Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/DJI5pA0yQdHfWf9YZsCq7SLW83k.roa
File: DJI5pA0yQdHfWf9YZsCq7SLW83k.roa (raw, json)
Hash identifier: aYlNDPO2QXpilHLu8WGoR0IYFB4fHF6uZQ2LQMfMdjM=
Subject key identifier: 0C:92:39:A4:0D:32:41:D1:DF:59:FF:58:66:C0:AA:ED:22:D6:F3:79
Certificate issuer: /CN=ec3d3d7e5cbf18af66b7f5b4a5e0ac19ecd39876
Certificate serial: 019427B5659C1496705357D5CF3B9434DEAE
Authority key identifier: EC:3D:3D:7E:5C:BF:18:AF:66:B7:F5:B4:A5:E0:AC:19:EC:D3:98:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7D09fly_GK9mt_W0peCsGezTmHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/DJI5pA0yQdHfWf9YZsCq7SLW83k.roa
Signing time: Thu 02 Jan 2025 15:49:46 +0000
ROA not before: Thu 02 Jan 2025 15:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51483
IP address blocks: 46.235.112.0/21 maxlen: 21
46.235.119.0/24 maxlen: 24
46.254.136.0/21 maxlen: 21
95.142.64.0/20 maxlen: 20
128.0.192.0/21 maxlen: 21
185.74.224.0/22 maxlen: 22
2a00:1100::/29 maxlen: 29
2a00:1100::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:65:9c:14:96:70:53:57:d5:cf:3b:94:34:de:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3d3d7e5cbf18af66b7f5b4a5e0ac19ecd39876
Validity
Not Before: Jan 2 15:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c9239a40d3241d1df59ff5866c0aaed22d6f379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:da:86:c5:bd:49:e3:b5:99:c4:5a:72:c6:45:
60:6d:20:46:2b:6e:13:c5:e3:a8:de:8c:7f:87:e1:
ec:8d:76:be:b3:46:02:cc:ff:7f:70:c4:5d:ab:fc:
6b:d7:cb:90:5d:e9:e9:54:5f:09:7f:12:67:5a:c8:
82:22:95:f3:8e:c8:1a:eb:6a:ad:e5:60:61:5c:3d:
c5:40:ad:d1:85:20:a1:d1:37:d6:15:cb:f4:42:54:
af:88:f2:fd:e2:e4:59:a4:f3:40:04:52:b9:2d:8f:
23:77:48:bb:e7:2a:1b:69:63:54:d5:1d:d6:70:2b:
57:8c:ea:7a:2c:81:30:9c:35:d2:e6:bd:03:67:f3:
35:2d:3b:63:d6:d5:3c:7f:15:b1:94:b3:5c:b1:de:
a0:73:2d:5b:0f:f6:1a:a4:e1:10:c3:49:c5:fc:58:
a6:db:27:d9:de:e8:0c:2f:1e:f2:b5:39:98:d9:16:
33:14:1e:ad:46:39:c7:de:bf:87:5d:fb:f8:2d:bf:
0b:c5:28:eb:df:f9:f7:98:61:0c:52:03:4a:07:48:
de:5c:6d:e6:23:45:cf:7d:49:a7:12:15:3a:82:64:
44:a3:99:9a:76:69:89:cc:6a:a4:96:f4:e4:8f:cd:
cf:f7:a8:fc:8e:2f:d9:83:18:9b:e4:f5:b2:f6:29:
20:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:92:39:A4:0D:32:41:D1:DF:59:FF:58:66:C0:AA:ED:22:D6:F3:79
X509v3 Authority Key Identifier:
keyid:EC:3D:3D:7E:5C:BF:18:AF:66:B7:F5:B4:A5:E0:AC:19:EC:D3:98:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7D09fly_GK9mt_W0peCsGezTmHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/DJI5pA0yQdHfWf9YZsCq7SLW83k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/b659fc-6b9b-4847-b6a3-4660fad83985/1/7D09fly_GK9mt_W0peCsGezTmHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.112.0/21
46.254.136.0/21
95.142.64.0/20
128.0.192.0/21
185.74.224.0/22
IPv6:
2a00:1100::/29
Signature Algorithm: sha256WithRSAEncryption
a7:c8:62:31:31:14:98:15:bc:f5:05:87:57:97:cf:82:07:fe:
b0:76:68:08:05:46:55:d9:7d:5d:e1:ca:e3:6e:3b:af:bb:a3:
49:40:fe:c4:3f:9c:30:34:f6:4a:21:e6:6e:e4:ea:ec:35:eb:
db:09:06:8b:9f:f1:68:1e:49:56:da:2d:38:5f:70:c4:c6:30:
12:ee:3a:98:2f:03:a0:d9:a9:a0:4b:98:b4:b0:9c:8a:98:40:
9d:40:b0:13:81:f4:35:77:d0:38:f8:c9:61:e7:4b:ce:d5:f2:
b0:20:c8:b2:f0:fc:8c:aa:40:af:30:fe:2e:a4:c7:75:bb:d6:
37:b4:c2:3e:b7:fc:1b:df:31:f9:9e:f7:a9:b9:b8:e7:7e:86:
46:8c:ac:d6:95:79:d7:cb:f4:ae:47:33:7f:27:fd:2c:48:59:
78:6b:0b:7a:0b:69:7b:59:6e:80:c7:b5:5f:a8:c4:aa:d2:d9:
35:25:df:14:0a:d5:6b:91:31:f1:f7:1b:e3:13:07:65:11:91:
71:5a:3a:95:ae:4a:ee:a6:73:64:ed:05:59:2a:5f:29:83:9b:
24:52:94:64:e5:e6:1a:1c:29:40:ee:d1:41:ab:a0:a7:63:1c:
a7:a2:51:28:14:71:13:9d:6a:7e:63:2b:2b:6d:da:36:b8:ac:
d9:3f:52:bd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQntWWcFJZwU1fVzzuUNN6uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjM2QzZDdlNWNiZjE4YWY2NmI3ZjViNGE1ZTBhYzE5ZWNk
Mzk4NzYwHhcNMjUwMTAyMTU0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzkyMzlhNDBkMzI0MWQxZGY1OWZmNTg2NmMwYWFlZDIyZDZmMzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tqGxb1J47WZxFpyxkVgbSBGK24T
xeOo3ox/h+HsjXa+s0YCzP9/cMRdq/xr18uQXenpVF8JfxJnWsiCIpXzjsga62qt
5WBhXD3FQK3RhSCh0TfWFcv0QlSviPL94uRZpPNABFK5LY8jd0i75yobaWNU1R3W
cCtXjOp6LIEwnDXS5r0DZ/M1LTtj1tU8fxWxlLNcsd6gcy1bD/YapOEQw0nF/Fim
2yfZ3ugMLx7ytTmY2RYzFB6tRjnH3r+HXfv4Lb8LxSjr3/n3mGEMUgNKB0jeXG3m
I0XPfUmnEhU6gmREo5madmmJzGqklvTkj83P96j8ji/Zgxib5PWy9ikg0wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAySOaQNMkHR31n/WGbAqu0i1vN5MB8GA1UdIwQY
MBaAFOw9PX5cvxivZrf1tKXgrBns05h2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0QwOWZseV9HSzltdF9XMHBlQ3NHZXpUbUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9iNjU5ZmMtNmI5Yi00ODQ3LWI2YTMt
NDY2MGZhZDgzOTg1LzEvREpJNXBBMHlRZEhmV2Y5WVpzQ3E3U0xXODNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9iNjU5ZmMtNmI5Yi00ODQ3LWI2YTMtNDY2MGZhZDgzOTg1
LzEvN0QwOWZseV9HSzltdF9XMHBlQ3NHZXpUbUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLutwAwQD
Lv6IAwQEX45AAwQDgADAAwQCuUrgMA0EAgACMAcDBQMqABEAMA0GCSqGSIb3DQEB
CwUAA4IBAQCnyGIxMRSYFbz1BYdXl8+CB/6wdmgIBUZV2X1d4crjbjuvu6NJQP7E
P5wwNPZKIeZu5OrsNevbCQaLn/FoHklW2i04X3DExjAS7jqYLwOg2amgS5i0sJyK
mECdQLATgfQ1d9A4+Mlh50vO1fKwIMiy8PyMqkCvMP4upMd1u9Y3tMI+t/wb3zH5
nvepubjnfoZGjKzWlXnXy/SuRzN/J/0sSFl4awt6C2l7WW6Ax7VfqMSq0tk1Jd8U
CtVrkTHx9xvjEwdlEZFxWjqVrkrupnNk7QVZKl8pg5skUpRk5eYaHClA7tFBq6Cn
YxynolEoFHETnWp+Yysrbdo2uKzZP1K9
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:33 2025 by rpki-client on console.sobornost.net