Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/3XFZjvmipuYl3ZWlHwQH5J3zMBo.roa
File: 3XFZjvmipuYl3ZWlHwQH5J3zMBo.roa (raw, json)
Hash identifier: waCPVYUPagNA2C/8qUWA6TsWBhxDDZLgjh2zXP9UUxQ=
Subject key identifier: DD:71:59:8E:F9:A2:A6:E6:25:DD:95:A5:1F:04:07:E4:9D:F3:30:1A
Certificate issuer: /CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Certificate serial: 019425FDA730AC7A1D0B15339E802B146EEF
Authority key identifier: 53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/3XFZjvmipuYl3ZWlHwQH5J3zMBo.roa
Signing time: Thu 02 Jan 2025 07:49:27 +0000
ROA not before: Thu 02 Jan 2025 07:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209841
IP address blocks: 185.201.39.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:a7:30:ac:7a:1d:0b:15:33:9e:80:2b:14:6e:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Validity
Not Before: Jan 2 07:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd71598ef9a2a6e625dd95a51f0407e49df3301a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:71:94:68:62:a4:05:ca:83:a8:a6:3c:a7:27:
e3:1f:4e:ca:33:78:3b:fb:ce:1c:62:17:34:11:0f:
71:50:27:7c:42:29:86:33:3f:ca:bb:3e:09:3b:2c:
bb:54:f9:53:0d:45:5f:2e:bb:cc:2d:77:a6:9c:f1:
f1:56:f9:e2:bc:6c:ac:b6:48:ff:de:75:f0:0b:f8:
86:d1:0c:45:50:4f:c7:09:5a:9c:43:b6:4d:ee:ee:
ba:03:ff:b5:68:d2:9f:dd:80:84:c0:b3:44:d3:ba:
76:7f:17:c8:c8:91:bc:9a:11:ef:b4:1f:f7:ea:8b:
1d:d1:a8:c5:63:71:97:3f:42:b9:1d:91:65:7d:3e:
1c:75:75:a1:93:3c:e6:e6:c3:31:86:48:f8:f3:12:
82:eb:59:35:17:31:fd:5f:60:9b:4f:a7:4a:32:82:
23:0a:0e:c2:20:99:f2:38:75:62:31:d1:04:fd:87:
db:a1:0a:e5:3f:ff:6d:8a:05:2f:dc:8f:b3:07:71:
98:07:6d:31:18:d5:72:6f:06:af:4a:eb:a6:11:27:
96:a1:66:be:1d:4a:20:6c:47:8b:8a:b8:58:a6:d8:
75:8d:b4:19:43:c6:47:58:b2:41:aa:f0:a8:aa:aa:
25:d4:e6:b1:a6:30:93:d5:fe:b9:41:7f:36:98:a6:
ab:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:71:59:8E:F9:A2:A6:E6:25:DD:95:A5:1F:04:07:E4:9D:F3:30:1A
X509v3 Authority Key Identifier:
keyid:53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/3XFZjvmipuYl3ZWlHwQH5J3zMBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.39.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:ce:d7:53:99:14:94:5f:49:76:ef:c6:ba:ad:cc:bc:df:6a:
86:4b:01:80:20:a8:8c:72:4f:d6:d3:c4:47:b3:3e:72:ef:e6:
2b:82:30:13:88:47:99:1e:c7:3a:76:dd:a5:ff:cf:74:60:4b:
3f:90:e4:02:7b:8b:b3:75:97:e2:4b:a4:11:89:0e:8b:a2:fe:
0a:f5:df:68:ff:6a:96:31:9f:57:12:25:cb:5d:5f:e6:21:ee:
f0:c8:a3:6b:9c:08:cf:df:18:ba:50:f5:d2:64:1c:22:dc:ad:
41:be:b4:32:42:60:d6:58:41:5e:ed:d2:21:c2:04:2a:45:56:
82:3b:b8:12:9d:b9:75:a8:f1:c3:4c:c1:7c:c6:d1:f7:5a:44:
46:c9:f7:3d:9d:c0:0a:bf:d0:c9:2e:4b:2f:1a:60:48:72:52:
0b:1b:d7:c3:a6:dd:de:eb:19:5a:f2:7d:de:fa:59:f0:75:95:
50:79:13:5b:0a:48:35:8e:55:da:9d:ea:97:f7:17:27:7e:3b:
94:d0:8c:81:0d:ae:aa:38:5f:0b:0a:2d:f7:a3:6d:e9:6c:43:
fb:e8:63:fa:71:3e:9a:3d:32:33:c1:eb:2b:0a:9b:73:75:d6:
2d:ed:73:19:c0:5d:77:62:af:4e:2b:b9:51:5c:cf:66:7e:06:
bd:72:53:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/acwrHodCxUznoArFG7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzZhMTA2Y2VjZGViYTkyZTBiODBlNWU5YTVjNzg5YmE3
NGM2MmIwHhcNMjUwMTAyMDc0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDcxNTk4ZWY5YTJhNmU2MjVkZDk1YTUxZjA0MDdlNDlkZjMzMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nGUaGKkBcqDqKY8pyfjH07KM3g7
+84cYhc0EQ9xUCd8QimGMz/Kuz4JOyy7VPlTDUVfLrvMLXemnPHxVvnivGystkj/
3nXwC/iG0QxFUE/HCVqcQ7ZN7u66A/+1aNKf3YCEwLNE07p2fxfIyJG8mhHvtB/3
6osd0ajFY3GXP0K5HZFlfT4cdXWhkzzm5sMxhkj48xKC61k1FzH9X2CbT6dKMoIj
Cg7CIJnyOHViMdEE/YfboQrlP/9tigUv3I+zB3GYB20xGNVybwavSuumESeWoWa+
HUogbEeLirhYpth1jbQZQ8ZHWLJBqvCoqqol1OaxpjCT1f65QX82mKarnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1xWY75oqbmJd2VpR8EB+Sd8zAaMB8GA1UdIwQY
MBaAFFM2oQbOzeupLguA5emlx4m6dMYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAt
ZGQ4MDNjNWI4NWRiLzEvM1hGWmp2bWlwdVlsM1pXbEh3UUg1SjN6TUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAtZGQ4MDNjNWI4NWRi
LzEvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucknMA0G
CSqGSIb3DQEBCwUAA4IBAQDOztdTmRSUX0l278a6rcy832qGSwGAIKiMck/W08RH
sz5y7+YrgjATiEeZHsc6dt2l/890YEs/kOQCe4uzdZfiS6QRiQ6Lov4K9d9o/2qW
MZ9XEiXLXV/mIe7wyKNrnAjP3xi6UPXSZBwi3K1BvrQyQmDWWEFe7dIhwgQqRVaC
O7gSnbl1qPHDTMF8xtH3WkRGyfc9ncAKv9DJLksvGmBIclILG9fDpt3e6xla8n3e
+lnwdZVQeRNbCkg1jlXaneqX9xcnfjuU0IyBDa6qOF8LCi33o23pbEP76GP6cT6a
PTIzwesrCptzddYt7XMZwF13Yq9OK7lRXM9mfga9clPo
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:55:47 2025 by rpki-client