Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/3FEjI3AeaOdfwu2SE8mhTfKLsPM.roa
File: 3FEjI3AeaOdfwu2SE8mhTfKLsPM.roa (raw, json)
Hash identifier: SX8ruu5xtU5nHOj268+AdU4uDijl/E2PS/yTXGtZ3JQ=
Subject key identifier: DC:51:23:23:70:1E:68:E7:5F:C2:ED:92:13:C9:A1:4D:F2:8B:B0:F3
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 019427B3DC5BD432602A691D793370E06897
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/3FEjI3AeaOdfwu2SE8mhTfKLsPM.roa
Signing time: Thu 02 Jan 2025 15:48:06 +0000
ROA not before: Thu 02 Jan 2025 15:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205080
IP address blocks: 57.188.0.0/18 maxlen: 24
2a0a:90c0:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:dc:5b:d4:32:60:2a:69:1d:79:33:70:e0:68:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 2 15:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc512323701e68e75fc2ed9213c9a14df28bb0f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:bc:38:a8:a7:1e:6d:be:7d:bf:93:21:f3:b5:
4a:37:81:c4:e2:dc:cf:6c:b0:43:7d:58:ea:69:54:
b4:0c:21:8d:2c:02:64:b4:9d:c7:00:a4:d5:ea:16:
92:be:9c:d9:9e:ac:3b:2c:57:3c:08:d4:b4:c3:3b:
fa:16:9f:93:07:b8:14:94:e2:e5:5a:af:f1:30:cb:
36:52:45:45:13:4f:01:d7:8b:a7:42:7e:8a:a2:38:
59:64:b3:ee:aa:6d:b7:1d:50:ba:1b:a9:d6:d3:ef:
4d:28:72:43:0b:72:ae:8e:78:f7:64:e3:ec:ac:0d:
25:0f:13:3d:a2:49:3e:83:6a:9c:35:55:93:62:c1:
a5:77:7e:72:3a:1c:31:e8:1e:de:bd:d9:10:fc:40:
b1:fd:0b:74:66:38:f0:f8:94:dc:3d:f3:2d:72:c6:
d5:11:c0:b3:ee:47:37:0e:85:40:42:e7:9d:64:08:
f9:45:7d:2a:d8:64:17:d5:3d:6c:e9:75:93:10:16:
60:27:90:95:42:15:d5:57:3a:17:5a:05:22:54:64:
99:a9:c3:c3:f3:81:b5:86:1b:5d:0e:fa:51:60:db:
8c:a7:4b:e7:28:8a:55:af:27:f0:74:f5:0f:63:77:
db:a0:e3:7a:4a:5d:58:be:4d:4d:76:09:50:ac:48:
fe:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:51:23:23:70:1E:68:E7:5F:C2:ED:92:13:C9:A1:4D:F2:8B:B0:F3
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/3FEjI3AeaOdfwu2SE8mhTfKLsPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.188.0.0/18
IPv6:
2a0a:90c0:1000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:e5:4d:fe:e2:32:21:29:5f:43:aa:04:53:b9:c5:8a:26:b3:
d5:2e:54:7c:95:2d:b3:8e:76:ee:ad:aa:81:7a:8f:fd:26:db:
55:52:e5:ff:9b:18:b7:88:1e:f4:c8:a6:b1:55:b1:26:40:6f:
28:e3:04:78:37:02:7b:4f:e0:7f:b6:8d:f8:3e:3c:62:d2:f4:
3c:37:d4:09:de:8b:7f:81:58:47:83:c2:49:83:7d:83:6e:ed:
4e:f6:87:82:ce:ec:9c:d8:72:68:8d:c8:14:59:d0:b5:38:9c:
ee:a7:43:74:10:1f:75:f5:1d:8a:50:60:5e:05:b4:dd:1d:41:
ed:b9:7e:d0:4d:66:67:fb:68:ec:fb:e4:b0:5f:48:4d:91:3a:
be:b0:bf:5d:2f:a3:b3:5a:3e:a0:21:6f:8a:7f:5b:0e:64:47:
d8:ca:1a:6e:93:c2:2f:7d:a7:ba:d5:20:c9:b5:e8:c9:b4:8a:
5f:6e:e7:50:6a:2a:45:18:a0:6b:0d:95:11:28:ed:8a:b1:3b:
d3:df:f7:cc:f6:a7:35:87:52:56:35:61:a5:20:49:df:41:59:
8c:5c:4a:d5:c0:98:cf:3e:18:ad:9f:ec:6a:37:53:cb:f7:24:
9b:ac:94:d8:ae:29:b4:63:ce:de:0d:0b:2a:96:ac:a0:a8:c2:
de:c3:b8:56
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQns9xb1DJgKmkdeTNw4GiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjUwMTAyMTU0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzUxMjMyMzcwMWU2OGU3NWZjMmVkOTIxM2M5YTE0ZGYyOGJiMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Lw4qKcebb59v5Mh87VKN4HE4tzP
bLBDfVjqaVS0DCGNLAJktJ3HAKTV6haSvpzZnqw7LFc8CNS0wzv6Fp+TB7gUlOLl
Wq/xMMs2UkVFE08B14unQn6KojhZZLPuqm23HVC6G6nW0+9NKHJDC3Kujnj3ZOPs
rA0lDxM9okk+g2qcNVWTYsGld35yOhwx6B7evdkQ/ECx/Qt0Zjjw+JTcPfMtcsbV
EcCz7kc3DoVAQuedZAj5RX0q2GQX1T1s6XWTEBZgJ5CVQhXVVzoXWgUiVGSZqcPD
84G1hhtdDvpRYNuMp0vnKIpVryfwdPUPY3fboON6Sl1Yvk1NdglQrEj+cQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFNxRIyNwHmjnX8LtkhPJoU3yi7DzMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvM0ZFakkzQWVhT2Rmd3UyU0U4bWhUZktMc1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQGObwAMA4E
AgACMAgDBgAqCpDAEDANBgkqhkiG9w0BAQsFAAOCAQEAfuVN/uIyISlfQ6oEU7nF
iiaz1S5UfJUts4527q2qgXqP/SbbVVLl/5sYt4ge9MimsVWxJkBvKOMEeDcCe0/g
f7aN+D48YtL0PDfUCd6Lf4FYR4PCSYN9g27tTvaHgs7snNhyaI3IFFnQtTic7qdD
dBAfdfUdilBgXgW03R1B7bl+0E1mZ/to7PvksF9ITZE6vrC/XS+js1o+oCFvin9b
DmRH2MoabpPCL32nutUgybXoybSKX27nUGoqRRigaw2VESjtirE709/3zPanNYdS
VjVhpSBJ30FZjFxK1cCYzz4YrZ/sajdTy/ckm6yU2K4ptGPO3g0LKpasoKjC3sO4
Vg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:56:18 2025 by rpki-client