Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/29a091-8550-43c6-8a0c-c682b5be0e53/1/3K3jojX5nNdXe55H3NlbcmNi3JA.roa
File: 3K3jojX5nNdXe55H3NlbcmNi3JA.roa (raw, json)
Hash identifier: i25yKGwY2RfKNduc+1HhoLc5MqLXV2oa9YUTSF2W83c=
Subject key identifier: DC:AD:E3:A2:35:F9:9C:D7:57:7B:9E:47:DC:D9:5B:72:63:62:DC:90
Certificate issuer: /CN=cec4788b2b692c7103b1cb9e1617f8b366910f13
Certificate serial: 01857169DE7104DDC9A38BD30C46B3D3DA69
Authority key identifier: CE:C4:78:8B:2B:69:2C:71:03:B1:CB:9E:16:17:F8:B3:66:91:0F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsR4iytpLHEDscueFhf4s2aRDxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/29a091-8550-43c6-8a0c-c682b5be0e53/1/3K3jojX5nNdXe55H3NlbcmNi3JA.roa
Signing time: Mon 02 Jan 2023 07:37:21 +0000
ROA not before: Mon 02 Jan 2023 07:37:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 192.124.243.0/24 maxlen: 24
141.48.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:de:71:04:dd:c9:a3:8b:d3:0c:46:b3:d3:da:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec4788b2b692c7103b1cb9e1617f8b366910f13
Validity
Not Before: Jan 2 07:37:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcade3a235f99cd7577b9e47dcd95b726362dc90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:96:25:6e:4d:8a:b5:98:33:1d:61:da:cb:0e:
c9:61:04:42:bc:37:2e:13:7b:81:c1:b1:13:81:65:
a3:60:c3:ea:5b:72:09:7f:5e:f1:68:51:ef:a6:c4:
f6:7e:77:80:e4:c0:f2:a1:75:61:17:fb:28:19:88:
11:f2:9d:63:0d:fe:05:2a:6d:f5:53:ec:54:9d:2b:
fb:fa:e9:9a:c1:15:31:cf:9f:5f:3b:da:40:5e:3a:
78:76:71:75:1a:37:b9:f9:e6:e0:17:03:f0:af:15:
a3:af:96:97:9c:d9:5c:55:c4:a0:18:2c:07:4a:f9:
38:ee:c7:fc:5d:91:54:ea:27:86:f3:1e:3a:4d:bb:
a6:bf:22:c9:56:d0:ad:44:03:ce:40:db:1f:67:52:
24:16:1c:44:2d:af:df:4b:89:48:a9:05:70:eb:32:
55:e2:8e:a4:8c:e6:3b:93:fa:ba:93:84:0d:d6:81:
e3:10:05:af:c0:11:73:3b:19:98:ba:f6:0a:ba:23:
22:c1:ba:6c:3f:77:53:67:5a:a3:f0:38:95:00:a7:
47:ea:28:c4:ca:b4:8d:1a:13:35:69:f3:18:f2:46:
05:67:40:bd:c0:ab:d5:c0:4d:7e:29:ca:b0:d5:98:
6b:e0:09:5b:1f:26:bd:19:3a:1a:2e:8a:51:ef:1b:
9a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AD:E3:A2:35:F9:9C:D7:57:7B:9E:47:DC:D9:5B:72:63:62:DC:90
X509v3 Authority Key Identifier:
keyid:CE:C4:78:8B:2B:69:2C:71:03:B1:CB:9E:16:17:F8:B3:66:91:0F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsR4iytpLHEDscueFhf4s2aRDxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a091-8550-43c6-8a0c-c682b5be0e53/1/3K3jojX5nNdXe55H3NlbcmNi3JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a091-8550-43c6-8a0c-c682b5be0e53/1/zsR4iytpLHEDscueFhf4s2aRDxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.48.0.0/16
192.124.243.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:61:ff:90:25:2b:18:6e:ae:3b:48:2d:aa:81:e4:c6:9f:ba:
75:c9:cf:bf:ee:e2:4e:be:d8:23:41:f0:e6:de:16:da:1f:1d:
53:07:f6:c2:60:df:56:2f:30:b3:e5:3c:9d:8e:4f:96:e9:fe:
e0:de:c8:fa:9c:62:2d:fc:b1:f7:e4:7f:5d:f5:30:84:d4:f0:
cf:b9:9d:ff:ee:cf:91:68:09:79:66:e5:ae:00:33:ae:6b:73:
8c:f8:50:36:a6:73:f5:39:c0:77:42:68:10:ac:c6:19:fb:46:
0a:63:f7:c8:c8:56:34:0f:0d:25:d5:3c:b2:45:46:c0:41:ef:
03:07:52:4b:8d:bd:4c:04:95:f0:8e:b6:6a:db:62:a7:f8:fb:
f0:e1:a5:a0:09:f2:f0:ae:db:b0:72:f6:14:e2:7c:34:f9:fc:
d1:9b:44:f4:bb:6f:c8:03:72:72:da:df:3b:50:67:ff:30:4f:
b2:d8:a4:23:bf:d0:86:32:4f:c3:82:5b:52:a7:d6:1e:40:8c:
bf:24:c5:bc:13:ac:cc:e7:11:1a:e0:01:7f:40:24:e2:d5:67:
61:a6:0d:f0:10:23:e0:a8:ff:67:bd:81:ec:87:ed:e8:23:9d:
7c:f6:24:f1:ab:cf:4d:b9:be:c8:5a:f8:d0:ca:42:84:8d:b6:
69:4f:9f:a2
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVxad5xBN3Jo4vTDEaz09ppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzQ3ODhiMmI2OTJjNzEwM2IxY2I5ZTE2MTdmOGIzNjY5
MTBmMTMwHhcNMjMwMTAyMDczNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2FkZTNhMjM1Zjk5Y2Q3NTc3YjllNDdkY2Q5NWI3MjYzNjJkYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppYlbk2KtZgzHWHayw7JYQRCvDcu
E3uBwbETgWWjYMPqW3IJf17xaFHvpsT2fneA5MDyoXVhF/soGYgR8p1jDf4FKm31
U+xUnSv7+umawRUxz59fO9pAXjp4dnF1Gje5+ebgFwPwrxWjr5aXnNlcVcSgGCwH
Svk47sf8XZFU6ieG8x46TbumvyLJVtCtRAPOQNsfZ1IkFhxELa/fS4lIqQVw6zJV
4o6kjOY7k/q6k4QN1oHjEAWvwBFzOxmYuvYKuiMiwbpsP3dTZ1qj8DiVAKdH6ijE
yrSNGhM1afMY8kYFZ0C9wKvVwE1+Kcqw1Zhr4AlbHya9GToaLopR7xuapQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFNyt46I1+ZzXV3ueR9zZW3JjYtyQMB8GA1UdIwQY
MBaAFM7EeIsraSxxA7HLnhYX+LNmkQ8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNSNGl5dHBMSEVEc2N1ZUZoZjRzMmFSRHhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yOWEwOTEtODU1MC00M2M2LThhMGMt
YzY4MmI1YmUwZTUzLzEvM0szam9qWDVuTmRYZTU1SDNObGJjbU5pM0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yOWEwOTEtODU1MC00M2M2LThhMGMtYzY4MmI1YmUwZTUz
LzEvenNSNGl5dHBMSEVEc2N1ZUZoZjRzMmFSRHhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAjTADBADA
fPMwDQYJKoZIhvcNAQELBQADggEBAMVh/5AlKxhurjtILaqB5MafunXJz7/u4k6+
2CNB8ObeFtofHVMH9sJg31YvMLPlPJ2OT5bp/uDeyPqcYi38sffkf131MITU8M+5
nf/uz5FoCXlm5a4AM65rc4z4UDamc/U5wHdCaBCsxhn7Rgpj98jIVjQPDSXVPLJF
RsBB7wMHUkuNvUwElfCOtmrbYqf4+/DhpaAJ8vCu27By9hTifDT5/NGbRPS7b8gD
cnLa3ztQZ/8wT7LYpCO/0IYyT8OCW1Kn1h5AjL8kxbwTrMznERrgAX9AJOLVZ2Gm
DfAQI+Co/2e9geyH7egjnXz2JPGrz025vsha+NDKQoSNtmlPn6I=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:41:52 2025 by rpki-client