Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/1-E20ktVNe16F6Hofgkcmxt-X6i4.roa
File: 1-E20ktVNe16F6Hofgkcmxt-X6i4.roa (raw, json)
Hash identifier: 9zvZSZs/gijVXWu6Efh7Tsajx6AsqwE8rVB55ifWAPo=
Subject key identifier: F8:4D:B4:92:D5:4D:7B:5E:85:E8:7A:1F:82:47:26:C6:DF:97:EA:2E
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019424B382C6ADF616733E816A8F69209983
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/1-E20ktVNe16F6Hofgkcmxt-X6i4.roa
Signing time: Thu 02 Jan 2025 01:48:51 +0000
ROA not before: Thu 02 Jan 2025 01:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141718
IP address blocks: 213.176.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:82:c6:ad:f6:16:73:3e:81:6a:8f:69:20:99:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 2 01:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f84db492d54d7b5e85e87a1f824726c6df97ea2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:99:c7:7f:d9:2f:a2:2b:dd:27:0e:74:75:4c:
89:11:24:b0:40:fe:a1:21:77:10:f6:80:87:fa:ab:
be:e3:b9:9b:40:22:11:41:b1:b1:63:6a:9a:a9:7c:
45:ff:a2:73:b1:8c:03:98:bd:88:b0:99:7f:69:ec:
25:d8:5b:c2:eb:d8:92:e8:13:6f:a1:e5:75:e4:fe:
ac:81:5d:a2:75:71:1c:a3:58:b9:5a:5d:27:62:87:
9c:99:18:07:37:df:41:dd:78:5d:09:3a:f0:d0:85:
6c:b8:48:59:02:0a:e0:b5:2f:ab:87:dc:ac:d6:51:
98:80:b9:2d:29:90:03:af:e6:62:b4:0f:a8:93:00:
82:ad:2d:be:0c:4a:e7:a0:dc:32:d0:08:1f:49:89:
fb:62:3f:0d:10:8d:5e:ba:19:38:49:18:13:e8:93:
95:d0:ac:64:49:1c:f8:a1:8c:23:04:19:04:b6:77:
1e:14:da:7d:3f:49:5f:2f:49:89:af:71:21:1a:d6:
b2:9a:c7:7a:bf:b2:c4:59:ac:fd:03:f3:92:48:e8:
04:21:f0:6e:cb:a6:7a:60:b1:56:57:aa:fc:86:29:
bc:9b:b5:54:49:a9:ff:ae:f4:6f:02:31:dd:66:52:
a0:ab:6f:cc:b2:87:38:f5:0c:fd:66:6e:2b:99:4b:
64:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:4D:B4:92:D5:4D:7B:5E:85:E8:7A:1F:82:47:26:C6:DF:97:EA:2E
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/1-E20ktVNe16F6Hofgkcmxt-X6i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.176.3.0/24
Signature Algorithm: sha256WithRSAEncryption
37:09:76:8d:59:a0:40:ad:10:9f:b8:30:f7:f9:a1:c2:bd:db:
6e:e2:e3:b7:d7:3c:b9:cf:5b:f3:c5:80:b4:74:27:09:61:54:
2e:81:0b:a3:10:cc:07:79:50:32:7e:bd:da:08:3b:6e:1e:5c:
9a:4c:08:14:71:a4:76:23:a6:8d:f4:bf:f1:af:a5:ef:e0:6c:
99:92:4f:0c:b9:23:10:0d:bb:04:c0:10:1c:71:6b:c9:40:f7:
f7:09:b8:81:b4:52:f7:c1:09:5d:04:62:8a:e7:82:6c:9b:a0:
cd:10:1d:7c:83:67:dc:aa:83:45:e2:96:9d:ad:98:b5:b0:38:
3f:30:3d:1e:a2:f0:3e:72:00:0f:f0:28:1a:5f:bf:1f:9e:48:
a7:49:f2:ac:cb:86:39:c3:89:84:db:77:d8:59:6e:48:07:c6:
00:ad:37:4c:3f:18:99:01:2a:2a:9a:23:43:e6:00:00:71:28:
84:d4:0c:ed:43:81:25:1b:09:7d:32:7f:f8:40:f9:6e:d6:0c:
81:e0:fb:cd:9d:ce:f0:d8:f0:bf:92:f2:e2:17:44:3a:62:0b:
bb:48:6f:8a:d4:a3:a2:4b:62:27:97:ec:84:52:73:da:7a:e3:
e3:9a:d3:3a:10:1d:ca:51:5d:d7:d3:d0:79:ed:2d:2b:57:61:
ab:15:61:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQks4LGrfYWcz6Bao9pIJmDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwMTAyMDE0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODRkYjQ5MmQ1NGQ3YjVlODVlODdhMWY4MjQ3MjZjNmRmOTdlYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZnHf9kvoivdJw50dUyJESSwQP6h
IXcQ9oCH+qu+47mbQCIRQbGxY2qaqXxF/6JzsYwDmL2IsJl/aewl2FvC69iS6BNv
oeV15P6sgV2idXEco1i5Wl0nYoecmRgHN99B3XhdCTrw0IVsuEhZAgrgtS+rh9ys
1lGYgLktKZADr+ZitA+okwCCrS2+DErnoNwy0AgfSYn7Yj8NEI1euhk4SRgT6JOV
0KxkSRz4oYwjBBkEtnceFNp9P0lfL0mJr3EhGtaymsd6v7LEWaz9A/OSSOgEIfBu
y6Z6YLFWV6r8him8m7VUSan/rvRvAjHdZlKgq2/Msoc49Qz9Zm4rmUtkUQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPhNtJLVTXteheh6H4JHJsbfl+ouMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvMS1FMjBrdFZOZTE2RjZIb2Zna2NteHQtWDZpNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTcvMTMzOWRmLThlMDYtNDFkZS05NGYzLTBjYmEzM2VmYzVi
Yi8xL3c4R0ZKLU9pQnE4b1FnS05sYTdFRXpqbzJ2Zy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWwAzAN
BgkqhkiG9w0BAQsFAAOCAQEANwl2jVmgQK0Qn7gw9/mhwr3bbuLjt9c8uc9b88WA
tHQnCWFULoELoxDMB3lQMn692gg7bh5cmkwIFHGkdiOmjfS/8a+l7+BsmZJPDLkj
EA27BMAQHHFryUD39wm4gbRS98EJXQRiiueCbJugzRAdfINn3KqDReKWna2YtbA4
PzA9HqLwPnIAD/AoGl+/H55Ip0nyrMuGOcOJhNt32FluSAfGAK03TD8YmQEqKpoj
Q+YAAHEohNQM7UOBJRsJfTJ/+ED5btYMgeD7zZ3O8Njwv5Ly4hdEOmILu0hvitSj
oktiJ5fshFJz2nrj45rTOhAdylFd19PQee0tK1dhqxVhSQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:01:27 2025 by rpki-client