9:13:ab:43:66:97:9d:a2:3a:8a:d1:3e:b5:
18:35:04:3e:6b:25:0c:22:c6:46:6d:1b:77:58:d2:52:28:28:
22:86:e5:69:fb:bf:bf:97:3c:53:13:a5:1d:66:08:5c:fe:f0:
5a:40:cc:c9:d8:f7:f8:ad:2c:bc:09:89:1f:82:a3:ba:ba:a0:
13:4e:62:f5:fc:04:f0:42:2a:35:46:df:b4:61:a2:3c:b8:bb:
b7:f8:e8:06:b7:bb:b2:85:10:79:6f:21:05:69:f6:e9:3f:b9:
86:50:61:a0:6e:3d:e9:d5:fc:0f:03:ab:04:f0:6e:02:52:8c:
ab:50:b0:fd:cc:cb:03:bb:71:5b:76:fe:25:3a:d1:c6:1b:a8:
45:5a:2e:dc:e6:da:75:c1:69:cf:17:53:34:5c:79:20:33:cb:
66:06:4d:de:a1:cf:00:05:d5:b9:b3:f7:f8:7c:f3:1d:86:51:
b3:84:da:30:dc:b4:04:57:b8:f5:3c:89:e2:a4:f6:c1:b9:f1:
f3:17:c7:2e:2b:0e:6c:d6:64:d5:21:6f:78:92:28:4a:e8:a3:
af:ff:75:b4:41:82:42:82:76:6c:35:96:07:2d:f7:01:23:55:
cd:76:64:5a:61:57:31:3f:47:ce:58:9b:28:94:eb:c0:c7:63:
8c:9b:10:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoI7NbQYPrj4uLVBgKQRqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTI4MDZjMzRmNTc1ODM4OTlkYzUyZGNhNDA3ZTI1Y2Y5
ZDM2MjIwHhcNMjUwMTAyMTc1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTgyZTM5ZDdhYjk0Y2U2MTg1YmZlMDViOGEwYmM2ZThkNzIzY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZYumfuKZ2qpm0VWIlMypTCs7nTF
CWJHJjbBdWKJSuCR8sZpwlZDI57uqECyuCA2nbaCQ+voeFQIqFyWKHfvWMQs6NVY
D+30Su5E5o4zy63OZ/5JKm0rmF4AGeB91ZyBcecHJEVQ+En5jclNRm2Y0Ua3aW1q
Xn4sVagG8wblz/Vro/ntD00RsZA8XhIQkJNu3vjNHTJ+StfFJ5TYliVUYmWQxvaI
oDPMpE7yn5Oz8zLp27C/26smUj7wtbmIQgtMh8UsjchB2TCj7EZdju2FwK7ey2Wu
w91S1pEGTAwrHEM7bBMYUyh3lBlAFeYJD7V9qEASLQnr26wGQia9sn+vsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI6C4516uUzmGFv+BbigvG6NcjzsMB8GA1UdIwQY
MBaAFBeSgGw09XWDiZ3FLcpAfiXPnTYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVLQWJEVDFkWU9KbmNVdHlrQi1KYy1kTmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NjUyMGYtN2JkOC00ZmM4LThjN2Yt
N2VmMmQ3MGQ3MDhmLzEvam9Mam5YcTVUT1lZV180RnVLQzhibzF5UE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NjUyMGYtN2JkOC00ZmM4LThjN2YtN2VmMmQ3MGQ3MDhm
LzEvRjVLQWJEVDFkWU9KbmNVdHlrQi1KYy1kTmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLuPwMA0E
AgACMAcDBQAqAXYAMA0GCSqGSIb3DQEBCwUAA4IBAQBYt1v42NkTq0Nml52iOorR
PrUYNQQ+ayUMIsZGbRt3WNJSKCgihuVp+7+/lzxTE6UdZghc/vBaQMzJ2Pf4rSy8
CYkfgqO6uqATTmL1/ATwQio1Rt+0YaI8uLu3+OgGt7uyhRB5byEFafbpP7mGUGGg
bj3p1fwPA6sE8G4CUoyrULD9zMsDu3Fbdv4lOtHGG6hFWi7c5tp1wWnPF1M0XHkg
M8tmBk3eoc8ABdW5s/f4fPMdhlGzhNow3LQEV7j1PInipPbBufHzF8cuKw5s1mTV
IW94kihK6KOv/3W0QYJCgnZsNZYHLfcBI1XNdmRaYVcxP0fOWJsolOvAx2OMmxAi
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:24 2025 by rpki-client on console.sobornost.net