Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3nU6Q8g-yh-xVbLCrccr6DFtM2U.roa
File: 3nU6Q8g-yh-xVbLCrccr6DFtM2U.roa (raw, json)
Hash identifier: I+j38myB0SdqTVlgRXhNsXEAyvlXqVROiRkqIWtiwtM=
Subject key identifier: DE:75:3A:43:C8:3E:CA:1F:B1:55:B2:C2:AD:C7:2B:E8:31:6D:33:65
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019427489A8A734F474FA9229D9211BE4D9C
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3nU6Q8g-yh-xVbLCrccr6DFtM2U.roa
Signing time: Thu 02 Jan 2025 13:50:56 +0000
ROA not before: Thu 02 Jan 2025 13:50:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203363
IP address blocks: 2.58.201.0/24 maxlen: 24
2.58.203.0/24 maxlen: 24
45.11.230.0/24 maxlen: 24
45.11.231.0/24 maxlen: 24
45.67.84.0/24 maxlen: 24
45.67.85.0/24 maxlen: 24
45.80.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:9a:8a:73:4f:47:4f:a9:22:9d:92:11:be:4d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Jan 2 13:50:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de753a43c83eca1fb155b2c2adc72be8316d3365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d0:ee:aa:3e:f6:8f:d3:16:8e:10:e3:fd:ef:
14:ab:5d:af:08:cd:4a:59:9b:99:e5:13:f5:bb:a5:
16:6e:74:5d:86:33:7c:c2:1d:33:72:fb:98:1e:e4:
39:e6:2c:aa:84:fe:9e:f4:25:54:ac:cf:3a:20:93:
91:b6:7c:60:93:52:56:17:81:b8:7b:4b:98:47:9f:
2d:4b:a7:8b:1a:d3:06:4c:c9:9f:a7:b8:ea:7a:70:
33:92:62:24:82:f9:66:96:d0:5e:f7:42:2c:cb:3e:
ec:97:92:80:5d:c3:b2:6b:3e:ec:22:93:85:e6:1f:
b1:30:ac:2d:2e:37:61:f5:27:a7:40:4a:16:23:cb:
dd:f3:d1:e7:56:e8:b9:c3:6a:cd:b2:fe:ef:de:a0:
c2:8c:e0:84:57:e0:83:0a:38:e7:9d:24:1e:98:d4:
23:d0:5a:ca:33:cb:65:1b:cf:f5:1e:54:2b:62:95:
9a:87:6b:08:5b:11:91:5e:91:fa:9e:bf:ae:60:59:
3a:d2:47:90:b2:64:ab:fd:c7:d4:2b:55:89:27:10:
e2:9d:eb:16:76:c2:09:2c:fa:2d:62:f2:87:36:a5:
29:e4:4f:92:7c:b0:0c:ea:d2:75:87:ed:b4:40:e7:
6a:6d:b9:5f:e7:57:aa:0d:d5:32:d1:0a:f9:6d:29:
b6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:75:3A:43:C8:3E:CA:1F:B1:55:B2:C2:AD:C7:2B:E8:31:6D:33:65
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/3nU6Q8g-yh-xVbLCrccr6DFtM2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.201.0/24
2.58.203.0/24
45.11.230.0/23
45.67.84.0/23
45.80.193.0/24
Signature Algorithm: sha256WithRSAEncryption
91:6c:1b:97:ba:4c:63:5e:dd:50:b5:98:90:ed:b6:77:9d:be:
d6:8c:de:05:cc:96:2e:0f:92:68:64:3d:4c:b2:c5:c1:8a:8f:
fc:d1:19:92:5e:5b:87:19:41:4e:13:c9:9c:c7:1a:df:7a:c2:
3b:74:2f:d4:c3:0d:70:58:c7:b7:b0:c5:96:85:e3:bd:6d:cc:
34:a5:39:e0:22:c1:f0:1b:d3:8a:17:85:e4:be:2b:91:96:c9:
d2:d4:4a:4e:92:54:b0:17:bf:5a:55:db:a3:68:61:b1:95:46:
26:12:04:ed:fb:89:7c:40:8d:69:c4:76:59:c5:2d:35:9d:a5:
0a:66:e8:f8:7b:58:35:cc:cd:a4:9b:4a:4f:12:64:45:68:87:
9c:e4:01:83:05:1e:b8:3a:53:ae:df:a7:71:6b:75:93:a6:7a:
36:46:ef:a8:e7:89:4f:69:d9:eb:67:a6:4b:f7:4c:84:81:90:
6a:91:59:d9:be:6d:b9:6c:e9:9f:33:06:3f:90:f2:a0:a4:cd:
f9:2e:fd:a2:94:76:f8:80:e6:84:9b:0d:68:82:aa:bc:a9:0e:
45:3b:96:47:3c:ca:e4:b6:e9:6a:e0:88:55:51:8a:b2:2f:68:
74:a1:ac:74:d8:31:d1:ed:20:bb:33:b1:29:4d:6e:bc:fa:e9:
85:c4:83:92
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnSJqKc09HT6kinZIRvk2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUwMTAyMTM1MDU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTc1M2E0M2M4M2VjYTFmYjE1NWIyYzJhZGM3MmJlODMxNmQzMzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9Duqj72j9MWjhDj/e8Uq12vCM1K
WZuZ5RP1u6UWbnRdhjN8wh0zcvuYHuQ55iyqhP6e9CVUrM86IJORtnxgk1JWF4G4
e0uYR58tS6eLGtMGTMmfp7jqenAzkmIkgvlmltBe90Isyz7sl5KAXcOyaz7sIpOF
5h+xMKwtLjdh9SenQEoWI8vd89HnVui5w2rNsv7v3qDCjOCEV+CDCjjnnSQemNQj
0FrKM8tlG8/1HlQrYpWah2sIWxGRXpH6nr+uYFk60keQsmSr/cfUK1WJJxDinesW
dsIJLPotYvKHNqUp5E+SfLAM6tJ1h+20QOdqbblf51eqDdUy0Qr5bSm2IwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN51OkPIPsofsVWywq3HK+gxbTNlMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvM25VNlE4Zy15aC14VmJMQ3JjY3I2REZ0TTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjrJAwQA
AjrLAwQBLQvmAwQBLUNUAwQALVDBMA0GCSqGSIb3DQEBCwUAA4IBAQCRbBuXukxj
Xt1QtZiQ7bZ3nb7WjN4FzJYuD5JoZD1MssXBio/80RmSXluHGUFOE8mcxxrfesI7
dC/Uww1wWMe3sMWWheO9bcw0pTngIsHwG9OKF4XkviuRlsnS1EpOklSwF79aVduj
aGGxlUYmEgTt+4l8QI1pxHZZxS01naUKZuj4e1g1zM2km0pPEmRFaIec5AGDBR64
OlOu36dxa3WTpno2Ru+o54lPadnrZ6ZL90yEgZBqkVnZvm25bOmfMwY/kPKgpM35
Lv2ilHb4gOaEmw1ogqq8qQ5FO5ZHPMrktulq4IhVUYqyL2h0oax02DHR7SC7M7Ep
TW68+umFxIOS
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:11:05 2025 by rpki-client