Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/sVq7ykDogd7cCsDF--hBK9DnjT4.roa
File: sVq7ykDogd7cCsDF--hBK9DnjT4.roa (raw, json)
Hash identifier: yntzoQcvzBrX+tVilVNDQYJnh1oAW90RlNAXUQi35Kc=
Subject key identifier: B1:5A:BB:CA:40:E8:81:DE:DC:0A:C0:C5:FB:E8:41:2B:D0:E7:8D:3E
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 019565500D5DAFA96EF78951E1BC043088CC
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/sVq7ykDogd7cCsDF--hBK9DnjT4.roa
Signing time: Wed 05 Mar 2025 07:58:19 +0000
ROA not before: Wed 05 Mar 2025 07:58:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51407
IP address blocks: 84.108.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:50:0d:5d:af:a9:6e:f7:89:51:e1:bc:04:30:88:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Mar 5 07:58:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b15abbca40e881dedc0ac0c5fbe8412bd0e78d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3f:56:49:b6:1f:fc:0b:d1:12:bd:6f:04:59:
99:b0:04:8d:c6:f0:12:e3:50:28:62:ca:8f:56:9f:
a2:22:b0:80:0d:7d:e2:9a:74:f7:32:2e:fe:93:1c:
40:b3:0b:e5:dc:85:8f:3b:68:2c:6d:b9:06:a2:29:
1e:b4:28:f3:01:da:da:7f:47:67:b1:e2:ba:42:c7:
eb:84:6a:9e:fb:5e:e7:a7:be:a8:43:4c:b8:39:88:
f0:82:4e:59:69:b9:e3:8d:3f:7d:59:b9:d8:fc:ad:
67:ed:da:ad:38:ad:71:d6:5a:90:3b:9f:01:7c:6d:
e7:2e:79:74:98:d8:34:44:2e:5c:c7:73:bf:2b:2d:
b7:ea:0f:1a:3f:94:a2:9c:92:18:04:a9:ad:4f:a9:
0a:83:06:22:33:04:d6:8f:74:eb:31:31:65:6a:1d:
f1:12:ba:7e:cc:af:2a:0b:0e:9f:33:d7:76:a6:7d:
9b:95:1b:79:4c:fa:3e:31:25:6d:1c:61:08:79:21:
73:71:88:96:cd:5d:ac:32:01:e0:c2:53:70:12:6a:
92:3d:4a:e6:3d:de:a6:f1:52:ae:4c:49:e1:42:54:
54:fd:54:47:b6:16:2d:79:b8:ac:c8:68:8d:7a:84:
b9:74:5c:c4:07:43:47:f8:3f:45:a7:15:c1:c7:34:
fc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:5A:BB:CA:40:E8:81:DE:DC:0A:C0:C5:FB:E8:41:2B:D0:E7:8D:3E
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/sVq7ykDogd7cCsDF--hBK9DnjT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.108.102.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:6a:db:bc:bf:62:d3:3f:b0:b8:77:0b:be:36:e3:06:5e:0d:
11:e6:1d:6b:71:a4:8c:e9:9f:74:a1:55:d9:07:c6:77:b4:32:
65:9c:66:11:04:35:a7:99:95:f5:37:08:36:bc:17:43:bb:b3:
3d:b1:b8:ae:b1:d7:a2:40:39:ed:17:f0:a2:60:77:75:ac:59:
ea:7b:1f:ef:96:ce:aa:a0:da:02:05:bd:aa:3b:c1:13:69:ed:
d8:a8:fa:62:76:7e:7b:b7:f9:0e:c7:75:2a:3f:46:11:c3:41:
e3:28:53:f0:da:5f:a0:5e:54:b1:6d:c8:16:0e:ca:64:93:eb:
96:51:33:02:ca:5f:78:80:ea:d3:28:9b:20:79:88:85:ac:7f:
8d:3f:11:c3:84:21:fa:5f:44:b8:05:30:6c:80:c2:01:9b:29:
be:d6:69:01:9c:25:65:93:f1:66:ef:f2:ab:55:00:2a:3d:b1:
3e:fe:ea:85:57:26:ff:d2:41:6b:b1:b7:23:09:26:ca:52:04:
e9:c6:87:d9:2b:75:d8:18:c8:e7:c5:38:f7:e1:89:22:54:57:
3c:ff:66:c7:90:ad:65:07:7d:8e:dc:2b:94:3e:e7:67:36:1d:
0c:24:5f:7e:c2:dc:45:fa:ef:35:59:82:8a:8d:34:41:8e:c8:
c5:e4:dc:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVlUA1dr6lu94lR4bwEMIjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjUwMzA1MDc1ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTVhYmJjYTQwZTg4MWRlZGMwYWMwYzVmYmU4NDEyYmQwZTc4ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjT9WSbYf/AvREr1vBFmZsASNxvAS
41AoYsqPVp+iIrCADX3imnT3Mi7+kxxAswvl3IWPO2gsbbkGoiketCjzAdraf0dn
seK6QsfrhGqe+17np76oQ0y4OYjwgk5ZabnjjT99WbnY/K1n7dqtOK1x1lqQO58B
fG3nLnl0mNg0RC5cx3O/Ky236g8aP5SinJIYBKmtT6kKgwYiMwTWj3TrMTFlah3x
Erp+zK8qCw6fM9d2pn2blRt5TPo+MSVtHGEIeSFzcYiWzV2sMgHgwlNwEmqSPUrm
Pd6m8VKuTEnhQlRU/VRHthYtebisyGiNeoS5dFzEB0NH+D9FpxXBxzT8OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFau8pA6IHe3ArAxfvoQSvQ540+MB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvc1ZxN3lrRG9nZDdjQ3NERi0taEJLOURualQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVGxmMA0G
CSqGSIb3DQEBCwUAA4IBAQCPatu8v2LTP7C4dwu+NuMGXg0R5h1rcaSM6Z90oVXZ
B8Z3tDJlnGYRBDWnmZX1Nwg2vBdDu7M9sbiusdeiQDntF/CiYHd1rFnqex/vls6q
oNoCBb2qO8ETae3YqPpidn57t/kOx3UqP0YRw0HjKFPw2l+gXlSxbcgWDspkk+uW
UTMCyl94gOrTKJsgeYiFrH+NPxHDhCH6X0S4BTBsgMIBmym+1mkBnCVlk/Fm7/Kr
VQAqPbE+/uqFVyb/0kFrsbcjCSbKUgTpxofZK3XYGMjnxTj34YkiVFc8/2bHkK1l
B32O3CuUPudnNh0MJF9+wtxF+u81WYKKjTRBjsjF5Nwb
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:23:53 2025 by rpki-client