Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/b03cbb-0c6a-4c93-9a57-582de629fac2/1/3mfQNKuDmMEBkVZwijYLNI4FHF0.roa
File: 3mfQNKuDmMEBkVZwijYLNI4FHF0.roa (raw, json)
Hash identifier: j6wqLaahR2c9DPGN7x2JlhslT1RmLEW0srXZP7VaQ2M=
Subject key identifier: DE:67:D0:34:AB:83:98:C1:01:91:56:70:8A:36:0B:34:8E:05:1C:5D
Certificate issuer: /CN=1de4ff0f7dd60c9d504d56c7b4acacd4734e8dbe
Certificate serial: 01856C2EDA46FA2BE13B2F6D2D6658BB555C
Authority key identifier: 1D:E4:FF:0F:7D:D6:0C:9D:50:4D:56:C7:B4:AC:AC:D4:73:4E:8D:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HeT_D33WDJ1QTVbHtKys1HNOjb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/b03cbb-0c6a-4c93-9a57-582de629fac2/1/3mfQNKuDmMEBkVZwijYLNI4FHF0.roa
Signing time: Sun 01 Jan 2023 07:14:47 +0000
ROA not before: Sun 01 Jan 2023 07:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61255
IP address blocks: 5.250.191.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:2e:da:46:fa:2b:e1:3b:2f:6d:2d:66:58:bb:55:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1de4ff0f7dd60c9d504d56c7b4acacd4734e8dbe
Validity
Not Before: Jan 1 07:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de67d034ab8398c1019156708a360b348e051c5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e8:d4:f8:5e:0f:f5:f4:cc:88:82:38:21:2c:
9d:22:50:59:b4:b5:bd:b4:2a:6a:a1:38:f5:ec:22:
36:76:20:5f:45:c8:61:e8:ec:59:dd:65:63:b2:31:
77:22:7c:28:62:23:be:27:5f:03:b1:73:06:c7:b7:
18:7c:1f:4c:09:a8:36:e4:0c:21:10:14:24:4a:3b:
b2:54:5f:60:d8:11:2f:9c:72:ed:b1:52:85:1b:ec:
a8:24:4d:b3:1e:98:87:63:89:5f:cb:3d:a2:16:61:
e4:25:fc:d1:7c:d7:3e:9b:a1:fa:15:9b:e6:60:ba:
9f:2c:12:07:de:d8:31:22:f1:b7:97:75:26:a1:e4:
be:2d:76:40:ae:e5:c0:99:96:9c:b8:be:ec:26:2d:
aa:19:a1:25:f7:70:54:a3:5c:d3:59:73:8a:dc:81:
8a:08:06:d9:cc:cb:53:5f:65:09:77:45:50:8f:11:
17:09:1d:a1:4e:49:71:3a:aa:4d:37:0e:f5:38:a3:
3f:a2:8d:b1:e2:ea:89:44:27:8d:d2:6a:ee:54:cb:
a9:ba:df:0b:f0:4b:f2:c2:40:9c:0f:a8:f2:e9:4e:
2e:73:09:d7:7f:d7:63:a0:06:62:89:f8:cb:91:a7:
25:b1:de:91:f6:92:68:e0:98:13:c4:71:49:43:34:
81:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:67:D0:34:AB:83:98:C1:01:91:56:70:8A:36:0B:34:8E:05:1C:5D
X509v3 Authority Key Identifier:
keyid:1D:E4:FF:0F:7D:D6:0C:9D:50:4D:56:C7:B4:AC:AC:D4:73:4E:8D:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HeT_D33WDJ1QTVbHtKys1HNOjb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b03cbb-0c6a-4c93-9a57-582de629fac2/1/3mfQNKuDmMEBkVZwijYLNI4FHF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b03cbb-0c6a-4c93-9a57-582de629fac2/1/HeT_D33WDJ1QTVbHtKys1HNOjb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.191.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:26:66:ce:f4:02:b7:e0:2c:59:16:6c:5c:f8:a9:8b:e9:43:
b9:e1:d3:4f:a3:a9:a4:ff:f2:02:e0:f6:48:9f:a9:e8:fb:13:
d5:e0:94:f6:4b:0c:38:a7:ee:7d:3d:77:f2:5b:ab:5a:68:f5:
5b:86:2b:18:e8:48:94:62:d0:e9:d0:da:d3:9f:f4:b4:7e:fb:
9a:f5:b5:eb:59:ff:80:45:da:5d:0d:c7:33:2a:56:ad:a0:51:
f9:ca:e7:58:eb:e3:75:ab:18:6c:5a:af:7f:7a:91:b7:a3:ef:
e4:1a:89:00:29:92:3c:3a:79:4d:6e:5d:53:83:db:b5:11:6f:
85:32:fd:22:bb:0f:1a:6d:69:0a:a8:31:98:57:4c:7e:1c:3e:
04:00:1b:66:e5:fe:e1:99:95:39:d3:87:6e:42:99:47:f3:67:
b6:05:cd:7c:4a:25:1b:7f:1e:49:3a:40:fa:a1:9d:bc:70:d2:
75:a7:39:e0:18:81:1b:b4:a1:24:d4:5d:c4:ab:fb:bb:34:f6:
1b:e1:09:d8:4f:f5:7c:9f:80:c2:93:ab:76:ad:cd:8b:7b:81:
0f:00:e3:99:cd:2a:00:19:c0:94:18:3b:a2:eb:1b:fa:a5:48:
e4:8d:62:85:dd:e4:46:ef:02:9a:58:e8:cf:df:f5:04:83:4f:
eb:21:26:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsLtpG+ivhOy9tLWZYu1VcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZTRmZjBmN2RkNjBjOWQ1MDRkNTZjN2I0YWNhY2Q0NzM0
ZThkYmUwHhcNMjMwMTAxMDcxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTY3ZDAzNGFiODM5OGMxMDE5MTU2NzA4YTM2MGIzNDhlMDUxYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+jU+F4P9fTMiII4ISydIlBZtLW9
tCpqoTj17CI2diBfRchh6OxZ3WVjsjF3InwoYiO+J18DsXMGx7cYfB9MCag25Awh
EBQkSjuyVF9g2BEvnHLtsVKFG+yoJE2zHpiHY4lfyz2iFmHkJfzRfNc+m6H6FZvm
YLqfLBIH3tgxIvG3l3UmoeS+LXZAruXAmZacuL7sJi2qGaEl93BUo1zTWXOK3IGK
CAbZzMtTX2UJd0VQjxEXCR2hTklxOqpNNw71OKM/oo2x4uqJRCeN0mruVMuput8L
8EvywkCcD6jy6U4ucwnXf9djoAZiifjLkaclsd6R9pJo4JgTxHFJQzSBCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5n0DSrg5jBAZFWcIo2CzSOBRxdMB8GA1UdIwQY
MBaAFB3k/w991gydUE1Wx7SsrNRzTo2+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGVUX0QzM1dESjFRVFZiSHRLeXMxSE5PamI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9iMDNjYmItMGM2YS00YzkzLTlhNTct
NTgyZGU2MjlmYWMyLzEvM21mUU5LdURtTUVCa1Zad2lqWUxOSTRGSEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9iMDNjYmItMGM2YS00YzkzLTlhNTctNTgyZGU2MjlmYWMy
LzEvSGVUX0QzM1dESjFRVFZiSHRLeXMxSE5PamI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABfq/MA0G
CSqGSIb3DQEBCwUAA4IBAQBvJmbO9AK34CxZFmxc+KmL6UO54dNPo6mk//IC4PZI
n6no+xPV4JT2Sww4p+59PXfyW6taaPVbhisY6EiUYtDp0NrTn/S0fvua9bXrWf+A
RdpdDcczKlatoFH5yudY6+N1qxhsWq9/epG3o+/kGokAKZI8OnlNbl1Tg9u1EW+F
Mv0iuw8abWkKqDGYV0x+HD4EABtm5f7hmZU504duQplH82e2Bc18SiUbfx5JOkD6
oZ28cNJ1pzngGIEbtKEk1F3Eq/u7NPYb4QnYT/V8n4DCk6t2rc2Le4EPAOOZzSoA
GcCUGDui6xv6pUjkjWKF3eRG7wKaWOjP3/UEg0/rISZv
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:00 2025 by rpki-client