Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/1-xYDXPXQ9Gh-lG3N5KP8gzYSmLE.roa
File: 1-xYDXPXQ9Gh-lG3N5KP8gzYSmLE.roa (raw, json)
Hash identifier: j4mwMkVQWtg+u5bCikVbsyITPYpZHdW1fyTDbEa68qU=
Subject key identifier: FB:16:03:5C:F5:D0:F4:68:7E:94:6D:CD:E4:A3:FC:83:36:12:98:B1
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5B95372E5E4C8BE3DB7E2DFB80868
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/1-xYDXPXQ9Gh-lG3N5KP8gzYSmLE.roa
Signing time: Wed 01 Jan 2025 07:47:45 +0000
ROA not before: Wed 01 Jan 2025 07:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212709
IP address blocks: 81.252.189.0/24 maxlen: 24
194.51.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b9:53:72:e5:e4:c8:be:3d:b7:e2:df:b8:08:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb16035cf5d0f4687e946dcde4a3fc83361298b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:3b:4a:84:88:d6:26:dd:b9:97:f4:7f:17:e5:
8b:f2:50:17:bf:50:9b:52:46:a8:2e:03:98:21:18:
c5:20:fc:c2:72:91:b9:87:a0:3d:1a:f8:46:13:3d:
67:3a:13:ac:73:bc:6b:cb:e0:ab:3f:0d:8b:5d:9e:
8a:32:6c:d9:1c:b2:d3:7c:19:26:8b:e8:0e:0b:f1:
f7:fb:32:55:92:2d:60:f4:a9:c0:ab:60:47:24:b1:
ca:e7:34:98:1b:42:53:65:d0:30:67:31:5c:bd:d6:
49:a1:67:b9:dd:69:4b:17:44:1c:d9:ff:d8:d2:76:
9a:2d:15:6e:69:18:e6:c7:17:33:a9:f8:ce:92:b8:
90:be:ac:b5:b8:a3:38:90:d7:2e:4c:b5:b8:81:af:
4a:ba:a3:ee:e2:05:71:02:ca:a1:9a:aa:ca:a0:cc:
f9:23:80:18:8c:b9:ad:23:d5:48:71:2c:33:78:01:
22:01:81:fa:e0:a3:4b:bc:26:21:02:39:08:d0:c7:
1e:39:00:48:e2:f3:ba:a2:34:ec:ed:e2:df:c2:06:
2d:02:14:de:b6:9c:ee:c8:42:48:bd:b0:41:52:a7:
44:40:ec:46:5c:ed:0f:35:92:4c:55:66:e7:8c:98:
b2:b7:2d:24:fc:ac:47:f7:ef:63:c8:57:f0:93:ec:
44:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:16:03:5C:F5:D0:F4:68:7E:94:6D:CD:E4:A3:FC:83:36:12:98:B1
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/1-xYDXPXQ9Gh-lG3N5KP8gzYSmLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.252.189.0/24
194.51.187.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ed:98:0d:f6:24:2b:97:ff:37:d5:3b:57:77:f1:6b:58:23:
3a:71:8f:3c:49:3f:54:2e:15:7c:3e:05:37:db:c2:46:9f:76:
17:90:ae:9a:b1:30:31:bc:71:b6:b1:52:6a:c5:14:0f:3a:bb:
50:1e:fb:f9:e0:9e:43:1a:16:0e:7b:49:5f:ca:24:f7:78:33:
85:96:ab:f1:f6:67:a2:f8:c1:e0:a0:08:ae:8d:42:32:9c:84:
4a:18:fe:26:da:24:02:64:61:57:b1:78:c6:14:fe:8e:6a:00:
0a:43:98:09:91:bf:e0:59:63:5f:08:9f:fe:0f:49:84:4a:02:
94:c9:c4:3f:96:2d:db:4e:ff:97:49:af:71:b0:91:5c:5d:52:
f5:de:f2:db:08:2e:89:3c:1c:05:bf:15:b7:5e:c6:af:69:a0:
4c:8b:47:c2:83:d0:5e:85:af:07:02:12:99:f6:44:1e:15:0a:
c6:4c:7c:fa:0d:90:e8:dc:df:d2:31:03:20:f4:5b:f3:30:b3:
36:08:7d:0f:46:99:e8:34:21:36:71:c5:03:e7:f7:b2:31:24:
d9:88:8d:94:33:fc:fe:2b:b9:b6:35:72:32:3e:5d:44:57:81:
c0:67:57:42:68:31:86:52:06:41:9e:84:30:bf:fb:52:a8:cf:
87:cf:ee:6d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQg1blTcuXkyL49t+LfuAhoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjE2MDM1Y2Y1ZDBmNDY4N2U5NDZkY2RlNGEzZmM4MzM2MTI5OGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8TtKhIjWJt25l/R/F+WL8lAXv1Cb
UkaoLgOYIRjFIPzCcpG5h6A9GvhGEz1nOhOsc7xry+CrPw2LXZ6KMmzZHLLTfBkm
i+gOC/H3+zJVki1g9KnAq2BHJLHK5zSYG0JTZdAwZzFcvdZJoWe53WlLF0Qc2f/Y
0naaLRVuaRjmxxczqfjOkriQvqy1uKM4kNcuTLW4ga9KuqPu4gVxAsqhmqrKoMz5
I4AYjLmtI9VIcSwzeAEiAYH64KNLvCYhAjkI0MceOQBI4vO6ojTs7eLfwgYtAhTe
tpzuyEJIvbBBUqdEQOxGXO0PNZJMVWbnjJiyty0k/KxH9+9jyFfwk+xECwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPsWA1z10PRofpRtzeSj/IM2EpixMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvMS14WURYUFhROUdoLWxHM041S1A4Z3pZU21MRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmEx
Mi8xL092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFH8vQME
AMIzuzANBgkqhkiG9w0BAQsFAAOCAQEATO2YDfYkK5f/N9U7V3fxa1gjOnGPPEk/
VC4VfD4FN9vCRp92F5CumrEwMbxxtrFSasUUDzq7UB77+eCeQxoWDntJX8ok93gz
hZar8fZnovjB4KAIro1CMpyEShj+JtokAmRhV7F4xhT+jmoACkOYCZG/4FljXwif
/g9JhEoClMnEP5Yt207/l0mvcbCRXF1S9d7y2wguiTwcBb8Vt17Gr2mgTItHwoPQ
XoWvBwISmfZEHhUKxkx8+g2Q6Nzf0jEDIPRb8zCzNgh9D0aZ6DQhNnHFA+f3sjEk
2YiNlDP8/iu5tjVyMj5dRFeBwGdXQmgxhlIGQZ6EML/7UqjPh8/ubQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:12:48 2025 by rpki-client