Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/K3t9uiMT3pdcNT-y1LibRFytIdI.roa
File: K3t9uiMT3pdcNT-y1LibRFytIdI.roa (raw, json)
Hash identifier: GuP3GRBxNbproaFPzzE3XIeahhhTEN2jEs7iFNPrujs=
Subject key identifier: 2B:7B:7D:BA:23:13:DE:97:5C:35:3F:B2:D4:B8:9B:44:5C:AD:21:D2
Certificate issuer: /CN=34958a58d17cab8ff9a79156f66bed5a78799f7e
Certificate serial: 01942747418A78ABCBD55EFBBC4244DB756D
Authority key identifier: 34:95:8A:58:D1:7C:AB:8F:F9:A7:91:56:F6:6B:ED:5A:78:79:9F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJWKWNF8q4_5p5FW9mvtWnh5n34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/K3t9uiMT3pdcNT-y1LibRFytIdI.roa
Signing time: Thu 02 Jan 2025 13:49:28 +0000
ROA not before: Thu 02 Jan 2025 13:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39122
IP address blocks: 85.159.16.0/21 maxlen: 21
2a01:4d8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:41:8a:78:ab:cb:d5:5e:fb:bc:42:44:db:75:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34958a58d17cab8ff9a79156f66bed5a78799f7e
Validity
Not Before: Jan 2 13:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b7b7dba2313de975c353fb2d4b89b445cad21d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fe:06:9e:53:c1:29:89:04:2c:44:e2:be:ce:
08:5a:e1:e3:36:40:7e:6e:8b:32:38:07:6d:45:b0:
f5:a4:cf:de:68:1f:89:9b:4d:5a:03:8a:d1:1b:33:
31:67:82:eb:eb:09:ff:a4:5c:5a:85:87:98:56:e9:
f6:c7:ab:54:17:f2:b4:c7:bf:8a:e1:08:41:da:28:
df:d0:8a:ad:20:b3:40:2b:9a:f1:82:d3:5f:25:37:
70:60:05:b6:db:54:ff:5a:5f:af:a3:5c:ff:af:e6:
73:32:d9:d8:62:ef:cd:69:a9:f7:2c:0b:11:ff:6b:
9d:2c:46:05:66:af:0d:49:26:98:1a:29:f4:36:b3:
b3:04:37:d5:ad:c4:99:fd:d2:47:0e:94:08:72:93:
aa:13:cd:65:b8:7d:2b:44:03:af:98:32:89:0b:4b:
08:4c:02:6c:fb:75:c0:0a:74:ed:45:6a:17:ab:d8:
26:9a:db:7c:44:f4:74:aa:a2:50:12:9a:ba:00:e6:
6b:2b:a5:af:11:49:79:0e:8f:b4:f9:6a:62:12:ef:
82:6a:5c:d4:37:e9:27:d5:19:48:6b:14:20:2e:05:
13:d6:24:39:a5:3e:fc:66:6b:5c:ac:8f:4c:b4:5b:
8d:b4:ad:47:6d:13:6a:c6:0e:1b:12:25:4d:ec:47:
42:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:7B:7D:BA:23:13:DE:97:5C:35:3F:B2:D4:B8:9B:44:5C:AD:21:D2
X509v3 Authority Key Identifier:
keyid:34:95:8A:58:D1:7C:AB:8F:F9:A7:91:56:F6:6B:ED:5A:78:79:9F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJWKWNF8q4_5p5FW9mvtWnh5n34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/K3t9uiMT3pdcNT-y1LibRFytIdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/NJWKWNF8q4_5p5FW9mvtWnh5n34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.16.0/21
IPv6:
2a01:4d8::/32
Signature Algorithm: sha256WithRSAEncryption
28:c4:4a:ff:58:36:ba:a4:51:42:46:4b:d8:de:fe:15:7e:9a:
14:52:1e:23:9a:35:6a:f5:84:75:76:2d:19:16:e3:1a:3c:20:
df:b9:e4:b1:d7:c2:1d:a9:f4:5d:bd:22:1c:99:b7:9b:87:8e:
f9:3c:50:c7:7e:bf:c3:e3:a1:9d:73:0a:6b:a4:16:40:3b:6d:
38:50:90:a5:36:7c:4c:6a:10:f6:8a:fc:ff:c3:e9:33:d3:72:
a8:f2:d0:61:27:0c:97:76:fb:5a:d9:19:78:5c:83:14:54:46:
4e:06:86:ec:f9:26:86:10:86:e8:d0:12:33:81:79:09:5c:cc:
02:fe:fc:f4:25:42:1a:96:5c:9c:8d:48:a0:5b:f6:ad:62:57:
02:c2:eb:fd:16:88:59:01:c5:8a:a5:57:9a:28:a5:23:5a:31:
a1:66:81:a6:45:4c:13:fc:6e:54:61:ba:b5:99:64:c2:6f:c4:
4e:1f:c5:30:12:b2:e1:88:5f:a7:6f:a0:26:15:f4:6f:d4:43:
7d:c9:6c:77:5d:e1:02:a0:a6:e0:7d:f5:68:aa:76:a9:68:90:
ea:1d:34:b3:75:c4:92:85:6f:ba:e8:0e:8d:36:39:97:f0:dc:
f1:ee:83:5e:d9:dd:f1:16:c2:62:c2:c5:22:f4:2f:d8:ec:6f:
67:b7:92:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnR0GKeKvL1V77vEJE23VtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTU4YTU4ZDE3Y2FiOGZmOWE3OTE1NmY2NmJlZDVhNzg3
OTlmN2UwHhcNMjUwMTAyMTM0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjdiN2RiYTIzMTNkZTk3NWMzNTNmYjJkNGI4OWI0NDVjYWQyMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv4GnlPBKYkELETivs4IWuHjNkB+
bosyOAdtRbD1pM/eaB+Jm01aA4rRGzMxZ4Lr6wn/pFxahYeYVun2x6tUF/K0x7+K
4QhB2ijf0IqtILNAK5rxgtNfJTdwYAW221T/Wl+vo1z/r+ZzMtnYYu/Naan3LAsR
/2udLEYFZq8NSSaYGin0NrOzBDfVrcSZ/dJHDpQIcpOqE81luH0rRAOvmDKJC0sI
TAJs+3XACnTtRWoXq9gmmtt8RPR0qqJQEpq6AOZrK6WvEUl5Do+0+WpiEu+CalzU
N+kn1RlIaxQgLgUT1iQ5pT78ZmtcrI9MtFuNtK1HbRNqxg4bEiVN7EdCeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCt7fbojE96XXDU/stS4m0RcrSHSMB8GA1UdIwQY
MBaAFDSViljRfKuP+aeRVvZr7Vp4eZ9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpXS1dORjhxNF81cDVGVzltdnRXbmg1bjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kNmM1MjUtNGEzOS00ZGI4LThjNWQt
NDY4MTA2MTM1MzhhLzEvSzN0OXVpTVQzcGRjTlQteTFMaWJSRnl0SWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kNmM1MjUtNGEzOS00ZGI4LThjNWQtNDY4MTA2MTM1Mzhh
LzEvTkpXS1dORjhxNF81cDVGVzltdnRXbmg1bjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDVZ8QMA0E
AgACMAcDBQAqAQTYMA0GCSqGSIb3DQEBCwUAA4IBAQAoxEr/WDa6pFFCRkvY3v4V
fpoUUh4jmjVq9YR1di0ZFuMaPCDfueSx18IdqfRdvSIcmbebh475PFDHfr/D46Gd
cwprpBZAO204UJClNnxMahD2ivz/w+kz03Ko8tBhJwyXdvta2Rl4XIMUVEZOBobs
+SaGEIbo0BIzgXkJXMwC/vz0JUIallycjUigW/atYlcCwuv9FohZAcWKpVeaKKUj
WjGhZoGmRUwT/G5UYbq1mWTCb8ROH8UwErLhiF+nb6AmFfRv1EN9yWx3XeECoKbg
ffVoqnapaJDqHTSzdcSShW+66A6NNjmX8Nzx7oNe2d3xFsJiwsUi9C/Y7G9nt5Ij
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:03:09 2025 by rpki-client