Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/3O2gPjcN3bhdqCRJnh5XxjRMTR0.roa
File: 3O2gPjcN3bhdqCRJnh5XxjRMTR0.roa (raw, json)
Hash identifier: TmtZ3H72FZgccS1FtFyZhyj0HR1ONVMxa9uLgumiAFA=
Subject key identifier: DC:ED:A0:3E:37:0D:DD:B8:5D:A8:24:49:9E:1E:57:C6:34:4C:4D:1D
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 01857082C6F8D0D1CC1E8FD49E1F14B83DDC
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/3O2gPjcN3bhdqCRJnh5XxjRMTR0.roa
Signing time: Mon 02 Jan 2023 03:24:56 +0000
ROA not before: Mon 02 Jan 2023 03:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202709
IP address blocks: 193.42.210.0/24 maxlen: 24
194.50.74.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:c6:f8:d0:d1:cc:1e:8f:d4:9e:1f:14:b8:3d:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 2 03:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dceda03e370dddb85da824499e1e57c6344c4d1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:67:9f:e9:59:8f:cc:4b:68:7c:ee:41:03:a7:
8c:06:f5:9e:27:36:ad:72:7b:db:3e:4b:5d:ee:4b:
b4:fd:da:0d:b8:cd:8e:14:af:54:d8:9d:a3:36:67:
aa:77:8b:56:6b:d4:f6:ec:56:52:38:66:e7:b5:bf:
9e:7a:ec:17:97:26:5a:94:13:d8:8a:d9:c5:b3:c5:
93:81:ff:a0:b8:b5:fe:72:53:24:d2:93:f9:8a:de:
c4:ae:1a:bc:d3:e1:1d:fc:26:a5:f1:b3:d2:62:3c:
f3:5c:4c:15:ce:19:2a:7e:48:8f:1e:a4:1c:30:8c:
b3:1e:bb:50:9f:be:8a:45:c6:91:d8:a8:f5:69:32:
b4:bd:06:25:0a:26:38:23:96:75:d2:54:0e:a6:6b:
5c:47:ea:ac:78:43:9a:92:4e:00:02:99:97:89:47:
c2:7a:ee:df:b9:dc:94:2a:ae:75:bd:55:83:2f:78:
11:b9:95:a5:b4:3c:94:87:fa:e4:f7:bb:39:58:cd:
70:81:5b:a5:c0:d1:78:c1:57:57:53:d0:e0:f7:60:
d7:24:87:a0:46:aa:8d:5b:5a:05:5c:bb:dd:a0:6b:
0b:0d:fc:1e:eb:f7:21:72:fc:30:06:65:d6:57:06:
be:85:02:b1:fa:37:6e:17:c0:7b:0c:06:7a:77:0e:
25:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:ED:A0:3E:37:0D:DD:B8:5D:A8:24:49:9E:1E:57:C6:34:4C:4D:1D
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/3O2gPjcN3bhdqCRJnh5XxjRMTR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.210.0/24
194.50.74.0/24
Signature Algorithm: sha256WithRSAEncryption
12:01:b6:16:f6:09:50:74:fb:cd:1e:24:e1:bf:44:35:72:28:
7a:35:70:e4:6c:cd:6c:7a:44:6b:77:e4:75:1d:0d:39:70:e4:
fe:ba:c8:f1:10:28:2a:2b:7b:03:83:88:49:a8:92:be:d0:6e:
d3:c4:c7:de:2e:f5:ef:ee:43:83:6a:cd:95:f9:8c:49:6b:67:
94:9f:31:bb:d3:38:84:c1:0c:0d:f5:ff:ae:91:6e:f0:44:4a:
1b:d7:41:36:57:7b:f9:0b:aa:3b:f0:24:1d:d1:50:b2:4d:83:
15:19:08:57:38:36:1a:1b:3e:a5:72:a4:44:bf:d9:1d:8f:41:
d6:ec:74:71:1b:fc:1c:50:0e:bb:6c:8b:a9:93:7e:39:24:aa:
94:db:c7:f8:22:3d:81:ee:e0:e9:48:5c:79:8b:ef:aa:a4:95:
06:21:f8:41:b4:99:70:be:c3:f0:e4:db:26:f3:28:c6:34:47:
f7:b6:af:9d:13:81:b6:93:3a:bc:82:92:82:30:e4:60:a6:ff:
46:cc:5d:76:9e:22:98:71:93:7c:9e:3e:1e:83:b6:2d:cc:9d:
17:24:70:fa:da:7e:af:4d:4a:03:86:4b:c4:f1:8b:c9:77:ff:
91:f4:b7:df:98:a9:79:13:63:fc:6c:1e:45:c9:5a:6b:bb:0e:
ae:83:63:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwgsb40NHMHo/Unh8UuD3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjMwMTAyMDMyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2VkYTAzZTM3MGRkZGI4NWRhODI0NDk5ZTFlNTdjNjM0NGM0ZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGef6VmPzEtofO5BA6eMBvWeJzat
cnvbPktd7ku0/doNuM2OFK9U2J2jNmeqd4tWa9T27FZSOGbntb+eeuwXlyZalBPY
itnFs8WTgf+guLX+clMk0pP5it7Erhq80+Ed/Cal8bPSYjzzXEwVzhkqfkiPHqQc
MIyzHrtQn76KRcaR2Kj1aTK0vQYlCiY4I5Z10lQOpmtcR+qseEOakk4AApmXiUfC
eu7fudyUKq51vVWDL3gRuZWltDyUh/rk97s5WM1wgVulwNF4wVdXU9Dg92DXJIeg
RqqNW1oFXLvdoGsLDfwe6/chcvwwBmXWVwa+hQKx+jduF8B7DAZ6dw4lNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNztoD43Dd24XagkSZ4eV8Y0TE0dMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvM08yZ1BqY04zYmhkcUNSSm5oNVh4alJNVFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwSrSAwQA
wjJKMA0GCSqGSIb3DQEBCwUAA4IBAQASAbYW9glQdPvNHiThv0Q1cih6NXDkbM1s
ekRrd+R1HQ05cOT+usjxECgqK3sDg4hJqJK+0G7TxMfeLvXv7kODas2V+YxJa2eU
nzG70ziEwQwN9f+ukW7wREob10E2V3v5C6o78CQd0VCyTYMVGQhXODYaGz6lcqRE
v9kdj0HW7HRxG/wcUA67bIupk345JKqU28f4Ij2B7uDpSFx5i++qpJUGIfhBtJlw
vsPw5Nsm8yjGNEf3tq+dE4G2kzq8gpKCMORgpv9GzF12niKYcZN8nj4eg7YtzJ0X
JHD62n6vTUoDhkvE8YvJd/+R9LffmKl5E2P8bB5FyVpruw6ug2Mb
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:35:37 2025 by rpki-client