Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/3-Ja7oUVjGguwh6QaF2yeAfwhyM.roa
File: 3-Ja7oUVjGguwh6QaF2yeAfwhyM.roa (raw, json)
Hash identifier: nrUNLtMMNN8x4oqm05IG63Gk5IknemEKbhNaDnkCTrY=
Subject key identifier: DF:E2:5A:EE:85:15:8C:68:2E:C2:1E:90:68:5D:B2:78:07:F0:87:23
Certificate issuer: /CN=3ef46116a11f11f51fc9a1d225a0bfcefdbed786
Certificate serial: 0194228D1E4929E375AC7596B174506ACFAE
Authority key identifier: 3E:F4:61:16:A1:1F:11:F5:1F:C9:A1:D2:25:A0:BF:CE:FD:BE:D7:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvRhFqEfEfUfyaHSJaC_zv2-14Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/3-Ja7oUVjGguwh6QaF2yeAfwhyM.roa
Signing time: Wed 01 Jan 2025 15:47:41 +0000
ROA not before: Wed 01 Jan 2025 15:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 185.132.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:1e:49:29:e3:75:ac:75:96:b1:74:50:6a:cf:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ef46116a11f11f51fc9a1d225a0bfcefdbed786
Validity
Not Before: Jan 1 15:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfe25aee85158c682ec21e90685db27807f08723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3b:35:18:09:e7:bd:17:2a:38:ea:89:2b:a0:
8d:c0:86:5f:13:3a:6d:26:4c:12:17:5f:3d:71:4d:
eb:d4:39:3f:71:af:c0:39:0d:e6:cf:e0:db:7f:24:
96:9e:15:87:a5:23:bb:20:b6:d3:32:ba:f3:db:bb:
45:6a:74:70:a9:11:b9:02:c1:09:13:bb:5c:50:8d:
5d:e0:6d:a1:f3:75:d6:9c:ce:35:de:1e:e6:f2:0b:
3e:ac:83:59:25:00:8c:d6:90:48:9a:d4:3a:d3:d3:
e9:98:a9:af:88:4e:11:7e:2c:94:87:98:bd:ea:11:
05:50:d8:7f:ba:d2:fc:42:c1:09:fd:34:b4:6f:2c:
ba:e4:14:8d:d6:90:25:3e:53:0d:62:fa:36:8d:8c:
fc:24:7b:f6:dc:26:bb:f5:25:a6:9c:6c:b8:7c:49:
6c:0e:72:e9:77:4d:b6:0c:fd:20:7d:03:6f:c9:35:
ae:a8:9c:0c:74:f6:0b:8a:98:03:29:49:2f:52:42:
bf:bc:ea:06:95:5b:74:0d:dc:99:2a:cd:b8:5d:4d:
17:ff:67:d7:6a:54:5d:96:21:65:f9:d8:6c:68:76:
48:d0:bd:3b:64:7b:dd:a8:52:da:96:94:4e:e6:b5:
42:8b:f1:f7:53:be:25:b6:a0:bb:92:aa:10:78:1c:
76:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E2:5A:EE:85:15:8C:68:2E:C2:1E:90:68:5D:B2:78:07:F0:87:23
X509v3 Authority Key Identifier:
keyid:3E:F4:61:16:A1:1F:11:F5:1F:C9:A1:D2:25:A0:BF:CE:FD:BE:D7:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvRhFqEfEfUfyaHSJaC_zv2-14Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/3-Ja7oUVjGguwh6QaF2yeAfwhyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/d10a1c-0ade-4bcb-bbfc-67ba7a215630/1/PvRhFqEfEfUfyaHSJaC_zv2-14Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.148.0/24
Signature Algorithm: sha256WithRSAEncryption
47:25:02:17:3d:a3:4f:74:86:62:24:b0:de:80:3e:e8:7e:1c:
ad:81:a3:fb:94:d7:35:82:5c:8e:f8:12:6a:30:7e:ec:5c:89:
56:f1:6f:6f:3b:85:54:eb:a2:26:dc:ae:c4:6e:d6:30:ae:cd:
55:57:da:3a:f0:a2:15:c2:3b:b0:39:a1:7c:e2:2d:6d:6d:da:
b7:2a:67:8d:0f:6d:fe:57:a9:14:e5:a4:1f:fa:5d:c3:98:b2:
88:d2:0e:50:13:02:d7:a8:76:c7:86:79:86:a6:94:e6:a2:c6:
bc:f9:33:ad:45:d6:c8:da:09:cb:9b:26:05:f2:c5:b1:c6:19:
cb:f9:ec:b0:4e:8f:6c:18:a2:e1:0c:25:f1:7e:8a:95:e8:ca:
fe:27:30:3f:86:0e:87:44:58:a2:2c:68:bd:81:4e:9f:22:8d:
a0:45:55:ce:1e:c5:5a:fb:c0:02:1f:0b:9f:64:13:e0:be:72:
d1:46:f0:a5:7e:5e:7a:88:73:f0:f7:5b:14:7e:6d:3e:8e:12:
79:26:cf:d2:5c:e8:96:95:e4:e9:83:74:31:b7:64:f2:09:12:
4b:b4:ae:38:55:28:92:32:48:d9:7e:98:4f:32:a4:45:d4:64:
3d:fa:a8:f5:90:c5:38:48:83:3c:25:50:6a:07:c4:30:fb:38:
ce:8d:a9:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijR5JKeN1rHWWsXRQas+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZjQ2MTE2YTExZjExZjUxZmM5YTFkMjI1YTBiZmNlZmRi
ZWQ3ODYwHhcNMjUwMTAxMTU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmUyNWFlZTg1MTU4YzY4MmVjMjFlOTA2ODVkYjI3ODA3ZjA4NzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ds1GAnnvRcqOOqJK6CNwIZfEzpt
JkwSF189cU3r1Dk/ca/AOQ3mz+DbfySWnhWHpSO7ILbTMrrz27tFanRwqRG5AsEJ
E7tcUI1d4G2h83XWnM413h7m8gs+rINZJQCM1pBImtQ609PpmKmviE4RfiyUh5i9
6hEFUNh/utL8QsEJ/TS0byy65BSN1pAlPlMNYvo2jYz8JHv23Ca79SWmnGy4fEls
DnLpd022DP0gfQNvyTWuqJwMdPYLipgDKUkvUkK/vOoGlVt0DdyZKs24XU0X/2fX
alRdliFl+dhsaHZI0L07ZHvdqFLalpRO5rVCi/H3U74ltqC7kqoQeBx2CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/iWu6FFYxoLsIekGhdsngH8IcjMB8GA1UdIwQY
MBaAFD70YRahHxH1H8mh0iWgv879vteGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHZSaEZxRWZFZlVmeWFIU0phQ196djItMTRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kMTBhMWMtMGFkZS00YmNiLWJiZmMt
NjdiYTdhMjE1NjMwLzEvMy1KYTdvVVZqR2d1d2g2UWFGMnllQWZ3aHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kMTBhMWMtMGFkZS00YmNiLWJiZmMtNjdiYTdhMjE1NjMw
LzEvUHZSaEZxRWZFZlVmeWFIU0phQ196djItMTRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYSUMA0G
CSqGSIb3DQEBCwUAA4IBAQBHJQIXPaNPdIZiJLDegD7ofhytgaP7lNc1glyO+BJq
MH7sXIlW8W9vO4VU66Im3K7EbtYwrs1VV9o68KIVwjuwOaF84i1tbdq3KmeND23+
V6kU5aQf+l3DmLKI0g5QEwLXqHbHhnmGppTmosa8+TOtRdbI2gnLmyYF8sWxxhnL
+eywTo9sGKLhDCXxfoqV6Mr+JzA/hg6HRFiiLGi9gU6fIo2gRVXOHsVa+8ACHwuf
ZBPgvnLRRvClfl56iHPw91sUfm0+jhJ5Js/SXOiWleTpg3Qxt2TyCRJLtK44VSiS
MkjZfphPMqRF1GQ9+qj1kMU4SIM8JVBqB8Qw+zjOjamo
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:05:32 2025 by rpki-client