Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/3oPPC7GhgZE-YYKiteCljoiwKBU.roa
File: 3oPPC7GhgZE-YYKiteCljoiwKBU.roa (raw, json)
Hash identifier: htcMSXNQ+BDnI3lz4G4yDNlK4PqXpM47uEcpJA67HnA=
Subject key identifier: DE:83:CF:0B:B1:A1:81:91:3E:61:82:A2:B5:E0:A5:8E:88:B0:28:15
Certificate issuer: /CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Certificate serial: 018CCA29DB33118C443EAE37760F0D3F87DC
Authority key identifier: 96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/3oPPC7GhgZE-YYKiteCljoiwKBU.roa
Signing time: Tue 02 Jan 2024 12:33:09 +0000
ROA not before: Tue 02 Jan 2024 12:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203727
IP address blocks: 5.42.92.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:db:33:11:8c:44:3e:ae:37:76:0f:0d:3f:87:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96062f5ddb18f96d78492b3538d7745cc4714a26
Validity
Not Before: Jan 2 12:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de83cf0bb1a181913e6182a2b5e0a58e88b02815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f5:cb:1a:d9:a4:b0:80:83:d9:f5:15:9e:4a:
dd:e7:11:dd:14:f0:ea:17:df:e0:fe:0b:af:36:6c:
6b:b3:c4:d0:ae:e1:e7:42:59:ad:d7:2b:b1:ec:56:
fe:dd:91:d7:e7:b0:2a:5a:48:1b:aa:72:b1:82:1c:
c7:2c:4c:a5:95:94:25:53:11:5c:bb:17:a2:de:7c:
e8:c1:80:19:e7:7b:cb:28:29:dd:2c:a1:4e:17:e1:
b9:3d:01:93:66:82:2a:0c:73:ad:3e:a7:09:a7:3c:
ad:4e:98:1a:55:4d:75:5a:c0:27:9a:35:f2:a5:da:
73:3c:ba:7f:b8:17:77:59:9a:0d:bc:0c:bc:ff:67:
60:0a:a0:fc:c7:4e:78:f6:82:5f:64:c2:32:26:c8:
0b:f6:70:1c:2e:31:7d:0d:73:ea:17:8d:c0:7e:79:
94:44:2d:05:fc:e3:48:9a:fd:08:5a:c4:5f:26:18:
1b:fe:01:2f:d6:a4:8e:f3:a7:8c:14:a3:a1:7a:0a:
8b:13:c9:3f:d3:27:5f:db:b9:2f:8b:97:d7:04:cb:
3e:f9:28:3c:73:45:7a:08:bf:b6:e4:ba:b3:8e:5d:
43:29:fa:ad:67:d4:7a:2d:4f:d5:44:0a:fe:58:c6:
cc:91:81:2e:06:c0:88:26:3c:a2:0a:75:c1:8b:61:
48:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:83:CF:0B:B1:A1:81:91:3E:61:82:A2:B5:E0:A5:8E:88:B0:28:15
X509v3 Authority Key Identifier:
keyid:96:06:2F:5D:DB:18:F9:6D:78:49:2B:35:38:D7:74:5C:C4:71:4A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lgYvXdsY-W14SSs1ONd0XMRxSiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/3oPPC7GhgZE-YYKiteCljoiwKBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e05975-da8e-460b-9ebb-3fcb5f3f3c59/1/lgYvXdsY-W14SSs1ONd0XMRxSiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.92.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:d3:a3:bb:be:03:df:f3:69:21:9e:7d:4d:8f:5e:76:dd:fd:
36:3c:35:2b:1d:16:7c:c1:51:25:c1:fd:ec:9a:aa:6a:37:c9:
ef:36:c5:ae:6a:20:59:a6:a4:8f:c9:1f:28:fb:af:a0:65:f0:
22:cd:f4:e4:55:b0:5d:cb:79:83:9c:1b:b1:28:a9:bc:ea:56:
cf:61:de:57:cb:50:81:26:72:41:7d:f9:e2:39:cf:b0:23:a7:
b8:44:49:f4:81:f5:a3:ea:bb:3c:73:4a:c3:40:92:7a:d6:1c:
f4:94:c7:60:87:5f:50:ff:a1:0a:8f:2c:8c:f1:b6:9a:b4:f7:
7d:12:d0:86:8b:47:ef:35:c2:0d:9e:e7:51:3c:ad:ea:d4:8f:
d8:35:f2:f2:af:41:9e:d1:eb:82:47:87:e1:4c:a7:f8:89:fc:
24:8d:07:9b:4c:9c:36:52:ed:c1:fe:8c:3b:f5:f2:28:49:03:
f2:8a:fa:94:19:41:ca:a1:b6:e1:fb:34:2a:ee:71:3d:f1:1d:
83:a4:40:ce:f2:9c:d9:51:60:8b:3c:b6:0d:d4:9d:6d:f2:91:
c7:54:ce:df:7d:36:dc:38:0b:9a:54:e2:9a:a5:69:16:d2:57:
6c:5b:9b:ab:e1:43:37:69:1e:f1:03:53:78:0b:e6:40:23:8a:
7a:f4:0e:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKdszEYxEPq43dg8NP4fcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MDYyZjVkZGIxOGY5NmQ3ODQ5MmIzNTM4ZDc3NDVjYzQ3
MTRhMjYwHhcNMjQwMTAyMTIzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTgzY2YwYmIxYTE4MTkxM2U2MTgyYTJiNWUwYTU4ZTg4YjAyODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvXLGtmksICD2fUVnkrd5xHdFPDq
F9/g/guvNmxrs8TQruHnQlmt1yux7Fb+3ZHX57AqWkgbqnKxghzHLEyllZQlUxFc
uxei3nzowYAZ53vLKCndLKFOF+G5PQGTZoIqDHOtPqcJpzytTpgaVU11WsAnmjXy
pdpzPLp/uBd3WZoNvAy8/2dgCqD8x0549oJfZMIyJsgL9nAcLjF9DXPqF43AfnmU
RC0F/ONImv0IWsRfJhgb/gEv1qSO86eMFKOhegqLE8k/0ydf27kvi5fXBMs++Sg8
c0V6CL+25Lqzjl1DKfqtZ9R6LU/VRAr+WMbMkYEuBsCIJjyiCnXBi2FIgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6DzwuxoYGRPmGCorXgpY6IsCgVMB8GA1UdIwQY
MBaAFJYGL13bGPlteEkrNTjXdFzEcUomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmIt
M2ZjYjVmM2YzYzU5LzEvM29QUEM3R2hnWkUtWVlLaXRlQ2xqb2l3S0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMDU5NzUtZGE4ZS00NjBiLTllYmItM2ZjYjVmM2YzYzU5
LzEvbGdZdlhkc1ktVzE0U1NzMU9OZDBYTVJ4U2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSpcMA0G
CSqGSIb3DQEBCwUAA4IBAQDP06O7vgPf82khnn1Nj1523f02PDUrHRZ8wVElwf3s
mqpqN8nvNsWuaiBZpqSPyR8o+6+gZfAizfTkVbBdy3mDnBuxKKm86lbPYd5Xy1CB
JnJBffniOc+wI6e4REn0gfWj6rs8c0rDQJJ61hz0lMdgh19Q/6EKjyyM8baatPd9
EtCGi0fvNcINnudRPK3q1I/YNfLyr0Ge0euCR4fhTKf4ifwkjQebTJw2Uu3B/ow7
9fIoSQPyivqUGUHKobbh+zQq7nE98R2DpEDO8pzZUWCLPLYN1J1t8pHHVM7ffTbc
OAuaVOKapWkW0ldsW5ur4UM3aR7xA1N4C+ZAI4p69A5E
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:14 2025 by rpki-client