Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_0ovFdujdQQiv5PGOTEZUqPrVwc.roa
File: _0ovFdujdQQiv5PGOTEZUqPrVwc.roa (raw, json)
Hash identifier: MSJZIIfO51NXzfzwzhtgU94M/kcknl+1Zh6aVOHeHj4=
Subject key identifier: FF:4A:2F:15:DB:A3:75:04:22:BF:93:C6:39:31:19:52:A3:EB:57:07
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01956244F2EE43818B1486F33A0E718A69E5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_0ovFdujdQQiv5PGOTEZUqPrVwc.roa
Signing time: Tue 04 Mar 2025 17:47:20 +0000
ROA not before: Tue 04 Mar 2025 17:47:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210538
IP address blocks: 82.153.241.0/24 maxlen: 24
89.213.56.0/24 maxlen: 24
89.213.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:62:44:f2:ee:43:81:8b:14:86:f3:3a:0e:71:8a:69:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 4 17:47:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff4a2f15dba3750422bf93c639311952a3eb5707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:9c:b0:3d:a8:8b:9f:87:88:e6:6b:6c:e2:99:
e7:7d:c6:3c:46:5a:60:a2:26:65:9e:48:24:95:be:
8d:57:32:c9:a1:b7:18:13:55:2e:7f:9b:32:30:a6:
d6:ac:62:e3:e8:29:4a:1d:7c:c6:fa:bf:65:cd:e1:
a6:ab:81:70:a7:b2:fa:90:7f:53:7f:4b:52:3e:8b:
4d:e3:ed:43:36:5d:a8:4f:3a:c0:96:33:4f:4c:0f:
a9:47:33:2d:0d:dd:83:46:b7:c7:16:37:bf:0b:6a:
af:39:2a:03:19:78:f3:bc:b6:20:05:b2:64:46:fd:
fe:14:c2:92:ed:03:b1:64:fb:16:67:63:49:a7:0d:
ab:8d:a4:25:b6:67:45:b2:c1:35:17:32:dd:00:21:
b2:f8:3a:22:06:6e:52:e5:5d:a5:1e:48:47:bb:1a:
dc:18:81:38:ce:7b:2e:37:11:47:b7:e7:aa:18:a5:
86:dc:d7:05:13:40:3c:d1:94:33:47:f7:ab:8d:9b:
48:75:c5:f0:61:c3:d4:f2:40:05:04:f4:23:b9:c7:
2b:bf:31:8f:45:5e:52:5c:66:c7:7c:60:9b:e8:d9:
88:d2:ea:ca:ce:a5:0c:ef:90:0c:af:47:07:f6:1c:
5e:ab:a9:89:d3:67:9a:ac:c4:8a:06:51:66:f1:c5:
62:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:4A:2F:15:DB:A3:75:04:22:BF:93:C6:39:31:19:52:A3:EB:57:07
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_0ovFdujdQQiv5PGOTEZUqPrVwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.241.0/24
89.213.56.0/24
89.213.248.0/24
Signature Algorithm: sha256WithRSAEncryption
25:63:a0:12:0a:f3:d4:84:bb:8d:3a:e8:47:90:41:ca:ea:9f:
1a:27:16:d6:0c:e1:e1:5b:f3:70:f1:93:71:6d:a3:45:be:85:
54:0f:0f:78:2e:de:d3:bc:f2:39:38:a6:6f:04:2e:63:3b:8c:
b9:76:e4:1e:24:f3:fc:3d:3b:a6:40:cc:d0:24:ce:fc:df:94:
c4:fa:ce:b6:64:d4:6b:1a:1f:5b:e5:44:c2:b0:c4:d5:18:58:
81:17:d7:43:38:00:a0:29:b1:9f:8e:84:fc:72:7b:0c:84:98:
a4:6a:94:7e:a9:66:ac:01:fe:be:61:1b:e2:26:c6:85:f5:63:
69:2f:c9:5c:b4:e7:82:c1:dd:70:29:0b:24:81:d5:01:ec:08:
ab:ca:7d:08:68:4b:ea:db:6c:69:e4:d3:30:22:70:3d:b3:59:
b2:60:9c:8c:12:fd:b7:f5:9a:fe:90:1d:d2:0b:72:45:e4:7c:
fc:60:67:39:d3:4b:e2:bb:52:6e:97:ba:00:a7:cf:e8:89:9d:
d6:d9:4d:49:bd:7a:c6:4c:3d:6d:2e:df:78:6d:20:71:4c:3d:
55:87:cb:d0:3c:cb:7a:77:77:0d:1f:21:74:db:d5:e3:7d:28:
5b:15:33:a3:c6:78:0e:f2:ee:c1:bf:c6:eb:ce:1a:b3:3f:30:
dd:66:78:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZViRPLuQ4GLFIbzOg5ximnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzA0MTc0NzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjRhMmYxNWRiYTM3NTA0MjJiZjkzYzYzOTMxMTk1MmEzZWI1NzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JywPaiLn4eI5mts4pnnfcY8Rlpg
oiZlnkgklb6NVzLJobcYE1Uuf5syMKbWrGLj6ClKHXzG+r9lzeGmq4Fwp7L6kH9T
f0tSPotN4+1DNl2oTzrAljNPTA+pRzMtDd2DRrfHFje/C2qvOSoDGXjzvLYgBbJk
Rv3+FMKS7QOxZPsWZ2NJpw2rjaQltmdFssE1FzLdACGy+DoiBm5S5V2lHkhHuxrc
GIE4znsuNxFHt+eqGKWG3NcFE0A80ZQzR/erjZtIdcXwYcPU8kAFBPQjuccrvzGP
RV5SXGbHfGCb6NmI0urKzqUM75AMr0cH9hxeq6mJ02earMSKBlFm8cViiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP9KLxXbo3UEIr+TxjkxGVKj61cHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvXzBvdkZkdWpkUVFpdjVQR09URVpVcVByVndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpnxAwQA
WdU4AwQAWdX4MA0GCSqGSIb3DQEBCwUAA4IBAQAlY6ASCvPUhLuNOuhHkEHK6p8a
JxbWDOHhW/Nw8ZNxbaNFvoVUDw94Lt7TvPI5OKZvBC5jO4y5duQeJPP8PTumQMzQ
JM7835TE+s62ZNRrGh9b5UTCsMTVGFiBF9dDOACgKbGfjoT8cnsMhJikapR+qWas
Af6+YRviJsaF9WNpL8lctOeCwd1wKQskgdUB7Airyn0IaEvq22xp5NMwInA9s1my
YJyMEv239Zr+kB3SC3JF5Hz8YGc500viu1Jul7oAp8/oiZ3W2U1JvXrGTD1tLt94
bSBxTD1Vh8vQPMt6d3cNHyF029XjfShbFTOjxngO8u7Bv8brzhqzPzDdZniK
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:19:28 2025 by rpki-client