Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ot4vb5m6xFr5u5gpNtblK3uwEGg.roa
File: ot4vb5m6xFr5u5gpNtblK3uwEGg.roa (raw, json)
Hash identifier: BJ+qksCaEq2V12XSfaFcbS7qlvRBgz59V54PcMJ59s4=
Subject key identifier: A2:DE:2F:6F:99:BA:C4:5A:F9:BB:98:29:36:D6:E5:2B:7B:B0:10:68
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0195A44834328E8F57826919E0250B5BAB7D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ot4vb5m6xFr5u5gpNtblK3uwEGg.roa
Signing time: Mon 17 Mar 2025 13:25:50 +0000
ROA not before: Mon 17 Mar 2025 13:25:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30456
IP address blocks: 81.5.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a4:48:34:32:8e:8f:57:82:69:19:e0:25:0b:5b:ab:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 17 13:25:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2de2f6f99bac45af9bb982936d6e52b7bb01068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fa:ad:8e:ec:2a:61:62:30:4e:1a:d2:4a:2e:
91:9a:5b:46:bc:bd:a9:1d:bb:bc:56:cb:e3:04:21:
cd:92:d3:f0:63:a6:06:0d:33:2f:c7:f5:11:d7:dc:
16:31:0d:6d:3a:77:9f:42:65:fb:61:cd:3d:c6:07:
4f:5c:6e:81:ce:04:7c:85:1b:18:05:89:09:96:45:
02:92:73:20:69:21:50:25:03:b9:8c:3b:10:e0:0f:
55:9a:41:00:6b:cd:89:3f:45:93:44:1a:c2:50:95:
9b:38:fe:80:ad:fc:d4:8d:41:9d:00:69:ee:13:40:
b7:32:10:a7:42:c9:93:22:d4:5a:1b:78:50:48:7e:
cf:da:04:bd:92:84:67:15:92:07:ad:ac:a5:f7:b4:
cc:8c:8e:f1:35:6a:fb:85:9b:9e:f4:67:67:bd:81:
77:9c:63:e0:6c:06:3a:2f:34:8e:4b:8f:5c:8f:dc:
cf:3d:0d:56:87:2c:ac:59:8f:89:3d:b4:fb:6a:b9:
57:76:bf:f7:3d:f3:17:76:ac:94:5c:4c:37:50:f2:
55:9c:96:49:9a:f4:6b:d4:b2:3a:1d:9b:af:ff:1e:
15:2b:a5:d0:e7:81:82:46:74:af:57:c4:9b:cf:0a:
b6:31:06:ab:77:94:74:06:5f:13:25:7f:19:f3:b6:
f6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DE:2F:6F:99:BA:C4:5A:F9:BB:98:29:36:D6:E5:2B:7B:B0:10:68
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ot4vb5m6xFr5u5gpNtblK3uwEGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:3a:3a:cd:4d:62:24:63:35:42:43:77:bc:24:46:03:c7:bd:
14:b8:55:ef:83:8a:6c:91:41:08:23:4a:6e:e8:70:76:da:fb:
a6:4e:ed:7f:3b:8b:74:1d:43:a9:96:c2:56:78:eb:40:18:bf:
9b:50:3f:65:a2:73:e9:d7:4e:a4:fb:b9:13:b2:1f:05:c2:fc:
11:44:f1:78:3b:62:41:52:88:23:97:a8:72:b8:2c:30:5d:67:
0d:51:4c:af:44:98:72:6f:ad:79:7b:e3:85:2f:72:89:19:04:
eb:05:d3:cc:6b:2f:7d:02:d1:ef:66:25:49:e4:41:fe:6e:a6:
01:86:89:03:65:00:2b:30:ea:63:b3:29:b4:c2:f1:e8:86:dc:
3a:d9:7d:6c:66:1f:d2:06:79:9f:f1:65:0a:23:de:61:c7:77:
17:da:92:b7:55:21:8a:09:51:26:ed:a3:d0:8e:27:bc:73:b0:
97:e8:49:70:b7:bb:7e:45:76:4b:07:be:29:3e:dd:3c:38:e3:
91:29:d5:f4:b2:8f:20:df:a1:f8:4d:72:3b:a1:a7:7d:5f:1b:
6a:9d:a2:56:91:6a:c5:5c:f4:24:30:a6:fd:4e:6f:24:c2:2d:
ba:30:0a:9b:cf:4e:83:0a:23:6a:9c:25:ab:34:90:4b:d6:f2:
9a:c2:d9:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWkSDQyjo9XgmkZ4CULW6t9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzE3MTMyNTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmRlMmY2Zjk5YmFjNDVhZjliYjk4MjkzNmQ2ZTUyYjdiYjAxMDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvqtjuwqYWIwThrSSi6RmltGvL2p
Hbu8VsvjBCHNktPwY6YGDTMvx/UR19wWMQ1tOnefQmX7Yc09xgdPXG6BzgR8hRsY
BYkJlkUCknMgaSFQJQO5jDsQ4A9VmkEAa82JP0WTRBrCUJWbOP6ArfzUjUGdAGnu
E0C3MhCnQsmTItRaG3hQSH7P2gS9koRnFZIHrayl97TMjI7xNWr7hZue9GdnvYF3
nGPgbAY6LzSOS49cj9zPPQ1WhyysWY+JPbT7arlXdr/3PfMXdqyUXEw3UPJVnJZJ
mvRr1LI6HZuv/x4VK6XQ54GCRnSvV8Sbzwq2MQard5R0Bl8TJX8Z87b2pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKLeL2+ZusRa+buYKTbW5St7sBBoMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb3Q0dmI1bTZ4RnI1dTVncE50YmxLM3V3RUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUQW9MA0G
CSqGSIb3DQEBCwUAA4IBAQBvOjrNTWIkYzVCQ3e8JEYDx70UuFXvg4pskUEII0pu
6HB22vumTu1/O4t0HUOplsJWeOtAGL+bUD9lonPp106k+7kTsh8FwvwRRPF4O2JB
Uogjl6hyuCwwXWcNUUyvRJhyb615e+OFL3KJGQTrBdPMay99AtHvZiVJ5EH+bqYB
hokDZQArMOpjsym0wvHohtw62X1sZh/SBnmf8WUKI95hx3cX2pK3VSGKCVEm7aPQ
jie8c7CX6Elwt7t+RXZLB74pPt08OOORKdX0so8g36H4TXI7oad9XxtqnaJWkWrF
XPQkMKb9Tm8kwi26MAqbz06DCiNqnCWrNJBL1vKawtlB
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:01:45 2025 by rpki-client