Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/77f670-f4f8-4b04-931f-5fd32e7b435f/1/tJ4dO0YTu6twKLZi-KFTS4J-xbE.roa
File: tJ4dO0YTu6twKLZi-KFTS4J-xbE.roa (raw, json)
Hash identifier: XfMuY93Au2lw9vYg2Rrss7XYSETGL28RGiG9gwWTa/0=
Subject key identifier: B4:9E:1D:3B:46:13:BB:AB:70:28:B6:62:F8:A1:53:4B:82:7E:C5:B1
Certificate issuer: /CN=3fd3cfd0aac2af0933f7f72455c8f886f46aa1a3
Certificate serial: 01856C9CA5DF4B4E1276683E984C04BBD76B
Authority key identifier: 3F:D3:CF:D0:AA:C2:AF:09:33:F7:F7:24:55:C8:F8:86:F4:6A:A1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9PP0KrCrwkz9_ckVcj4hvRqoaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/77f670-f4f8-4b04-931f-5fd32e7b435f/1/tJ4dO0YTu6twKLZi-KFTS4J-xbE.roa
Signing time: Sun 01 Jan 2023 09:14:43 +0000
ROA not before: Sun 01 Jan 2023 09:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39889
IP address blocks: 195.189.182.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:a5:df:4b:4e:12:76:68:3e:98:4c:04:bb:d7:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd3cfd0aac2af0933f7f72455c8f886f46aa1a3
Validity
Not Before: Jan 1 09:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b49e1d3b4613bbab7028b662f8a1534b827ec5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f9:ba:e7:d7:8c:89:32:c0:73:1e:80:00:82:
cf:17:61:6a:04:da:92:67:ba:18:8a:c3:a4:c2:05:
85:33:76:64:d6:ac:03:b0:2f:f0:60:d8:07:16:71:
58:95:36:70:bb:8e:0b:03:7c:03:e1:1f:91:31:26:
13:f1:a7:f2:f8:7f:3b:16:65:c8:a2:7e:2c:a7:1c:
45:46:20:a2:eb:55:84:2d:88:96:7e:05:58:6e:3f:
74:bd:5d:a0:31:4d:05:ee:e6:e8:32:9a:1a:1f:78:
9a:bd:a6:96:1a:d8:1a:7d:ea:d0:6d:33:4a:2c:f6:
a0:7e:78:53:00:63:51:13:0c:a4:89:4f:e3:3e:68:
19:fe:c4:71:14:5f:1a:0c:9a:ae:e8:62:81:bf:5d:
0e:35:7b:bb:5d:1f:dd:06:15:0f:de:d7:d1:7d:ac:
11:9e:d9:43:84:9c:c7:72:59:55:31:3f:03:2f:36:
cb:ce:f9:f0:e8:b7:94:23:e8:db:b1:f7:2b:9c:26:
ea:01:14:f9:98:05:e3:89:60:ee:1c:cd:5d:8e:12:
c1:5e:8a:08:91:86:77:ed:a0:49:4f:2e:53:ef:02:
6c:ff:5a:ff:55:f8:4e:ef:50:52:4f:da:c9:07:70:
f1:28:e2:1a:79:9c:4f:fb:4d:03:af:6d:8e:7d:af:
9c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:9E:1D:3B:46:13:BB:AB:70:28:B6:62:F8:A1:53:4B:82:7E:C5:B1
X509v3 Authority Key Identifier:
keyid:3F:D3:CF:D0:AA:C2:AF:09:33:F7:F7:24:55:C8:F8:86:F4:6A:A1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9PP0KrCrwkz9_ckVcj4hvRqoaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/77f670-f4f8-4b04-931f-5fd32e7b435f/1/tJ4dO0YTu6twKLZi-KFTS4J-xbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/77f670-f4f8-4b04-931f-5fd32e7b435f/1/P9PP0KrCrwkz9_ckVcj4hvRqoaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.182.0/23
Signature Algorithm: sha256WithRSAEncryption
56:cf:b9:a6:7e:3f:f9:5e:50:41:59:63:7f:33:01:e7:36:81:
43:9c:37:4a:ab:45:30:32:fa:9b:e2:9e:84:ba:e7:91:9e:06:
fd:91:28:7d:07:51:dc:32:ad:96:57:24:67:9b:58:ad:a9:e3:
1d:94:b2:3f:79:2e:27:35:4e:9b:a2:48:a0:00:a8:fd:c0:46:
0e:d0:e5:ef:da:6d:7b:97:13:43:28:ca:e5:ce:8c:09:8a:f2:
f8:9b:70:30:94:59:24:8b:42:a8:9d:05:00:45:9f:a1:f4:0f:
6f:56:a9:42:6b:41:24:65:5c:8e:7d:7d:c2:9c:cb:d3:6b:11:
0b:bf:d6:7f:09:6e:76:13:ed:25:bf:6e:da:a9:5e:5f:7f:53:
3d:4a:ad:be:00:8e:e1:7a:17:15:0f:19:40:4b:f0:df:4d:c6:
52:a9:be:67:df:90:f1:e0:3b:14:4b:12:57:e4:e8:24:60:2c:
5d:9e:99:b3:6a:9a:04:f7:41:a4:fc:8c:26:e8:46:a8:51:a8:
2f:63:32:d2:78:d4:4c:0b:d8:6e:c6:ca:46:c3:02:75:59:8e:
7c:c1:ff:38:51:02:fe:4f:86:14:47:a0:5c:b0:0d:6c:d2:e0:
ea:42:34:2c:11:a5:84:3a:5e:8e:12:1a:ea:2b:c6:f2:0c:76:
6b:e4:80:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnKXfS04Sdmg+mEwEu9drMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDNjZmQwYWFjMmFmMDkzM2Y3ZjcyNDU1YzhmODg2ZjQ2
YWExYTMwHhcNMjMwMTAxMDkxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDllMWQzYjQ2MTNiYmFiNzAyOGI2NjJmOGExNTM0YjgyN2VjNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fm659eMiTLAcx6AAILPF2FqBNqS
Z7oYisOkwgWFM3Zk1qwDsC/wYNgHFnFYlTZwu44LA3wD4R+RMSYT8afy+H87FmXI
on4spxxFRiCi61WELYiWfgVYbj90vV2gMU0F7uboMpoaH3iavaaWGtgaferQbTNK
LPagfnhTAGNREwykiU/jPmgZ/sRxFF8aDJqu6GKBv10ONXu7XR/dBhUP3tfRfawR
ntlDhJzHcllVMT8DLzbLzvnw6LeUI+jbsfcrnCbqART5mAXjiWDuHM1djhLBXooI
kYZ37aBJTy5T7wJs/1r/VfhO71BST9rJB3DxKOIaeZxP+00Dr22Ofa+cCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSeHTtGE7urcCi2YvihU0uCfsWxMB8GA1UdIwQY
MBaAFD/Tz9Cqwq8JM/f3JFXI+Ib0aqGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlQUDBLckNyd2t6OV9ja1ZjajRodlJxb2FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83N2Y2NzAtZjRmOC00YjA0LTkzMWYt
NWZkMzJlN2I0MzVmLzEvdEo0ZE8wWVR1NnR3S0xaaS1LRlRTNEoteGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83N2Y2NzAtZjRmOC00YjA0LTkzMWYtNWZkMzJlN2I0MzVm
LzEvUDlQUDBLckNyd2t6OV9ja1ZjajRodlJxb2FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw722MA0G
CSqGSIb3DQEBCwUAA4IBAQBWz7mmfj/5XlBBWWN/MwHnNoFDnDdKq0UwMvqb4p6E
uueRngb9kSh9B1HcMq2WVyRnm1itqeMdlLI/eS4nNU6bokigAKj9wEYO0OXv2m17
lxNDKMrlzowJivL4m3AwlFkki0KonQUARZ+h9A9vVqlCa0EkZVyOfX3CnMvTaxEL
v9Z/CW52E+0lv27aqV5ff1M9Sq2+AI7hehcVDxlAS/DfTcZSqb5n35Dx4DsUSxJX
5OgkYCxdnpmzapoE90Gk/Iwm6EaoUagvYzLSeNRMC9huxspGwwJ1WY58wf84UQL+
T4YUR6BcsA1s0uDqQjQsEaWEOl6OEhrqK8byDHZr5IAB
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:14:49 2025 by rpki-client