Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/3dGwkRWWpILiTjLEIwVgV4YgfXQ.roa
File: 3dGwkRWWpILiTjLEIwVgV4YgfXQ.roa (raw, json)
Hash identifier: X7GuBDiiZxLUWcKwRJTyK80YMGSo7Qt/ARffBe3wJbU=
Subject key identifier: DD:D1:B0:91:15:96:A4:82:E2:4E:32:C4:23:05:60:57:86:20:7D:74
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01942445A3EDF869BA607F7D3546F05E1321
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/3dGwkRWWpILiTjLEIwVgV4YgfXQ.roa
Signing time: Wed 01 Jan 2025 23:48:51 +0000
ROA not before: Wed 01 Jan 2025 23:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200017
IP address blocks: 91.212.216.0/24 maxlen: 24
194.69.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a3:ed:f8:69:ba:60:7f:7d:35:46:f0:5e:13:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jan 1 23:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddd1b0911596a482e24e32c42305605786207d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e8:35:66:f2:21:28:44:4a:90:31:9f:c4:4f:
bb:7b:c8:f8:92:3c:c1:73:a7:b9:e6:d2:11:6d:ce:
73:10:be:2a:13:b8:e9:f4:af:81:e7:12:66:cb:a3:
1a:ea:79:49:b3:01:cb:92:db:ae:cd:9b:f6:f5:ce:
c9:6b:4a:28:79:52:b8:32:72:d5:fb:59:2f:2f:6b:
aa:b8:f8:2c:8e:a7:d2:2b:bd:d2:b1:12:fa:48:d2:
51:c4:63:60:82:59:70:74:f3:80:05:30:42:64:c4:
a5:b6:e9:62:c9:30:c9:bc:30:25:82:6f:d6:4c:32:
0c:af:d5:76:2e:94:8f:53:02:8e:92:c7:c5:18:96:
aa:26:94:a9:da:d8:81:78:2d:8e:a3:85:93:ce:d9:
1e:57:93:d2:e5:4e:72:ff:35:f7:31:79:d8:2a:f8:
9a:a4:9d:fe:ab:35:21:6e:a8:bd:d9:f6:46:fc:bd:
1a:86:37:cf:4b:c0:3b:5b:1c:6e:3d:0d:28:43:f5:
b0:ad:b5:47:52:85:ee:c2:f9:65:d4:d9:76:0d:64:
3e:c0:72:ab:d1:ac:e4:53:3f:af:76:42:d4:61:ed:
fd:e1:da:a7:ea:9a:f9:4e:36:cb:60:e9:a1:37:ef:
49:24:fe:3e:5b:c1:5f:ff:f4:37:a1:56:73:ff:cf:
fc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D1:B0:91:15:96:A4:82:E2:4E:32:C4:23:05:60:57:86:20:7D:74
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/3dGwkRWWpILiTjLEIwVgV4YgfXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.216.0/24
194.69.163.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:4c:09:d3:b6:ca:83:27:63:a9:b9:0e:8d:d1:fa:c3:19:84:
46:41:63:e6:d2:4c:53:42:d5:4c:3d:96:45:8a:ea:62:82:fb:
57:18:8a:6f:07:6f:6d:44:0e:7d:89:b0:84:11:91:7e:07:27:
b2:c9:20:96:30:16:f2:a8:5d:ec:37:4b:23:48:fa:03:ec:4b:
cf:fc:14:65:59:39:73:81:67:53:20:8f:c7:d4:41:bf:eb:0c:
53:a8:8b:ed:b2:4f:41:45:bc:1a:7e:a6:a9:6b:a3:f0:3e:97:
37:9e:fd:65:31:59:a3:bc:f9:0a:0a:af:f3:f1:d8:e9:fa:03:
29:20:16:0e:89:13:1e:82:43:ba:63:24:99:35:d3:3e:2c:82:
c1:22:51:11:98:c6:79:52:d3:b6:d0:4f:8b:88:74:9e:dc:29:
bb:88:71:39:a0:53:21:d7:ce:9a:9f:3c:48:18:5f:ea:09:89:
bd:d6:94:5d:9d:28:04:de:19:7e:96:1a:42:7a:6c:48:b4:ec:
0e:61:3a:c6:77:fe:17:7e:3a:14:f3:94:c8:d7:43:64:40:02:
7f:2c:3f:e3:66:9c:80:20:24:19:86:77:20:15:2f:26:52:e9:
c9:0d:d5:04:ad:35:40:5c:4d:87:b4:48:79:35:59:2b:3f:a0:
34:81:4c:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRaPt+Gm6YH99NUbwXhMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwMTAxMjM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQxYjA5MTE1OTZhNDgyZTI0ZTMyYzQyMzA1NjA1Nzg2MjA3ZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6eg1ZvIhKERKkDGfxE+7e8j4kjzB
c6e55tIRbc5zEL4qE7jp9K+B5xJmy6Ma6nlJswHLktuuzZv29c7Ja0ooeVK4MnLV
+1kvL2uquPgsjqfSK73SsRL6SNJRxGNggllwdPOABTBCZMSltuliyTDJvDAlgm/W
TDIMr9V2LpSPUwKOksfFGJaqJpSp2tiBeC2Oo4WTztkeV5PS5U5y/zX3MXnYKvia
pJ3+qzUhbqi92fZG/L0ahjfPS8A7WxxuPQ0oQ/WwrbVHUoXuwvll1Nl2DWQ+wHKr
0azkUz+vdkLUYe394dqn6pr5TjbLYOmhN+9JJP4+W8Ff//Q3oVZz/8/8TQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN3RsJEVlqSC4k4yxCMFYFeGIH10MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvM2RHd2tSV1dwSUxpVGpMRUl3VmdWNFlnZlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9TYAwQA
wkWjMA0GCSqGSIb3DQEBCwUAA4IBAQCuTAnTtsqDJ2OpuQ6N0frDGYRGQWPm0kxT
QtVMPZZFiupigvtXGIpvB29tRA59ibCEEZF+ByeyySCWMBbyqF3sN0sjSPoD7EvP
/BRlWTlzgWdTII/H1EG/6wxTqIvtsk9BRbwafqapa6PwPpc3nv1lMVmjvPkKCq/z
8djp+gMpIBYOiRMegkO6YySZNdM+LILBIlERmMZ5UtO20E+LiHSe3Cm7iHE5oFMh
186anzxIGF/qCYm91pRdnSgE3hl+lhpCemxItOwOYTrGd/4XfjoU85TI10NkQAJ/
LD/jZpyAICQZhncgFS8mUunJDdUErTVAXE2HtEh5NVkrP6A0gUz1
-----END CERTIFICATE-----
Generated at Thu Apr 10 10:23:49 2025 by rpki-client