Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/c34150-5912-490c-b35b-f54fbf6917bc/1/3mgL5kmPTE1KzgmolBjYNrOCQw4.roa
File: 3mgL5kmPTE1KzgmolBjYNrOCQw4.roa (raw, json)
Hash identifier: 4p0hGsG00DucWMHppeS8f+vIw114RVg7ok5Btqh+zyQ=
Subject key identifier: DE:68:0B:E6:49:8F:4C:4D:4A:CE:09:A8:94:18:D8:36:B3:82:43:0E
Certificate issuer: /CN=1ecb9bd5ed96e69dda8fc2a1fe02147adae8f713
Certificate serial: 019420D65ED992E62C01F343AEF84E306FD9
Authority key identifier: 1E:CB:9B:D5:ED:96:E6:9D:DA:8F:C2:A1:FE:02:14:7A:DA:E8:F7:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hsub1e2W5p3aj8Kh_gIUetro9xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/c34150-5912-490c-b35b-f54fbf6917bc/1/3mgL5kmPTE1KzgmolBjYNrOCQw4.roa
Signing time: Wed 01 Jan 2025 07:48:27 +0000
ROA not before: Wed 01 Jan 2025 07:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 77.95.81.0/24 maxlen: 24
217.64.228.0/24 maxlen: 24
217.64.239.0/24 maxlen: 24
217.147.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5e:d9:92:e6:2c:01:f3:43:ae:f8:4e:30:6f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ecb9bd5ed96e69dda8fc2a1fe02147adae8f713
Validity
Not Before: Jan 1 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de680be6498f4c4d4ace09a89418d836b382430e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:90:7c:d2:1d:94:56:ee:92:96:61:97:94:86:
fc:e6:46:40:66:c1:45:42:ce:aa:cc:6a:41:41:ee:
7f:84:4c:0a:33:b6:78:c8:f8:4b:37:7d:0f:37:ec:
0b:ad:4d:98:bd:0e:7a:bf:81:2c:bc:cf:8a:8a:75:
a8:51:a2:c7:44:4d:7d:71:b6:b9:da:ec:31:ac:d1:
bc:cb:79:ac:32:51:68:b7:57:e9:1e:45:de:05:25:
63:e7:a9:8f:6f:52:82:09:cd:39:6a:21:17:66:3f:
93:30:b5:a7:9f:a9:2c:9d:3e:e0:66:97:42:8f:38:
ff:2e:ee:e3:28:b3:e0:fa:ba:20:02:1a:19:c7:75:
43:92:4b:67:ed:bd:3c:2f:d3:05:e8:b5:4a:1e:5e:
0a:29:22:26:49:7e:f5:c0:04:36:05:2a:5c:56:f3:
94:ef:0e:2e:af:12:15:6c:4a:d8:b0:e6:ad:cf:9a:
59:a5:ea:69:3b:af:e2:db:5e:67:7d:39:a4:fa:79:
1d:26:46:91:40:46:23:5e:89:38:ba:01:28:6c:ce:
9b:b8:26:30:ef:67:60:27:36:6c:88:6f:56:74:ab:
1e:25:90:c5:08:9b:5d:18:22:d3:43:9d:99:47:19:
77:5f:4d:a3:43:c6:02:ca:4c:1e:c4:2c:d5:4c:5e:
5e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:68:0B:E6:49:8F:4C:4D:4A:CE:09:A8:94:18:D8:36:B3:82:43:0E
X509v3 Authority Key Identifier:
keyid:1E:CB:9B:D5:ED:96:E6:9D:DA:8F:C2:A1:FE:02:14:7A:DA:E8:F7:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hsub1e2W5p3aj8Kh_gIUetro9xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c34150-5912-490c-b35b-f54fbf6917bc/1/3mgL5kmPTE1KzgmolBjYNrOCQw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c34150-5912-490c-b35b-f54fbf6917bc/1/Hsub1e2W5p3aj8Kh_gIUetro9xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.81.0/24
217.64.228.0/24
217.64.239.0/24
217.147.71.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:d1:3e:1c:79:b0:ed:85:53:30:55:06:1a:a8:cd:9e:4e:3f:
4f:cc:f9:b6:4b:f7:4c:2d:2d:ef:e3:7c:1d:67:be:a9:23:8b:
7f:b1:db:7e:ab:60:bd:f9:eb:6d:6e:a1:64:89:ff:c5:ad:9f:
d9:98:1b:b4:da:a1:e0:64:9c:96:ee:c5:19:43:5c:ed:1f:a5:
25:ce:c5:11:fd:dd:2c:69:4c:98:8a:4d:3b:99:66:c0:fd:86:
32:a7:8a:f1:fa:28:79:d8:f1:2e:1a:ee:a8:d6:56:a2:45:f0:
ce:d2:2f:05:8a:b5:4d:44:56:62:97:06:b7:82:91:66:3b:83:
bd:de:0d:c6:78:f4:0e:9c:4f:87:a0:36:bf:5f:3d:8b:f8:56:
7d:b7:00:a4:40:3f:5e:d7:eb:86:6b:bc:d9:22:18:4b:91:b0:
11:c0:03:2c:fe:0e:ca:48:73:a1:ab:51:67:20:83:7c:51:f7:
29:ff:1b:fb:99:6a:6b:f1:43:b4:8a:dd:0a:14:3f:ab:c3:3b:
ef:b9:ae:e6:f6:71:34:f4:f1:30:7c:bc:c7:72:08:d6:b5:40:
37:a7:2c:45:c0:75:6e:7c:07:bd:07:e4:98:30:81:eb:f6:f9:
41:bf:3d:b4:b3:99:70:75:7d:cc:41:fc:f3:6d:47:b7:43:ca:
9a:5b:98:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQg1l7ZkuYsAfNDrvhOMG/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlY2I5YmQ1ZWQ5NmU2OWRkYThmYzJhMWZlMDIxNDdhZGFl
OGY3MTMwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTY4MGJlNjQ5OGY0YzRkNGFjZTA5YTg5NDE4ZDgzNmIzODI0MzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZB80h2UVu6SlmGXlIb85kZAZsFF
Qs6qzGpBQe5/hEwKM7Z4yPhLN30PN+wLrU2YvQ56v4EsvM+KinWoUaLHRE19cba5
2uwxrNG8y3msMlFot1fpHkXeBSVj56mPb1KCCc05aiEXZj+TMLWnn6ksnT7gZpdC
jzj/Lu7jKLPg+rogAhoZx3VDkktn7b08L9MF6LVKHl4KKSImSX71wAQ2BSpcVvOU
7w4urxIVbErYsOatz5pZpeppO6/i215nfTmk+nkdJkaRQEYjXok4ugEobM6buCYw
72dgJzZsiG9WdKseJZDFCJtdGCLTQ52ZRxl3X02jQ8YCykwexCzVTF5eNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN5oC+ZJj0xNSs4JqJQY2DazgkMOMB8GA1UdIwQY
MBaAFB7Lm9Xtluad2o/Cof4CFHra6PcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHN1YjFlMlc1cDNhajhLaF9nSVVldHJvOXhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jMzQxNTAtNTkxMi00OTBjLWIzNWIt
ZjU0ZmJmNjkxN2JjLzEvM21nTDVrbVBURTFLemdtb2xCallOck9DUXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9jMzQxNTAtNTkxMi00OTBjLWIzNWItZjU0ZmJmNjkxN2Jj
LzEvSHN1YjFlMlc1cDNhajhLaF9nSVVldHJvOXhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATV9RAwQA
2UDkAwQA2UDvAwQA2ZNHMA0GCSqGSIb3DQEBCwUAA4IBAQDL0T4cebDthVMwVQYa
qM2eTj9PzPm2S/dMLS3v43wdZ76pI4t/sdt+q2C9+ettbqFkif/FrZ/ZmBu02qHg
ZJyW7sUZQ1ztH6UlzsUR/d0saUyYik07mWbA/YYyp4rx+ih52PEuGu6o1laiRfDO
0i8FirVNRFZilwa3gpFmO4O93g3GePQOnE+HoDa/Xz2L+FZ9twCkQD9e1+uGa7zZ
IhhLkbARwAMs/g7KSHOhq1FnIIN8Ufcp/xv7mWpr8UO0it0KFD+rwzvvua7m9nE0
9PEwfLzHcgjWtUA3pyxFwHVufAe9B+SYMIHr9vlBvz20s5lwdX3MQfzzbUe3Q8qa
W5gW
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:30 2025 by rpki-client