Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/7e070e-7930-43c8-a66d-215c3d8f8914/1/3lo_pCiUWmi05mJb05JCWz_JfSk.roa
File: 3lo_pCiUWmi05mJb05JCWz_JfSk.roa (raw, json)
Hash identifier: gleGvRwPNjZcgfqY7x1Js8phcCdPrwhJ17FWxbQp10A=
Subject key identifier: DE:5A:3F:A4:28:94:5A:68:B4:E6:62:5B:D3:92:42:5B:3F:C9:7D:29
Certificate issuer: /CN=88796992df883be1bab2a52f45f5254ebb52b697
Certificate serial: 01CD3584
Authority key identifier: 88:79:69:92:DF:88:3B:E1:BA:B2:A5:2F:45:F5:25:4E:BB:52:B6:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iHlpkt-IO-G6sqUvRfUlTrtStpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/7e070e-7930-43c8-a66d-215c3d8f8914/1/3lo_pCiUWmi05mJb05JCWz_JfSk.roa
Signing time: Fri 11 Feb 2022 15:50:21 +0000
ROA not before: Fri 11 Feb 2022 15:50:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206
IP address blocks: 195.16.74.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30225796 (0x1cd3584)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88796992df883be1bab2a52f45f5254ebb52b697
Validity
Not Before: Feb 11 15:50:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de5a3fa428945a68b4e6625bd392425b3fc97d29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b2:56:43:10:e9:9b:86:4b:39:59:0e:99:73:
5d:1b:bf:ec:f9:90:2a:16:01:45:f7:fd:01:5b:b2:
e7:83:14:49:06:0e:2e:72:53:d8:c4:a4:ab:a1:8d:
25:1c:ad:36:59:17:db:2f:27:f6:62:8f:d5:79:15:
2d:45:d4:d2:9c:35:54:5a:03:da:4f:fd:11:e7:3b:
9a:55:ce:77:9d:48:0b:62:84:42:67:28:3a:93:6b:
e9:92:bb:22:c4:5e:c1:b1:f1:a5:b0:0d:c3:b1:bf:
d5:33:e9:7c:d2:6a:86:f6:51:df:7f:5d:55:72:3b:
b0:0a:60:94:62:64:23:60:ab:a4:ac:dc:e9:90:e2:
2a:80:55:2a:be:b9:2b:c9:09:07:e7:fa:bc:d0:bb:
32:a3:59:4d:ff:67:8e:f4:4b:7f:1f:b3:f1:d5:85:
01:62:e2:d2:fa:7d:3c:07:7d:b5:11:1b:73:be:7d:
b8:e0:2c:d1:00:36:1f:99:f0:69:da:49:7f:24:a4:
22:af:25:c0:33:28:51:12:38:98:97:69:c2:28:d1:
aa:0f:50:8d:7b:8f:b9:3c:c1:49:dc:c9:2e:79:0f:
52:c1:b6:1e:99:db:91:f8:37:da:6d:58:e5:ee:3b:
bc:76:27:5d:d7:3a:42:b4:9e:0e:29:96:10:ce:0b:
ea:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:5A:3F:A4:28:94:5A:68:B4:E6:62:5B:D3:92:42:5B:3F:C9:7D:29
X509v3 Authority Key Identifier:
keyid:88:79:69:92:DF:88:3B:E1:BA:B2:A5:2F:45:F5:25:4E:BB:52:B6:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iHlpkt-IO-G6sqUvRfUlTrtStpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7e070e-7930-43c8-a66d-215c3d8f8914/1/3lo_pCiUWmi05mJb05JCWz_JfSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7e070e-7930-43c8-a66d-215c3d8f8914/1/iHlpkt-IO-G6sqUvRfUlTrtStpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.74.0/24
Signature Algorithm: sha256WithRSAEncryption
56:55:3e:e9:29:19:75:21:1a:9f:40:a0:10:d9:b9:bb:04:0a:
4d:c9:b7:7d:e0:7a:6e:ba:05:52:36:96:15:d5:f5:3c:bd:e5:
20:f8:9b:02:e2:3c:01:e4:3b:63:d2:01:58:8d:e0:f9:a2:57:
71:48:7d:00:3d:61:35:00:80:41:d2:c7:12:9c:30:8c:14:f6:
ad:fc:5f:f8:84:74:90:a4:f4:7a:70:3e:52:07:b1:83:fe:ac:
30:19:2a:10:80:dd:ab:88:cd:7a:f2:70:6e:a7:1c:b9:74:48:
83:d2:69:68:64:11:5e:7f:a1:bd:7d:b7:ca:bd:b6:32:31:17:
40:ed:97:d2:cf:28:f9:6a:7e:36:00:32:34:b5:1c:49:00:0f:
38:c6:b1:c1:5a:34:3b:0a:34:05:86:36:92:b5:6f:2b:a5:57:
72:40:99:e5:5f:fc:49:d0:9b:e8:e9:9b:06:86:c6:9b:ab:25:
35:6d:8b:58:20:1e:f6:16:cc:8e:a0:bd:e6:a8:69:02:e6:05:
8c:61:83:1e:81:41:7d:fb:24:4e:2d:47:02:cc:1b:64:73:0d:
cb:05:c3:8e:10:d8:80:97:53:5d:a0:8f:ce:a1:e8:71:f5:d0:
6b:56:3b:4d:8e:80:34:ff:bd:8d:85:4c:af:66:24:c4:80:f2:
58:ed:b9:5f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAc01hDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODc5Njk5MmRmODgzYmUxYmFiMmE1MmY0NWY1MjU0ZWJiNTJiNjk3MB4XDTIyMDIx
MTE1NTAyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGU1YTNmYTQyODk0
NWE2OGI0ZTY2MjViZDM5MjQyNWIzZmM5N2QyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiyVkMQ6ZuGSzlZDplzXRu/7PmQKhYBRff9AVuy54MUSQYO
LnJT2MSkq6GNJRytNlkX2y8n9mKP1XkVLUXU0pw1VFoD2k/9Eec7mlXOd51IC2KE
QmcoOpNr6ZK7IsRewbHxpbANw7G/1TPpfNJqhvZR339dVXI7sApglGJkI2CrpKzc
6ZDiKoBVKr65K8kJB+f6vNC7MqNZTf9njvRLfx+z8dWFAWLi0vp9PAd9tREbc759
uOAs0QA2H5nwadpJfySkIq8lwDMoURI4mJdpwijRqg9QjXuPuTzBSdzJLnkPUsG2
Hpnbkfg32m1Y5e47vHYnXdc6QrSeDimWEM4L6oMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTeWj+kKJRaaLTmYlvTkkJbP8l9KTAfBgNVHSMEGDAWgBSIeWmS34g74bqy
pS9F9SVOu1K2lzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lIbHBrdC1JTy1HNnNxVXZSZlVsVHJ0U3RwYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvN2UwNzBlLTc5MzAtNDNjOC1hNjZkLTIxNWMzZDhmODkxNC8x
LzNsb19wQ2lVV21pMDVtSmIwNUpDV3pfSmZTay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
N2UwNzBlLTc5MzAtNDNjOC1hNjZkLTIxNWMzZDhmODkxNC8xL2lIbHBrdC1JTy1H
NnNxVXZSZlVsVHJ0U3RwYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMQSjANBgkqhkiG9w0BAQsFAAOC
AQEAVlU+6SkZdSEan0CgENm5uwQKTcm3feB6broFUjaWFdX1PL3lIPibAuI8AeQ7
Y9IBWI3g+aJXcUh9AD1hNQCAQdLHEpwwjBT2rfxf+IR0kKT0enA+Ugexg/6sMBkq
EIDdq4jNevJwbqccuXRIg9JpaGQRXn+hvX23yr22MjEXQO2X0s8o+Wp+NgAyNLUc
SQAPOMaxwVo0Owo0BYY2krVvK6VXckCZ5V/8SdCb6OmbBobGm6slNW2LWCAe9hbM
jqC95qhpAuYFjGGDHoFBffskTi1HAswbZHMNywXDjhDYgJdTXaCPzqHocfXQa1Y7
TY6ANP+9jYVMr2YkxIDyWO25Xw==
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:58:57 2025 by rpki-client