Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/3eGJROckTKFxKv7PLWZ0casIF2o.roa
File: 3eGJROckTKFxKv7PLWZ0casIF2o.roa (raw, json)
Hash identifier: l+08bVpVWDjJknsLWzKsSPa5xJVN747n146HU38EGzo=
Subject key identifier: DD:E1:89:44:E7:24:4C:A1:71:2A:FE:CF:2D:66:74:71:AB:08:17:6A
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01942521904B8871DFE154896177E0C95A00
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/3eGJROckTKFxKv7PLWZ0casIF2o.roa
Signing time: Thu 02 Jan 2025 03:49:04 +0000
ROA not before: Thu 02 Jan 2025 03:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197450
IP address blocks: 185.95.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:90:4b:88:71:df:e1:54:89:61:77:e0:c9:5a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 2 03:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dde18944e7244ca1712afecf2d667471ab08176a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c4:71:67:f9:d6:af:32:74:7c:a2:b4:0e:41:
c1:c5:d1:7f:09:97:5f:30:88:9b:45:15:b2:72:c5:
72:a1:a0:24:ab:1c:05:e8:a0:87:a8:35:ae:4b:0e:
5d:e1:fc:17:ad:9c:04:64:1f:f2:60:c0:a8:de:9d:
68:53:35:11:9d:fa:46:ee:8e:8d:ad:3c:ed:e4:60:
bd:4d:aa:1f:c9:15:4e:02:73:9c:57:6c:68:07:f4:
99:c8:71:bd:f7:bd:e5:7d:a0:b3:5e:d9:b9:63:46:
c8:7d:bc:2e:eb:58:ea:aa:c8:0f:6c:6c:e8:56:9f:
70:20:40:6c:c4:32:63:05:30:45:93:45:f1:fd:35:
06:67:f8:41:83:b7:8b:ef:7f:18:f2:c8:74:71:be:
da:b3:9b:46:7f:6b:42:30:14:7a:99:13:c2:46:81:
15:11:4c:23:29:39:24:46:ea:cf:e6:b3:e2:6d:5a:
65:98:36:5b:84:a7:d9:07:ba:89:57:75:1c:dc:44:
e8:74:ed:52:f7:b4:a7:d0:fb:26:37:ec:26:48:84:
80:fa:c4:56:79:8c:c7:45:20:a4:29:81:0b:24:7d:
3f:f5:f1:8a:04:dc:00:3d:de:41:ec:32:70:49:df:
d8:58:dc:96:a3:e0:33:1e:4e:9b:fa:66:43:d1:c0:
f9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E1:89:44:E7:24:4C:A1:71:2A:FE:CF:2D:66:74:71:AB:08:17:6A
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/3eGJROckTKFxKv7PLWZ0casIF2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.159.0/24
Signature Algorithm: sha256WithRSAEncryption
99:e6:7a:a3:b2:bd:ee:83:86:5a:f6:95:80:9a:22:14:02:7e:
d1:2d:73:16:38:a0:cc:d3:0b:25:c1:e6:88:01:c5:58:dc:8a:
b0:65:4c:c8:bb:f0:2e:05:7b:73:52:14:1a:df:4d:ad:bd:b3:
39:07:3b:e1:a6:6c:69:43:54:bc:57:16:8f:cc:68:7b:a7:8b:
cf:4c:0e:34:b0:fc:87:cb:94:f7:8f:f5:82:05:3e:c4:ab:ad:
9e:e1:39:22:2d:f9:9e:19:19:89:17:b3:94:af:19:cf:6f:11:
a8:96:84:54:71:65:83:ce:8f:70:5c:14:22:a5:1b:d9:72:2a:
06:67:d2:76:56:91:09:93:be:9c:01:81:a9:2a:26:ff:7c:76:
b0:ff:94:87:59:7d:34:35:4f:e7:96:6a:ff:9e:0d:2c:70:f6:
56:04:b3:ac:f7:3a:74:1b:8d:60:66:9a:44:7d:eb:18:07:ed:
42:1e:ec:7b:d1:06:a3:07:b3:ff:29:9b:0f:96:92:6e:87:d9:
ea:40:07:e5:b1:87:2f:84:8b:94:c0:a4:9f:e7:e5:a4:3f:fb:
bc:de:ec:99:3b:d4:b3:54:ac:64:b9:01:b1:f3:7c:60:64:23:
0d:39:74:b1:22:f9:0a:34:08:c4:2c:26:ea:6c:e0:d2:3f:01:
09:a4:4f:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIZBLiHHf4VSJYXfgyVoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMTAyMDM0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGUxODk0NGU3MjQ0Y2ExNzEyYWZlY2YyZDY2NzQ3MWFiMDgxNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMRxZ/nWrzJ0fKK0DkHBxdF/CZdf
MIibRRWycsVyoaAkqxwF6KCHqDWuSw5d4fwXrZwEZB/yYMCo3p1oUzURnfpG7o6N
rTzt5GC9TaofyRVOAnOcV2xoB/SZyHG9973lfaCzXtm5Y0bIfbwu61jqqsgPbGzo
Vp9wIEBsxDJjBTBFk0Xx/TUGZ/hBg7eL738Y8sh0cb7as5tGf2tCMBR6mRPCRoEV
EUwjKTkkRurP5rPibVplmDZbhKfZB7qJV3Uc3ETodO1S97Sn0PsmN+wmSISA+sRW
eYzHRSCkKYELJH0/9fGKBNwAPd5B7DJwSd/YWNyWo+AzHk6b+mZD0cD5DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN3hiUTnJEyhcSr+zy1mdHGrCBdqMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvM2VHSlJPY2tUS0Z4S3Y3UExXWjBjYXNJRjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV+fMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ5nqjsr3ug4Za9pWAmiIUAn7RLXMWOKDM0wslweaI
AcVY3IqwZUzIu/AuBXtzUhQa302tvbM5BzvhpmxpQ1S8VxaPzGh7p4vPTA40sPyH
y5T3j/WCBT7Eq62e4TkiLfmeGRmJF7OUrxnPbxGoloRUcWWDzo9wXBQipRvZcioG
Z9J2VpEJk76cAYGpKib/fHaw/5SHWX00NU/nlmr/ng0scPZWBLOs9zp0G41gZppE
fesYB+1CHux70QajB7P/KZsPlpJuh9nqQAflsYcvhIuUwKSf5+WkP/u83uyZO9Sz
VKxkuQGx83xgZCMNOXSxIvkKNAjELCbqbODSPwEJpE88
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:36 2025 by rpki-client