Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/3ZY4SnX1yy3L1vAgX9voAeMkVFA.roa
File: 3ZY4SnX1yy3L1vAgX9voAeMkVFA.roa (raw, json)
Hash identifier: tg2AmRn5Z2Y+ThyLPd/HKMkLP9Uc9wkQQiNjIF3J+mw=
Subject key identifier: DD:96:38:4A:75:F5:CB:2D:CB:D6:F0:20:5F:DB:E8:01:E3:24:54:50
Certificate issuer: /CN=d5d902a07fc7d48e0db29bffbe3ab10543fc1465
Certificate serial: 019428256E05104A8A943B79ECD9E507D03F
Authority key identifier: D5:D9:02:A0:7F:C7:D4:8E:0D:B2:9B:FF:BE:3A:B1:05:43:FC:14:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1dkCoH_H1I4Nspv_vjqxBUP8FGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/3ZY4SnX1yy3L1vAgX9voAeMkVFA.roa
Signing time: Thu 02 Jan 2025 17:52:09 +0000
ROA not before: Thu 02 Jan 2025 17:52:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21500
IP address blocks: 193.111.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:6e:05:10:4a:8a:94:3b:79:ec:d9:e5:07:d0:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5d902a07fc7d48e0db29bffbe3ab10543fc1465
Validity
Not Before: Jan 2 17:52:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd96384a75f5cb2dcbd6f0205fdbe801e3245450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:75:21:40:55:bb:ae:e8:02:2f:c5:8a:d1:fb:
fe:03:df:02:2c:7f:01:9c:25:ae:d2:68:42:78:92:
96:fc:33:23:5d:72:de:84:a0:93:4a:a0:e4:fa:86:
81:55:93:fd:ce:90:54:4e:c8:ea:30:7e:64:1a:4a:
2e:77:b1:da:10:39:62:3a:d5:43:83:32:6e:b2:c5:
e0:67:7b:28:80:fa:ba:cc:36:4f:4d:ec:e6:41:5c:
d9:35:76:a5:02:44:5d:cc:eb:39:9b:38:2a:ad:f7:
9a:3a:4e:74:6d:b5:25:8b:67:ff:72:03:b5:92:09:
01:33:86:b1:60:c4:bf:29:88:11:d9:30:3c:ca:d7:
de:4d:72:ab:a4:a8:90:7f:46:a7:4d:8d:65:4c:ce:
01:d7:93:6f:c6:6a:4a:c4:d6:68:eb:91:a3:2e:7e:
5e:87:01:d2:a9:0c:63:e3:2b:01:ae:b9:82:37:e5:
e3:f4:42:71:01:44:50:f3:d8:02:4c:49:b9:47:b8:
92:3c:82:8d:aa:57:6f:78:65:f4:10:ad:92:f2:17:
eb:7c:9e:ab:8b:93:1a:1e:f3:e7:b8:ae:f0:95:81:
ad:79:2f:c0:b6:31:26:75:2b:e4:b7:64:ac:ac:eb:
19:79:b1:7f:54:f3:39:9d:89:1a:68:ea:58:c5:80:
c3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:96:38:4A:75:F5:CB:2D:CB:D6:F0:20:5F:DB:E8:01:E3:24:54:50
X509v3 Authority Key Identifier:
keyid:D5:D9:02:A0:7F:C7:D4:8E:0D:B2:9B:FF:BE:3A:B1:05:43:FC:14:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1dkCoH_H1I4Nspv_vjqxBUP8FGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/3ZY4SnX1yy3L1vAgX9voAeMkVFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/1dkCoH_H1I4Nspv_vjqxBUP8FGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.239.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:e2:57:87:38:ae:a5:4c:4f:3a:b2:a3:42:e0:01:eb:73:31:
9f:50:dd:14:35:f4:02:b4:23:7b:3b:76:b9:41:e6:74:d6:67:
7e:51:56:b1:c2:c4:1c:a4:8c:49:20:47:3b:a0:c3:1c:f1:1a:
12:e5:41:63:d6:ee:3e:15:8e:f8:f7:c8:19:b2:40:30:38:38:
37:a8:28:d2:16:5b:f0:3f:8d:9b:19:4c:86:7c:29:bc:29:a6:
77:b1:5d:b1:6f:02:a1:46:18:f9:e5:ef:60:3a:96:b3:5a:5b:
20:9f:d8:43:76:aa:17:70:8a:e4:62:49:0f:47:c9:14:99:a4:
1b:16:59:e1:fd:d6:81:c6:6b:fb:71:b6:22:92:c7:19:4c:aa:
a5:5e:3d:89:4d:56:b4:62:ab:07:7d:60:01:b5:67:50:e8:61:
a0:86:6b:e2:23:9f:be:8e:fe:0a:8b:50:f0:45:c1:a2:7f:c0:
84:9e:bf:75:88:35:bb:80:3b:d0:03:44:bd:82:46:02:84:35:
b8:e5:28:aa:e7:cd:89:f2:cf:f7:91:a4:67:2b:e0:6c:a8:83:
8b:cd:70:29:30:bd:22:a5:bd:eb:ec:f2:d2:e9:b0:a7:23:8c:
ad:6b:eb:da:55:6a:47:1c:dd:9b:13:dd:58:75:f0:3d:b5:55:
16:c3:d1:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJW4FEEqKlDt57NnlB9A/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZDkwMmEwN2ZjN2Q0OGUwZGIyOWJmZmJlM2FiMTA1NDNm
YzE0NjUwHhcNMjUwMTAyMTc1MjA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDk2Mzg0YTc1ZjVjYjJkY2JkNmYwMjA1ZmRiZTgwMWUzMjQ1NDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHUhQFW7rugCL8WK0fv+A98CLH8B
nCWu0mhCeJKW/DMjXXLehKCTSqDk+oaBVZP9zpBUTsjqMH5kGkoud7HaEDliOtVD
gzJussXgZ3sogPq6zDZPTezmQVzZNXalAkRdzOs5mzgqrfeaOk50bbUli2f/cgO1
kgkBM4axYMS/KYgR2TA8ytfeTXKrpKiQf0anTY1lTM4B15NvxmpKxNZo65GjLn5e
hwHSqQxj4ysBrrmCN+Xj9EJxAURQ89gCTEm5R7iSPIKNqldveGX0EK2S8hfrfJ6r
i5MaHvPnuK7wlYGteS/AtjEmdSvkt2SsrOsZebF/VPM5nYkaaOpYxYDD6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2WOEp19csty9bwIF/b6AHjJFRQMB8GA1UdIwQY
MBaAFNXZAqB/x9SODbKb/746sQVD/BRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWRrQ29IX0gxSTROc3B2X3ZqcXhCVVA4RkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iNTIyOTEtZGM3Zi00NmUxLWIzNjEt
YTZjZWMyNWI4MDA2LzEvM1pZNFNuWDF5eTNMMXZBZ1g5dm9BZU1rVkZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9iNTIyOTEtZGM3Zi00NmUxLWIzNjEtYTZjZWMyNWI4MDA2
LzEvMWRrQ29IX0gxSTROc3B2X3ZqcXhCVVA4RkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW/vMA0G
CSqGSIb3DQEBCwUAA4IBAQAu4leHOK6lTE86sqNC4AHrczGfUN0UNfQCtCN7O3a5
QeZ01md+UVaxwsQcpIxJIEc7oMMc8RoS5UFj1u4+FY7498gZskAwODg3qCjSFlvw
P42bGUyGfCm8KaZ3sV2xbwKhRhj55e9gOpazWlsgn9hDdqoXcIrkYkkPR8kUmaQb
Flnh/daBxmv7cbYikscZTKqlXj2JTVa0YqsHfWABtWdQ6GGghmviI5++jv4Ki1Dw
RcGif8CEnr91iDW7gDvQA0S9gkYChDW45Siq582J8s/3kaRnK+BsqIOLzXApML0i
pb3r7PLS6bCnI4yta+vaVWpHHN2bE91YdfA9tVUWw9EC
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:26 2025 by rpki-client