Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/3Gi7K5otbF8YAPl6ViRUI8XiRNU.roa
File: 3Gi7K5otbF8YAPl6ViRUI8XiRNU.roa (raw, json)
Hash identifier: aFHAU+eeRwSzWLG9T2U4VKkPQW4ZT7Ys728VZHAX80s=
Subject key identifier: DC:68:BB:2B:9A:2D:6C:5F:18:00:F9:7A:56:24:54:23:C5:E2:44:D5
Certificate issuer: /CN=3ee5a1dd0cee874c06e1ea1f72827d97cbc67187
Certificate serial: 019420685DBE132CCDF19A067649819F5C2B
Authority key identifier: 3E:E5:A1:DD:0C:EE:87:4C:06:E1:EA:1F:72:82:7D:97:CB:C6:71:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/3Gi7K5otbF8YAPl6ViRUI8XiRNU.roa
Signing time: Wed 01 Jan 2025 05:48:18 +0000
ROA not before: Wed 01 Jan 2025 05:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198611
IP address blocks: 91.231.205.0/24 maxlen: 24
91.237.68.0/24 maxlen: 24
91.237.69.0/24 maxlen: 24
91.237.70.0/24 maxlen: 24
91.237.71.0/24 maxlen: 24
2001:67c:16f8::/48 maxlen: 48
2001:67c:2ad8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5d:be:13:2c:cd:f1:9a:06:76:49:81:9f:5c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee5a1dd0cee874c06e1ea1f72827d97cbc67187
Validity
Not Before: Jan 1 05:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc68bb2b9a2d6c5f1800f97a56245423c5e244d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:22:bf:45:8e:bc:e3:d2:a6:0d:87:21:61:63:
d8:c1:99:87:e6:f2:7e:fc:28:a8:4b:da:32:0a:97:
53:5b:80:ff:b0:60:19:db:ca:8e:bc:51:64:95:6e:
34:4c:e4:c4:0a:9c:2e:8d:fb:ee:0d:3c:ef:58:0b:
1a:bf:f3:10:89:2e:06:38:31:b5:11:28:f1:3f:56:
f3:1f:d5:c5:72:c1:a9:93:6e:70:62:f1:44:1a:32:
8b:b9:d1:2f:98:05:b4:24:0e:23:f5:8c:82:1e:7b:
7e:ae:c5:08:15:a5:93:0c:f5:04:e6:e0:d6:02:47:
b5:bc:4f:57:12:0d:a8:52:df:f3:54:c2:98:37:c5:
07:49:fa:26:01:2e:38:78:84:48:ed:71:b8:41:9c:
e9:83:26:f0:3f:0a:29:1d:7b:56:22:29:7c:b0:6f:
5d:aa:d6:52:19:2a:5a:dc:5b:c7:cc:5d:3b:9f:dd:
36:50:5b:f7:b0:2d:0c:a6:64:88:1c:fc:53:33:8f:
92:af:2a:2f:db:31:27:22:14:de:d9:78:e2:14:37:
39:36:33:9b:92:1d:75:35:43:76:d6:6e:95:57:ad:
4e:8a:da:ac:f4:05:88:d6:58:cb:df:b2:7c:17:26:
59:64:da:e2:89:92:9f:5c:90:00:a7:28:43:72:e5:
86:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:68:BB:2B:9A:2D:6C:5F:18:00:F9:7A:56:24:54:23:C5:E2:44:D5
X509v3 Authority Key Identifier:
keyid:3E:E5:A1:DD:0C:EE:87:4C:06:E1:EA:1F:72:82:7D:97:CB:C6:71:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/3Gi7K5otbF8YAPl6ViRUI8XiRNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/95ffd9-19d3-4517-8c47-c61661d1b71b/1/PuWh3Qzuh0wG4eofcoJ9l8vGcYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.205.0/24
91.237.68.0/22
IPv6:
2001:67c:16f8::/48
2001:67c:2ad8::/48
Signature Algorithm: sha256WithRSAEncryption
92:35:8a:3b:0a:b8:25:68:c8:b9:e2:8a:49:ae:ab:e7:65:c1:
ee:ec:3b:f0:b9:52:88:82:d9:8a:09:b2:43:7e:eb:86:b9:0f:
f3:cb:f3:24:7f:6e:a0:d9:bc:7e:79:19:46:26:e0:3b:0e:27:
cb:62:e1:af:1b:74:8a:ae:33:9c:4b:e6:ed:a7:72:b6:79:02:
54:a9:1b:72:52:1e:a1:65:d3:a5:7f:e1:45:dc:52:9a:05:75:
ec:1b:68:90:44:74:09:c2:74:a8:14:4f:27:9d:99:e7:a6:e0:
1e:87:be:d0:f3:86:50:3e:fd:56:ee:62:c2:e9:10:80:f8:6f:
c3:b0:49:cf:32:1e:8f:84:40:82:4a:97:5e:f8:bb:d0:b8:2f:
e2:34:27:08:52:d6:f8:6b:11:8c:9c:1f:56:63:61:c1:c3:7d:
40:0f:1d:e5:9c:9e:c3:e0:bb:d0:cb:6b:95:77:ce:15:07:17:
5f:5f:21:fa:a5:85:a3:b8:d1:60:0c:16:a1:d2:a5:b3:73:b5:
f3:f8:bd:34:47:49:3a:93:4c:39:63:db:e9:07:7c:8e:5e:48:
0b:a0:bd:77:00:a0:96:d3:09:83:60:58:f6:b5:1e:17:c1:76:
58:a9:f0:66:57:4b:78:9d:fe:02:08:32:7d:94:84:88:3a:6c:
d7:61:01:4b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQgaF2+EyzN8ZoGdkmBn1wrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTVhMWRkMGNlZTg3NGMwNmUxZWExZjcyODI3ZDk3Y2Jj
NjcxODcwHhcNMjUwMTAxMDU0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzY4YmIyYjlhMmQ2YzVmMTgwMGY5N2E1NjI0NTQyM2M1ZTI0NGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniK/RY6849KmDYchYWPYwZmH5vJ+
/CioS9oyCpdTW4D/sGAZ28qOvFFklW40TOTECpwujfvuDTzvWAsav/MQiS4GODG1
ESjxP1bzH9XFcsGpk25wYvFEGjKLudEvmAW0JA4j9YyCHnt+rsUIFaWTDPUE5uDW
Ake1vE9XEg2oUt/zVMKYN8UHSfomAS44eIRI7XG4QZzpgybwPwopHXtWIil8sG9d
qtZSGSpa3FvHzF07n902UFv3sC0MpmSIHPxTM4+Sryov2zEnIhTe2XjiFDc5NjOb
kh11NUN21m6VV61Oitqs9AWI1ljL37J8FyZZZNriiZKfXJAApyhDcuWGkQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNxouyuaLWxfGAD5elYkVCPF4kTVMB8GA1UdIwQY
MBaAFD7lod0M7odMBuHqH3KCfZfLxnGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVXaDNRenVoMHdHNGVvZmNvSjlsOHZHY1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny85NWZmZDktMTlkMy00NTE3LThjNDct
YzYxNjYxZDFiNzFiLzEvM0dpN0s1b3RiRjhZQVBsNlZpUlVJOFhpUk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny85NWZmZDktMTlkMy00NTE3LThjNDctYzYxNjYxZDFiNzFi
LzEvUHVXaDNRenVoMHdHNGVvZmNvSjlsOHZHY1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAW+fNAwQC
W+1EMBgEAgACMBIDBwAgAQZ8FvgDBwAgAQZ8KtgwDQYJKoZIhvcNAQELBQADggEB
AJI1ijsKuCVoyLniikmuq+dlwe7sO/C5UoiC2YoJskN+64a5D/PL8yR/bqDZvH55
GUYm4DsOJ8ti4a8bdIquM5xL5u2ncrZ5AlSpG3JSHqFl06V/4UXcUpoFdewbaJBE
dAnCdKgUTyedmeem4B6HvtDzhlA+/VbuYsLpEID4b8OwSc8yHo+EQIJKl174u9C4
L+I0JwhS1vhrEYycH1ZjYcHDfUAPHeWcnsPgu9DLa5V3zhUHF19fIfqlhaO40WAM
FqHSpbNztfP4vTRHSTqTTDlj2+kHfI5eSAugvXcAoJbTCYNgWPa1HhfBdlip8GZX
S3id/gIIMn2UhIg6bNdhAUs=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:57 2025 by rpki-client