Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/4pndJR5YmydmS9JXz_iQx8ck7j0.roa
File: 4pndJR5YmydmS9JXz_iQx8ck7j0.roa (raw, json)
Hash identifier: Z1im/UM2UzYVlqGcYguPnrUORp/DmOYEtnYcSLNDNIU=
Subject key identifier: E2:99:DD:25:1E:58:9B:27:66:4B:D2:57:CF:F8:90:C7:C7:24:EE:3D
Certificate issuer: /CN=3c4d3fb044eb1c0a11be0602aceef88e5f5d2ddf
Certificate serial: 01941FFA1091CB1849EF65B33383933188CF
Authority key identifier: 3C:4D:3F:B0:44:EB:1C:0A:11:BE:06:02:AC:EE:F8:8E:5F:5D:2D:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/4pndJR5YmydmS9JXz_iQx8ck7j0.roa
Signing time: Wed 01 Jan 2025 03:47:49 +0000
ROA not before: Wed 01 Jan 2025 03:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 86.36.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:10:91:cb:18:49:ef:65:b3:33:83:93:31:88:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4d3fb044eb1c0a11be0602aceef88e5f5d2ddf
Validity
Not Before: Jan 1 03:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e299dd251e589b27664bd257cff890c7c724ee3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:75:a2:a8:f4:6e:01:fa:5b:ed:7b:00:5e:b0:
d6:2e:6a:af:e1:26:cd:1c:23:99:8e:4f:e2:9f:f4:
53:e5:66:21:d2:2d:13:7b:86:20:ca:87:45:f5:24:
2b:6c:1b:27:19:bd:f7:53:67:8c:2e:02:05:4e:1c:
2a:79:e5:f5:db:74:92:47:35:ab:c9:a7:bd:a5:f0:
07:f0:83:f5:5e:c6:73:30:44:d6:f2:8f:c5:e0:ba:
d1:23:32:75:34:b2:07:98:8f:78:52:15:fb:32:ff:
fc:01:ac:36:c8:56:cc:fd:77:eb:ec:1a:31:35:88:
a0:07:48:91:cd:a1:99:1c:ae:fc:ea:35:16:32:7a:
96:42:21:e8:0b:38:63:4b:82:bc:ff:b4:23:91:3c:
22:28:e3:dc:bd:cc:30:09:8a:d9:b8:4f:d3:c0:80:
73:a8:3b:95:ba:98:bf:2d:a3:26:91:87:5e:fc:4d:
8b:ad:09:53:3b:8e:85:72:b3:e1:c6:93:aa:4b:03:
27:40:c0:d6:84:00:8e:50:b0:65:6c:b4:89:1a:7d:
ca:46:79:65:ed:0c:76:cc:03:66:fe:45:ad:03:fb:
61:33:44:45:ab:a6:d7:c7:99:aa:92:62:26:9f:32:
47:db:fc:b4:86:71:9a:92:7d:55:6e:66:eb:b6:5b:
0a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:99:DD:25:1E:58:9B:27:66:4B:D2:57:CF:F8:90:C7:C7:24:EE:3D
X509v3 Authority Key Identifier:
keyid:3C:4D:3F:B0:44:EB:1C:0A:11:BE:06:02:AC:EE:F8:8E:5F:5D:2D:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE0_sETrHAoRvgYCrO74jl9dLd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/4pndJR5YmydmS9JXz_iQx8ck7j0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/76e07c-8a32-489d-91d1-b184e3f4b50e/1/PE0_sETrHAoRvgYCrO74jl9dLd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.36.20.0/22
Signature Algorithm: sha256WithRSAEncryption
81:b6:40:77:8a:74:e2:4f:12:59:78:df:11:46:b7:be:b9:74:
d8:6d:3a:c9:cd:47:50:6f:33:b3:12:b6:39:0f:50:d4:ef:a8:
bc:04:f5:2b:d8:10:9b:1a:4c:b9:46:67:c9:12:f7:2c:06:86:
94:d6:cf:69:5a:4b:a4:60:63:b7:b2:17:bf:d1:c0:80:19:4f:
31:c4:99:12:3e:79:3e:7a:cc:c1:aa:84:98:b8:f1:93:90:4f:
5a:01:0d:2e:40:90:48:74:8f:b3:d1:f6:94:28:40:9c:9b:50:
83:e4:a6:13:a1:16:3a:f6:6b:5b:7d:c1:45:1a:84:34:ed:88:
a3:e2:f7:6c:fc:14:77:63:3f:50:6e:83:7a:f8:f5:30:89:f4:
56:18:88:f3:8d:ec:11:3f:c9:4c:a8:a9:27:88:22:f5:be:03:
36:29:ae:98:46:d7:68:53:3b:ca:53:a6:42:6a:3c:d3:f8:0f:
d2:6a:66:25:3f:b1:3d:e5:28:61:1a:f7:b8:79:27:9f:b3:3c:
1c:98:f2:60:54:c6:66:1e:03:16:4d:29:9d:34:af:32:ec:c0:
ed:bd:2e:7a:25:bb:82:6a:97:b5:db:98:52:43:8f:8b:ef:b7:
b5:97:5b:53:c6:2e:d8:47:2d:4e:4f:99:13:03:7a:ff:3e:4b:
7f:f7:69:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+hCRyxhJ72WzM4OTMYjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGQzZmIwNDRlYjFjMGExMWJlMDYwMmFjZWVmODhlNWY1
ZDJkZGYwHhcNMjUwMTAxMDM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjk5ZGQyNTFlNTg5YjI3NjY0YmQyNTdjZmY4OTBjN2M3MjRlZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03WiqPRuAfpb7XsAXrDWLmqv4SbN
HCOZjk/in/RT5WYh0i0Te4YgyodF9SQrbBsnGb33U2eMLgIFThwqeeX123SSRzWr
yae9pfAH8IP1XsZzMETW8o/F4LrRIzJ1NLIHmI94UhX7Mv/8Aaw2yFbM/Xfr7Box
NYigB0iRzaGZHK786jUWMnqWQiHoCzhjS4K8/7QjkTwiKOPcvcwwCYrZuE/TwIBz
qDuVupi/LaMmkYde/E2LrQlTO46FcrPhxpOqSwMnQMDWhACOULBlbLSJGn3KRnll
7Qx2zANm/kWtA/thM0RFq6bXx5mqkmImnzJH2/y0hnGakn1VbmbrtlsKtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOKZ3SUeWJsnZkvSV8/4kMfHJO49MB8GA1UdIwQY
MBaAFDxNP7BE6xwKEb4GAqzu+I5fXS3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEUwX3NFVHJIQW9SdmdZQ3JPNzRqbDlkTGQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS83NmUwN2MtOGEzMi00ODlkLTkxZDEt
YjE4NGUzZjRiNTBlLzEvNHBuZEpSNVlteWRtUzlKWHpfaVF4OGNrN2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS83NmUwN2MtOGEzMi00ODlkLTkxZDEtYjE4NGUzZjRiNTBl
LzEvUEUwX3NFVHJIQW9SdmdZQ3JPNzRqbDlkTGQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCViQUMA0G
CSqGSIb3DQEBCwUAA4IBAQCBtkB3inTiTxJZeN8RRre+uXTYbTrJzUdQbzOzErY5
D1DU76i8BPUr2BCbGky5RmfJEvcsBoaU1s9pWkukYGO3she/0cCAGU8xxJkSPnk+
eszBqoSYuPGTkE9aAQ0uQJBIdI+z0faUKECcm1CD5KYToRY69mtbfcFFGoQ07Yij
4vds/BR3Yz9QboN6+PUwifRWGIjzjewRP8lMqKkniCL1vgM2Ka6YRtdoUzvKU6ZC
ajzT+A/SamYlP7E95ShhGve4eSefszwcmPJgVMZmHgMWTSmdNK8y7MDtvS56JbuC
ape125hSQ4+L77e1l1tTxi7YRy1OT5kTA3r/Pkt/92nc
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:29:13 2025 by rpki-client