Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/3Jt2-nqjYvbSFyl78XbPo_0c-nk.roa
File: 3Jt2-nqjYvbSFyl78XbPo_0c-nk.roa (raw, json)
Hash identifier: mTdl2N8Ebv3JFEDL1S6xvafjFw9IkvwG6/uPqegm7CA=
Subject key identifier: DC:9B:76:FA:7A:A3:62:F6:D2:17:29:7B:F1:76:CF:A3:FD:1C:FA:79
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01958399A81597110776400E943C5684AE04
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/3Jt2-nqjYvbSFyl78XbPo_0c-nk.roa
Signing time: Tue 11 Mar 2025 05:07:20 +0000
ROA not before: Tue 11 Mar 2025 05:07:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.103.163.0/24 maxlen: 24
94.249.215.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
185.13.156.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:83:99:a8:15:97:11:07:76:40:0e:94:3c:56:84:ae:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 11 05:07:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc9b76fa7aa362f6d217297bf176cfa3fd1cfa79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f2:a6:53:d4:b3:26:7d:63:9c:fa:c8:76:8d:
15:09:c7:6f:2f:c7:25:6b:3b:38:b0:57:c1:5c:dd:
43:c7:cc:17:87:c3:7f:9c:9c:50:3c:9a:33:7f:33:
72:16:a0:3d:2b:3c:3a:5a:a9:d1:40:78:7c:ee:99:
2b:65:5a:91:62:d8:02:dd:da:1c:47:a3:1f:80:66:
38:e0:00:b0:37:9f:74:d2:21:eb:d0:8d:7d:da:98:
63:41:bc:88:96:26:29:4d:01:0a:5d:0a:ff:11:f0:
eb:12:30:d9:90:0c:2d:5e:51:99:f9:4a:10:9c:d4:
5c:0f:cc:a5:d6:1f:8e:6b:06:0b:a6:1f:a3:80:c1:
45:7a:60:2b:f8:df:f9:50:ab:ca:05:40:ef:03:50:
25:a4:75:90:06:29:a4:13:c7:3d:05:d5:70:88:28:
d2:37:89:ed:b3:3e:15:c7:33:31:e1:17:90:ff:98:
7b:1f:c7:f5:9a:98:de:4b:9c:b5:f0:00:ed:16:c4:
15:59:15:c0:ef:77:15:3d:e4:a0:ed:86:01:ff:6b:
3c:81:b2:0f:44:7e:b2:55:03:52:e9:f1:d6:bb:22:
d8:dd:e0:58:9c:10:26:ac:72:db:bf:4c:96:7b:45:
ef:d0:af:a9:5d:c6:e8:3e:7e:65:5b:1c:b1:d9:14:
2c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:9B:76:FA:7A:A3:62:F6:D2:17:29:7B:F1:76:CF:A3:FD:1C:FA:79
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/3Jt2-nqjYvbSFyl78XbPo_0c-nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
77.90.54.0/24
87.239.131.0/24
94.103.163.0/24
94.249.215.0/24
95.215.32.0/24
95.215.34.0/24
185.13.156.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:da:29:34:c2:f2:b6:61:08:a3:ae:5f:00:45:c5:63:4d:14:
8e:a1:52:0f:f0:80:2f:de:f8:45:62:4c:61:45:d5:f1:01:0e:
b6:2b:5b:44:3a:e5:55:a3:d0:78:6e:c4:19:ff:68:92:c8:79:
1f:65:c7:55:0e:ce:74:52:e5:66:22:1d:da:7e:6e:f2:0a:59:
8a:8e:49:a6:1b:d1:e4:c8:ec:a6:da:34:f7:72:f8:ad:ae:b6:
af:53:bc:a7:a6:f4:8c:9d:b5:da:30:fe:31:de:ec:bf:06:ae:
67:74:66:51:c5:58:7a:5c:04:67:ae:2e:6f:2b:53:c4:90:c2:
ed:63:b9:31:ca:1f:58:70:2a:34:8d:17:3b:d3:0f:9b:ec:4f:
12:6c:1f:32:ae:b1:9b:62:5c:49:73:33:45:11:bb:73:83:60:
42:17:8c:ba:10:d3:bd:2b:57:3b:8c:25:cc:2a:ee:8d:fc:f5:
55:d1:a1:ef:ce:9a:b5:ad:1f:88:4f:71:e8:2b:75:ef:84:f1:
e9:74:93:07:15:8a:14:c6:9f:c1:3e:4c:45:96:12:4e:25:4c:
5a:d3:0d:d9:e3:a4:e4:69:1d:a8:81:9d:b0:36:de:a3:54:7f:
49:4f:09:d9:64:70:c1:01:73:b0:90:b7:72:65:2e:d3:bc:78:
45:3d:5a:06
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZWDmagVlxEHdkAOlDxWhK4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzExMDUwNzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzliNzZmYTdhYTM2MmY2ZDIxNzI5N2JmMTc2Y2ZhM2ZkMWNmYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfKmU9SzJn1jnPrIdo0VCcdvL8cl
azs4sFfBXN1Dx8wXh8N/nJxQPJozfzNyFqA9Kzw6WqnRQHh87pkrZVqRYtgC3doc
R6MfgGY44ACwN5900iHr0I192phjQbyIliYpTQEKXQr/EfDrEjDZkAwtXlGZ+UoQ
nNRcD8yl1h+OawYLph+jgMFFemAr+N/5UKvKBUDvA1AlpHWQBimkE8c9BdVwiCjS
N4ntsz4VxzMx4ReQ/5h7H8f1mpjeS5y18ADtFsQVWRXA73cVPeSg7YYB/2s8gbIP
RH6yVQNS6fHWuyLY3eBYnBAmrHLbv0yWe0Xv0K+pXcboPn5lWxyx2RQs9QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNybdvp6o2L20hcpe/F2z6P9HPp5MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvM0p0Mi1ucWpZdmJTRnlsNzhYYlBvXzBjLW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABVOBAwQA
TVo2AwQAV++DAwQAXmejAwQAXvnXAwQAX9cgAwQAX9ciAwQAuQ2cAwQA2UWmMA0G
CSqGSIb3DQEBCwUAA4IBAQBP2ik0wvK2YQijrl8ARcVjTRSOoVIP8IAv3vhFYkxh
RdXxAQ62K1tEOuVVo9B4bsQZ/2iSyHkfZcdVDs50UuVmIh3afm7yClmKjkmmG9Hk
yOym2jT3cvitrravU7ynpvSMnbXaMP4x3uy/Bq5ndGZRxVh6XARnri5vK1PEkMLt
Y7kxyh9YcCo0jRc70w+b7E8SbB8yrrGbYlxJczNFEbtzg2BCF4y6ENO9K1c7jCXM
Ku6N/PVV0aHvzpq1rR+IT3HoK3XvhPHpdJMHFYoUxp/BPkxFlhJOJUxa0w3Z46Tk
aR2ogZ2wNt6jVH9JTwnZZHDBAXOwkLdyZS7TvHhFPVoG
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:30:23 2025 by rpki-client