Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/3prrwPEYlJ0uYyY1eRJID7QlNT0.roa
File: 3prrwPEYlJ0uYyY1eRJID7QlNT0.roa (raw, json)
Hash identifier: KltDdbe8sOWriGUMBCEt4QS2L57DOIJlzJMf1IWXCYs=
Subject key identifier: DE:9A:EB:C0:F1:18:94:9D:2E:63:26:35:79:12:48:0F:B4:25:35:3D
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2F300256EE0FCF2C1E69ED655C5A8
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/3prrwPEYlJ0uYyY1eRJID7QlNT0.roa
Signing time: Thu 02 Jan 2025 01:48:14 +0000
ROA not before: Thu 02 Jan 2025 01:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56323
IP address blocks: 159.148.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:f3:00:25:6e:e0:fc:f2:c1:e6:9e:d6:55:c5:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de9aebc0f118949d2e6326357912480fb425353d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1b:ff:35:01:ea:97:02:36:bd:21:a3:fa:fd:
de:9d:ef:a7:ce:14:86:46:ab:05:7a:4f:52:a2:6b:
a8:8b:81:82:b3:43:0b:5c:a0:e6:37:e7:c8:89:d4:
92:49:32:31:82:a6:07:e8:f9:2c:60:ba:22:4e:ec:
72:e0:7a:7e:be:ef:17:d0:40:c7:4c:d2:01:e5:6f:
90:87:e2:98:9a:5b:ad:06:82:a5:2b:de:e4:3d:fb:
57:fc:8d:65:89:39:30:71:7b:ed:09:39:c3:88:61:
94:0a:b6:90:6d:9e:2b:70:a9:62:02:82:c8:3d:67:
cb:df:fa:d1:08:05:2a:0e:9b:76:0e:2f:db:37:92:
2f:79:43:44:45:f9:18:d7:f6:30:56:4f:26:7f:72:
04:25:fa:1b:bd:79:10:99:25:c7:8b:2b:56:d8:78:
35:66:17:69:73:16:e5:93:bd:fd:ac:f9:49:a0:f4:
e7:43:ff:3c:de:e8:1c:52:27:60:38:87:35:e0:cd:
25:19:27:ca:4a:ed:a1:fc:34:83:bb:ee:49:54:0c:
9e:c3:88:5f:1d:71:b3:13:58:bd:f4:b2:04:a9:4d:
db:02:cb:e4:16:16:65:1d:74:2e:6e:80:3d:a8:50:
55:ea:95:22:99:85:4b:8b:f8:a2:aa:e6:b0:07:d7:
4a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:9A:EB:C0:F1:18:94:9D:2E:63:26:35:79:12:48:0F:B4:25:35:3D
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/3prrwPEYlJ0uYyY1eRJID7QlNT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.141.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:76:78:45:6b:d7:8a:c6:04:c6:cf:3a:0f:69:14:56:e9:14:
c1:2f:45:ef:b0:d8:7f:cb:74:04:b5:3a:ef:8a:18:ff:08:34:
7e:0c:05:bd:c5:ce:c5:7e:05:98:4f:82:12:79:db:7e:34:45:
21:6e:cc:a6:7e:c4:cc:14:9f:9c:8a:c8:ec:f0:20:3f:f5:03:
68:3e:4b:9f:95:e1:f9:9a:eb:01:99:5c:bc:ae:55:3f:da:36:
49:94:fd:a9:86:59:24:f2:c1:1f:e3:11:21:3e:d0:45:4d:25:
e7:c3:58:6f:b4:f9:b4:31:7a:4b:29:ca:18:67:3d:05:d4:74:
92:70:0e:71:31:fe:98:22:e4:77:2d:e2:99:90:0b:50:7a:83:
4a:45:07:41:33:cd:04:c7:d6:41:ee:84:28:e6:00:8b:c8:42:
c3:e4:f3:36:4d:f0:23:0d:41:7f:05:6e:e4:b4:d5:85:85:8d:
59:87:f8:2d:d6:21:2a:9c:ef:c6:c0:27:c2:2b:da:8d:e7:6d:
c7:3a:d9:e8:32:0a:64:62:d8:64:40:a5:0f:29:3e:1a:73:07:
52:43:0f:8a:1e:c3:7f:3c:e3:19:d9:6a:bf:9f:aa:91:ea:8d:
b6:96:4c:15:8b:fe:01:d7:e3:94:b9:7d:40:37:bd:03:56:3d:
f7:26:62:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQksvMAJW7g/PLB5p7WVcWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTlhZWJjMGYxMTg5NDlkMmU2MzI2MzU3OTEyNDgwZmI0MjUzNTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthv/NQHqlwI2vSGj+v3ene+nzhSG
RqsFek9Somuoi4GCs0MLXKDmN+fIidSSSTIxgqYH6PksYLoiTuxy4Hp+vu8X0EDH
TNIB5W+Qh+KYmlutBoKlK97kPftX/I1liTkwcXvtCTnDiGGUCraQbZ4rcKliAoLI
PWfL3/rRCAUqDpt2Di/bN5IveUNERfkY1/YwVk8mf3IEJfobvXkQmSXHiytW2Hg1
Zhdpcxblk739rPlJoPTnQ/883ugcUidgOIc14M0lGSfKSu2h/DSDu+5JVAyew4hf
HXGzE1i99LIEqU3bAsvkFhZlHXQuboA9qFBV6pUimYVLi/iiquawB9dKCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6a68DxGJSdLmMmNXkSSA+0JTU9MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvM3BycndQRVlsSjB1WXlZMWVSSklEN1FsTlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5SNMA0G
CSqGSIb3DQEBCwUAA4IBAQCpdnhFa9eKxgTGzzoPaRRW6RTBL0XvsNh/y3QEtTrv
ihj/CDR+DAW9xc7FfgWYT4ISedt+NEUhbsymfsTMFJ+cisjs8CA/9QNoPkufleH5
musBmVy8rlU/2jZJlP2phlkk8sEf4xEhPtBFTSXnw1hvtPm0MXpLKcoYZz0F1HSS
cA5xMf6YIuR3LeKZkAtQeoNKRQdBM80Ex9ZB7oQo5gCLyELD5PM2TfAjDUF/BW7k
tNWFhY1Zh/gt1iEqnO/GwCfCK9qN523HOtnoMgpkYthkQKUPKT4acwdSQw+KHsN/
POMZ2Wq/n6qR6o22lkwVi/4B1+OUuX1AN70DVj33JmKt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:57 2025 by rpki-client