Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/3dXj_lgYpwRM-RxTGKfNRF5snbo.roa
File: 3dXj_lgYpwRM-RxTGKfNRF5snbo.roa (raw, json)
Hash identifier: RmbRVxscjgvMYsDtF6/rZX2E7zmF1iHbwagy3Ftx4iU=
Subject key identifier: DD:D5:E3:FE:58:18:A7:04:4C:F9:1C:53:18:A7:CD:44:5E:6C:9D:BA
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01942067DB052100844F0EB17CABEAED3DB0
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/3dXj_lgYpwRM-RxTGKfNRF5snbo.roa
Signing time: Wed 01 Jan 2025 05:47:44 +0000
ROA not before: Wed 01 Jan 2025 05:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208813
IP address blocks: 194.209.6.0/24 maxlen: 24
2001:918:fff2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:db:05:21:00:84:4f:0e:b1:7c:ab:ea:ed:3d:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 05:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddd5e3fe5818a7044cf91c5318a7cd445e6c9dba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8d:42:27:de:47:5a:a8:e8:51:be:63:15:ff:
f7:50:9a:79:f3:7a:ac:bc:3b:4f:fd:b5:41:f6:d4:
bb:fa:28:03:3e:7c:70:d1:9b:64:20:b8:1f:75:a8:
26:9a:54:8f:8d:80:33:e1:3e:4d:6d:86:90:78:c0:
3d:68:dc:8c:e2:54:e9:1e:17:a1:49:df:e2:13:b5:
55:7d:18:11:a0:3b:af:47:6a:db:5f:37:39:b0:9b:
00:96:7a:67:c1:1c:5e:e5:bf:2f:cf:a4:14:88:34:
86:c9:80:ce:f6:b1:c6:85:6e:d0:5b:82:80:f9:24:
21:19:3d:0d:f9:ea:2f:e2:a9:db:ea:f5:22:fc:69:
43:9b:90:2d:a6:36:18:1b:2d:18:7d:e3:db:af:49:
00:ed:77:fb:2e:1f:7c:c1:58:b5:75:9e:15:7d:b5:
73:b6:e9:17:b5:93:a5:2a:81:a5:c8:38:78:30:0e:
81:eb:19:44:a0:f3:5b:fc:78:11:ed:2b:94:e0:38:
ff:a5:5a:45:1f:fc:c7:30:7f:5d:d8:43:e5:a2:88:
ab:b0:c6:19:3d:b6:dc:61:fd:35:a1:72:02:c9:5a:
c2:06:9a:aa:80:25:93:36:3c:bd:95:4e:ed:3b:5e:
ef:5b:58:fc:46:52:c5:e5:f9:cc:41:65:70:d2:0c:
13:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D5:E3:FE:58:18:A7:04:4C:F9:1C:53:18:A7:CD:44:5E:6C:9D:BA
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/3dXj_lgYpwRM-RxTGKfNRF5snbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.6.0/24
IPv6:
2001:918:fff2::/48
Signature Algorithm: sha256WithRSAEncryption
66:27:d2:d4:35:49:8b:72:61:aa:c6:65:f9:db:81:8d:29:e0:
61:22:e1:12:49:b3:78:e7:dd:d4:07:82:f1:ae:96:e9:15:e0:
18:e7:4c:61:53:13:27:13:6f:45:40:be:29:9e:ae:e0:bd:8c:
6e:c0:04:bc:22:f2:62:12:ed:c3:a0:f5:72:08:51:fd:e7:8a:
a6:8e:a4:b9:af:d1:88:2d:3a:0a:61:3a:98:05:61:36:98:4f:
91:56:08:c1:bb:01:41:40:28:8c:a4:6a:27:30:bc:54:ea:ee:
b7:93:8d:48:da:df:77:ab:a3:9c:56:6c:3b:66:29:e9:b6:bf:
81:a3:fb:7c:61:e9:2f:f0:eb:75:f0:5a:68:07:77:37:b8:5f:
b2:bc:4f:fe:37:11:5c:6f:f9:6c:86:62:4e:f0:be:69:c4:87:
76:1d:f9:b9:62:a7:f7:e6:c4:10:04:ec:0b:a1:9a:69:c3:fc:
fe:31:e0:4e:f0:68:d3:71:b5:9f:82:95:28:64:a6:a7:0a:f2:
67:17:8d:f6:37:26:b2:ad:22:b0:9b:83:9a:0c:41:d3:4f:ea:
0c:83:bb:d4:fb:96:7d:c4:e8:6b:6f:bc:d1:af:56:d8:c0:50:
67:51:a5:a0:c1:4d:1e:67:7a:a0:17:ff:32:5e:3b:4d:47:32:
ec:b6:bc:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQgZ9sFIQCETw6xfKvq7T2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwMTAxMDU0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQ1ZTNmZTU4MThhNzA0NGNmOTFjNTMxOGE3Y2Q0NDVlNmM5ZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxo1CJ95HWqjoUb5jFf/3UJp583qs
vDtP/bVB9tS7+igDPnxw0ZtkILgfdagmmlSPjYAz4T5NbYaQeMA9aNyM4lTpHheh
Sd/iE7VVfRgRoDuvR2rbXzc5sJsAlnpnwRxe5b8vz6QUiDSGyYDO9rHGhW7QW4KA
+SQhGT0N+eov4qnb6vUi/GlDm5AtpjYYGy0YfePbr0kA7Xf7Lh98wVi1dZ4VfbVz
tukXtZOlKoGlyDh4MA6B6xlEoPNb/HgR7SuU4Dj/pVpFH/zHMH9d2EPlooirsMYZ
PbbcYf01oXICyVrCBpqqgCWTNjy9lU7tO17vW1j8RlLF5fnMQWVw0gwTUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN3V4/5YGKcETPkcUxinzURebJ26MB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvM2RYal9sZ1lwd1JNLVJ4VEdLZk5SRjVzbmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwtEGMA8E
AgACMAkDBwAgAQkY//IwDQYJKoZIhvcNAQELBQADggEBAGYn0tQ1SYtyYarGZfnb
gY0p4GEi4RJJs3jn3dQHgvGulukV4BjnTGFTEycTb0VAvimeruC9jG7ABLwi8mIS
7cOg9XIIUf3niqaOpLmv0YgtOgphOpgFYTaYT5FWCMG7AUFAKIykaicwvFTq7reT
jUja33ero5xWbDtmKem2v4Gj+3xh6S/w63XwWmgHdze4X7K8T/43EVxv+WyGYk7w
vmnEh3Yd+blip/fmxBAE7AuhmmnD/P4x4E7waNNxtZ+ClShkpqcK8mcXjfY3JrKt
IrCbg5oMQdNP6gyDu9T7ln3E6GtvvNGvVtjAUGdRpaDBTR5neqAX/zJeO01HMuy2
vNE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:45:58 2025 by rpki-client