Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/3MQ1Zm2jB8qgOjCAc_a0v-3nM_o.roa
File: 3MQ1Zm2jB8qgOjCAc_a0v-3nM_o.roa (raw, json)
Hash identifier: T4pVm2mU2N5el1g2HcnlglhN57e23NLVS7ny7NzSBL0=
Subject key identifier: DC:C4:35:66:6D:A3:07:CA:A0:3A:30:80:73:F6:B4:BF:ED:E7:33:FA
Certificate issuer: /CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Certificate serial: 0194221F864D5E0EADD85F7F60662B69BA33
Authority key identifier: A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/3MQ1Zm2jB8qgOjCAc_a0v-3nM_o.roa
Signing time: Wed 01 Jan 2025 13:47:58 +0000
ROA not before: Wed 01 Jan 2025 13:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60602
IP address blocks: 81.19.131.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:86:4d:5e:0e:ad:d8:5f:7f:60:66:2b:69:ba:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4ce9640a3ef2fea19374ad8f99f423d7aa7c76b
Validity
Not Before: Jan 1 13:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcc435666da307caa03a308073f6b4bfede733fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:f2:1c:33:9c:63:5c:ae:65:64:e8:25:ad:cb:
75:c4:86:67:63:e1:1d:74:4a:9e:c5:3d:27:d9:57:
17:f9:39:ec:78:99:13:75:ad:9a:57:13:87:8c:21:
f4:3f:51:4f:50:f7:22:2e:b7:93:0d:2e:01:47:70:
36:f9:91:0b:dd:32:74:c6:a5:35:49:4e:44:db:3d:
c1:a7:70:ca:d4:38:dd:01:cd:51:a9:da:60:be:25:
ed:80:ca:e2:a2:28:5d:9b:38:09:e5:ff:a6:21:8b:
bb:7a:0e:ef:67:b3:2c:11:10:2d:3b:b2:6e:3f:a9:
4a:b7:f0:63:76:2d:af:9b:4b:03:85:19:07:85:40:
9c:09:12:9b:b6:0b:d6:67:d9:b6:ad:5e:a8:8f:85:
e4:29:f0:77:b0:e5:26:f8:8d:0b:c5:30:51:f7:df:
75:87:93:b5:3f:20:49:69:ae:5e:48:ee:3f:2c:81:
54:c4:f4:3f:a4:05:7b:32:17:c5:ea:f2:6b:8e:e8:
eb:21:b8:92:6c:18:3e:7e:9c:3c:d0:f9:93:2d:1d:
35:90:04:32:03:69:28:e5:60:78:8f:25:b4:87:91:
af:77:a4:b2:ea:22:b6:84:50:75:76:7e:e5:c5:20:
46:0a:04:02:c3:3f:d6:1d:7e:f3:58:85:6a:93:29:
cd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C4:35:66:6D:A3:07:CA:A0:3A:30:80:73:F6:B4:BF:ED:E7:33:FA
X509v3 Authority Key Identifier:
keyid:A4:CE:96:40:A3:EF:2F:EA:19:37:4A:D8:F9:9F:42:3D:7A:A7:C7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/3MQ1Zm2jB8qgOjCAc_a0v-3nM_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f8a5d1-260a-46a4-a8e4-283fe54a6f2f/1/pM6WQKPvL-oZN0rY-Z9CPXqnx2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.131.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:62:65:0a:d3:f5:b4:5d:76:72:2a:49:64:2a:aa:c0:e5:3a:
1a:b6:4f:e5:79:07:6f:c1:e6:aa:4c:59:c4:a4:e6:51:92:11:
6f:9c:fa:9b:6f:52:78:51:a1:e9:6e:46:91:dc:43:59:7d:e3:
a7:b3:98:d5:79:b0:3b:9b:83:15:e0:8e:74:f0:c8:19:fc:a2:
81:5c:54:9b:bf:31:49:c8:a6:88:51:30:bf:17:b6:22:a8:c7:
45:b3:8f:6f:ae:96:0f:73:cf:65:9e:1a:bf:9e:0c:db:c3:80:
8f:82:38:c7:8c:bb:6f:f3:90:7a:f4:16:7c:07:fb:4d:c4:76:
2d:13:87:21:d1:74:d7:fe:90:5c:ee:a2:57:e5:68:ad:d4:1b:
f3:ac:42:1e:71:b6:65:15:32:42:8b:8a:38:23:36:07:b7:ac:
5a:00:55:fc:fc:bc:ad:0d:fc:33:2b:6b:5a:28:01:9c:f3:76:
71:8e:e6:d1:3c:1f:8b:54:43:23:8a:fe:52:b0:d1:81:3d:bd:
07:f0:27:68:53:d1:5c:85:14:93:82:c8:98:c6:ea:6b:97:58:
9a:17:6f:1c:3e:03:d4:2c:b0:a4:ab:01:93:55:c9:78:22:f2:
9b:ea:4e:2a:13:17:99:08:07:26:f0:67:79:5a:e4:8a:44:ac:
76:e8:53:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4ZNXg6t2F9/YGYrabozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2U5NjQwYTNlZjJmZWExOTM3NGFkOGY5OWY0MjNkN2Fh
N2M3NmIwHhcNMjUwMTAxMTM0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2M0MzU2NjZkYTMwN2NhYTAzYTMwODA3M2Y2YjRiZmVkZTczM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+vIcM5xjXK5lZOglrct1xIZnY+Ed
dEqexT0n2VcX+TnseJkTda2aVxOHjCH0P1FPUPciLreTDS4BR3A2+ZEL3TJ0xqU1
SU5E2z3Bp3DK1DjdAc1RqdpgviXtgMrioihdmzgJ5f+mIYu7eg7vZ7MsERAtO7Ju
P6lKt/Bjdi2vm0sDhRkHhUCcCRKbtgvWZ9m2rV6oj4XkKfB3sOUm+I0LxTBR9991
h5O1PyBJaa5eSO4/LIFUxPQ/pAV7MhfF6vJrjujrIbiSbBg+fpw80PmTLR01kAQy
A2ko5WB4jyW0h5Gvd6Sy6iK2hFB1dn7lxSBGCgQCwz/WHX7zWIVqkynNxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzENWZtowfKoDowgHP2tL/t5zP6MB8GA1UdIwQY
MBaAFKTOlkCj7y/qGTdK2PmfQj16p8drMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQt
MjgzZmU1NGE2ZjJmLzEvM01RMVptMmpCOHFnT2pDQWNfYTB2LTNuTV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mOGE1ZDEtMjYwYS00NmE0LWE4ZTQtMjgzZmU1NGE2ZjJm
LzEvcE02V1FLUHZMLW9aTjByWS1aOUNQWHFueDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAURODMA0G
CSqGSIb3DQEBCwUAA4IBAQAOYmUK0/W0XXZyKklkKqrA5Toatk/leQdvweaqTFnE
pOZRkhFvnPqbb1J4UaHpbkaR3ENZfeOns5jVebA7m4MV4I508MgZ/KKBXFSbvzFJ
yKaIUTC/F7YiqMdFs49vrpYPc89lnhq/ngzbw4CPgjjHjLtv85B69BZ8B/tNxHYt
E4ch0XTX/pBc7qJX5Wit1BvzrEIecbZlFTJCi4o4IzYHt6xaAFX8/LytDfwzK2ta
KAGc83ZxjubRPB+LVEMjiv5SsNGBPb0H8CdoU9FchRSTgsiYxuprl1iaF28cPgPU
LLCkqwGTVcl4IvKb6k4qExeZCAcm8Gd5WuSKRKx26FM6
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:11:01 2025 by rpki-client