Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/3PsbAjwxXqVGdkZxEvSVP0DD-Zk.roa
File: 3PsbAjwxXqVGdkZxEvSVP0DD-Zk.roa (raw, json)
Hash identifier: Kbp3hT46ETgSSbJWXFTr+GiLfzU6WWPM010iSX06PuI=
Subject key identifier: DC:FB:1B:02:3C:31:5E:A5:46:76:46:71:12:F4:95:3F:40:C3:F9:99
Certificate issuer: /CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Certificate serial: 01942143E372879B97A55DC6D24A8C76C0D2
Authority key identifier: D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/3PsbAjwxXqVGdkZxEvSVP0DD-Zk.roa
Signing time: Wed 01 Jan 2025 09:48:04 +0000
ROA not before: Wed 01 Jan 2025 09:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 194.153.168.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:e3:72:87:9b:97:a5:5d:c6:d2:4a:8c:76:c0:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Validity
Not Before: Jan 1 09:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcfb1b023c315ea54676467112f4953f40c3f999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0a:e9:d3:77:00:c1:bd:8f:da:a4:50:79:9f:
90:86:b1:41:d6:00:a5:f2:43:21:0d:ae:31:0a:bc:
be:83:82:a1:9e:d4:b7:f4:06:8b:67:30:30:19:f5:
9d:30:8d:64:80:14:55:09:c5:d1:26:a4:ee:98:59:
21:fa:0d:3d:9e:f4:c3:2e:08:d7:8d:01:90:b2:21:
42:55:9b:73:46:8d:1a:fd:79:62:15:38:80:36:74:
33:45:33:aa:ad:ef:f0:68:9a:f6:a7:52:c7:08:7c:
96:e7:3a:c7:90:9e:c0:ec:42:6e:55:a7:02:e1:21:
6e:60:98:eb:af:4d:74:c8:4d:69:08:a3:73:ad:a9:
91:af:85:62:71:8e:ee:c9:fd:a3:7b:51:34:54:b6:
a1:5f:01:46:80:89:7b:98:07:47:55:8c:46:29:52:
12:8a:cc:ef:43:4a:45:04:d1:a8:f2:8f:7e:e8:60:
1d:1d:66:87:52:68:40:86:bc:35:88:76:ea:8f:6e:
1d:ee:06:14:14:22:c9:b8:fb:57:f9:37:31:14:2b:
9b:dd:39:53:e3:b2:a1:54:88:3f:c0:00:ec:4e:48:
f3:f8:72:0e:d4:79:9e:63:0e:9e:34:47:f2:98:c8:
4e:91:7f:b8:52:ff:98:a9:8d:07:c3:fb:eb:79:8c:
51:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FB:1B:02:3C:31:5E:A5:46:76:46:71:12:F4:95:3F:40:C3:F9:99
X509v3 Authority Key Identifier:
keyid:D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/3PsbAjwxXqVGdkZxEvSVP0DD-Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.168.0/24
Signature Algorithm: sha256WithRSAEncryption
06:8d:e7:bc:68:ec:44:f3:03:a0:cc:43:9f:46:5e:0c:db:4f:
d5:1c:9f:03:f0:c3:6a:03:41:87:32:17:2d:e6:0c:06:01:db:
9f:07:fe:92:1d:31:12:38:c2:40:45:fd:46:d2:f8:f2:33:7d:
e4:0c:cd:87:72:e9:cd:39:21:6e:7c:11:12:89:ba:99:60:bd:
00:18:37:7c:cc:3f:ff:b2:0c:3d:f7:0e:c1:35:c8:4f:67:95:
13:ab:ab:db:56:f3:c9:cd:bf:32:1f:6c:ab:df:1c:51:d6:0a:
b4:08:87:fc:fb:1b:ca:1d:70:34:bc:0a:37:5e:ec:92:0d:a1:
ba:00:24:cd:f7:e4:df:34:1b:7e:b6:c9:e7:86:a3:6e:e4:9e:
07:a6:d2:31:96:6f:83:78:44:88:4b:53:63:04:22:f4:e2:2f:
ad:fc:ad:9b:ac:b0:1d:60:b5:93:de:2b:c2:99:1a:b0:1f:0e:
ef:7e:07:c4:0b:91:20:9e:80:eb:6d:a1:07:3c:51:9b:90:21:
a0:08:32:66:9a:52:fe:e0:4a:1a:06:94:06:25:23:fb:4f:64:
b6:3a:23:56:dc:da:98:77:5b:f1:55:1f:0a:91:11:63:4c:02:
c6:7c:6f:ac:7a:eb:c9:0b:5d:5d:2f:b9:36:e4:fc:c0:57:c2:
48:66:94:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ+Nyh5uXpV3G0kqMdsDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzNiZmEwMTRiOTE5MmYyNzAwYWNhZjZmMjc5ZGJlZjhh
MGFmZjIwHhcNMjUwMTAxMDk0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2ZiMWIwMjNjMzE1ZWE1NDY3NjQ2NzExMmY0OTUzZjQwYzNmOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswrp03cAwb2P2qRQeZ+QhrFB1gCl
8kMhDa4xCry+g4KhntS39AaLZzAwGfWdMI1kgBRVCcXRJqTumFkh+g09nvTDLgjX
jQGQsiFCVZtzRo0a/XliFTiANnQzRTOqre/waJr2p1LHCHyW5zrHkJ7A7EJuVacC
4SFuYJjrr010yE1pCKNzramRr4VicY7uyf2je1E0VLahXwFGgIl7mAdHVYxGKVIS
iszvQ0pFBNGo8o9+6GAdHWaHUmhAhrw1iHbqj24d7gYUFCLJuPtX+TcxFCub3TlT
47KhVIg/wADsTkjz+HIO1HmeYw6eNEfymMhOkX+4Uv+YqY0Hw/vreYxRmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNz7GwI8MV6lRnZGcRL0lT9Aw/mZMB8GA1UdIwQY
MBaAFNgzv6AUuRkvJwCsr28nnb74oK/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEt
NWMwMTdiZDQzNjYzLzEvM1BzYkFqd3hYcVZHZGtaeEV2U1ZQMERELVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEtNWMwMTdiZDQzNjYz
LzEvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpmoMA0G
CSqGSIb3DQEBCwUAA4IBAQAGjee8aOxE8wOgzEOfRl4M20/VHJ8D8MNqA0GHMhct
5gwGAdufB/6SHTESOMJARf1G0vjyM33kDM2HcunNOSFufBESibqZYL0AGDd8zD//
sgw99w7BNchPZ5UTq6vbVvPJzb8yH2yr3xxR1gq0CIf8+xvKHXA0vAo3XuySDaG6
ACTN9+TfNBt+tsnnhqNu5J4HptIxlm+DeESIS1NjBCL04i+t/K2brLAdYLWT3ivC
mRqwHw7vfgfEC5EgnoDrbaEHPFGbkCGgCDJmmlL+4EoaBpQGJSP7T2S2OiNW3NqY
d1vxVR8KkRFjTALGfG+seuvJC11dL7k25PzAV8JIZpTM
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:25:09 2025 by rpki-client