Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/pqNDiy6DQYpScOcd1jGWH287ie4.roa
File: pqNDiy6DQYpScOcd1jGWH287ie4.roa (raw, json)
Hash identifier: 7DS8l931NGb38tRs91OKNSz5ALTOtsXekI4+an0BI7M=
Subject key identifier: A6:A3:43:8B:2E:83:41:8A:52:70:E7:1D:D6:31:96:1F:6F:3B:89:EE
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5A674758ABB62A49BD368CBCACF70
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/pqNDiy6DQYpScOcd1jGWH287ie4.roa
Signing time: Wed 01 Jan 2025 07:47:40 +0000
ROA not before: Wed 01 Jan 2025 07:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21272
IP address blocks: 81.252.173.0/24 maxlen: 24
194.2.35.0/24 maxlen: 24
217.167.147.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a6:74:75:8a:bb:62:a4:9b:d3:68:cb:ca:cf:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6a3438b2e83418a5270e71dd631961f6f3b89ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:63:28:de:d4:dc:1f:67:84:cb:33:df:b7:1e:
3d:dd:c8:34:41:f7:8e:5b:6a:f4:79:d9:46:0b:52:
54:48:1b:bc:1d:19:ce:88:ea:48:2b:a1:5c:d9:97:
0e:92:02:0c:d6:96:3e:f1:a5:46:72:22:b8:d5:2e:
a2:14:56:4d:fa:36:2f:41:a0:a7:07:1e:66:30:d1:
a7:51:8b:1f:71:a4:87:0b:df:92:8c:30:65:c8:59:
04:7d:f0:78:d9:65:67:d2:1f:f6:a5:55:6c:0d:10:
5b:1a:78:ed:33:74:ee:8a:a6:b0:12:0e:26:0d:cb:
2d:f1:27:1f:fb:21:38:01:e7:a4:6c:fe:22:d0:f6:
df:eb:78:7c:92:14:7d:df:d7:b6:ef:79:5a:52:05:
17:59:20:74:fd:3d:b8:5b:db:a9:6f:d3:ca:7b:95:
22:43:de:4a:7c:a4:a5:7e:c8:56:54:95:0a:ea:3d:
b1:e1:dc:e0:63:f5:7d:b7:86:f7:6c:f9:f3:0a:cd:
ac:71:d1:2c:36:a7:03:69:d2:ed:bd:8c:6b:f2:85:
5c:5a:ae:94:06:0c:52:a4:c2:eb:fd:74:4c:0a:e6:
5a:2c:1f:9b:2f:d8:15:1a:ba:a1:d5:1e:9c:bb:f6:
5b:df:e1:ca:24:8c:6b:d5:a4:07:bf:18:1f:7b:67:
dd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:A3:43:8B:2E:83:41:8A:52:70:E7:1D:D6:31:96:1F:6F:3B:89:EE
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/pqNDiy6DQYpScOcd1jGWH287ie4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.252.173.0/24
194.2.35.0/24
217.167.147.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:e4:ff:23:c9:cf:92:33:5d:bb:b4:2d:10:f5:64:1c:b0:65:
3a:8d:eb:3b:20:87:27:30:83:2f:bc:72:24:29:c0:d5:85:49:
82:40:c2:50:77:9d:cd:63:86:c6:55:a0:36:f4:b5:f7:b4:96:
45:65:91:1f:2e:a3:32:bd:0c:6f:45:e3:d8:51:76:93:6b:16:
0e:19:40:da:cf:f0:7a:6f:69:33:3b:5e:33:b9:c4:29:c7:ca:
3f:b3:c2:25:db:54:41:e4:86:1f:14:47:96:4a:c2:db:3e:75:
b2:cc:ae:2f:3c:f9:e2:d1:db:1e:15:49:d4:d9:bb:09:e0:08:
37:76:9d:88:2c:aa:92:83:31:0a:05:8a:25:86:96:50:e3:2c:
39:a3:a7:55:6a:90:82:b9:e6:a9:8f:da:99:7a:36:7c:cf:06:
3d:5f:df:b5:ed:0a:97:17:10:47:c6:40:b0:0b:43:e6:84:37:
5b:0c:e8:e1:8c:36:90:70:b3:12:07:ae:33:34:6b:9d:b2:73:
62:b3:13:86:8d:37:0f:d8:03:f2:6d:4f:c5:60:ee:7e:1b:05:
9b:03:74:27:f7:8b:b0:89:cc:7c:14:5c:de:fb:78:a4:0b:ce:
56:97:f1:21:4a:85:16:1d:8d:7c:86:c7:95:4a:6d:12:2d:e9:
ff:04:d9:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQg1aZ0dYq7YqSb02jLys9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmEzNDM4YjJlODM0MThhNTI3MGU3MWRkNjMxOTYxZjZmM2I4OWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WMo3tTcH2eEyzPftx493cg0QfeO
W2r0edlGC1JUSBu8HRnOiOpIK6Fc2ZcOkgIM1pY+8aVGciK41S6iFFZN+jYvQaCn
Bx5mMNGnUYsfcaSHC9+SjDBlyFkEffB42WVn0h/2pVVsDRBbGnjtM3TuiqawEg4m
Dcst8Scf+yE4AeekbP4i0Pbf63h8khR939e273laUgUXWSB0/T24W9upb9PKe5Ui
Q95KfKSlfshWVJUK6j2x4dzgY/V9t4b3bPnzCs2scdEsNqcDadLtvYxr8oVcWq6U
BgxSpMLr/XRMCuZaLB+bL9gVGrqh1R6cu/Zb3+HKJIxr1aQHvxgfe2fdzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKajQ4sug0GKUnDnHdYxlh9vO4nuMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvcHFORGl5NkRRWXBTY09jZDFqR1dIMjg3aWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUfytAwQA
wgIjAwQA2aeTMA0GCSqGSIb3DQEBCwUAA4IBAQCi5P8jyc+SM127tC0Q9WQcsGU6
jes7IIcnMIMvvHIkKcDVhUmCQMJQd53NY4bGVaA29LX3tJZFZZEfLqMyvQxvRePY
UXaTaxYOGUDaz/B6b2kzO14zucQpx8o/s8Il21RB5IYfFEeWSsLbPnWyzK4vPPni
0dseFUnU2bsJ4Ag3dp2ILKqSgzEKBYolhpZQ4yw5o6dVapCCueapj9qZejZ8zwY9
X9+17QqXFxBHxkCwC0PmhDdbDOjhjDaQcLMSB64zNGudsnNisxOGjTcP2APybU/F
YO5+GwWbA3Qn94uwicx8FFze+3ikC85Wl/EhSoUWHY18hseVSm0SLen/BNmS
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:25:47 2025 by rpki-client