Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/971311-f47f-46db-8c57-e9782041cc24/1/3uMPx_oYhMRILG5LEzaTOTb3PfA.roa
File: 3uMPx_oYhMRILG5LEzaTOTb3PfA.roa (raw, json)
Hash identifier: D3cffaRY6U18325bCKUTnr7j5JujnxDY0ZwIDTr7AQU=
Subject key identifier: DE:E3:0F:C7:FA:18:84:C4:48:2C:6E:4B:13:36:93:39:36:F7:3D:F0
Certificate issuer: /CN=816d220b2b5a46fbeb27ef2d969fa21dd338c5b3
Certificate serial: 01941FFAB22B743EE73F6450C34AC3E3DF79
Authority key identifier: 81:6D:22:0B:2B:5A:46:FB:EB:27:EF:2D:96:9F:A2:1D:D3:38:C5:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gW0iCytaRvvrJ-8tlp-iHdM4xbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/971311-f47f-46db-8c57-e9782041cc24/1/3uMPx_oYhMRILG5LEzaTOTb3PfA.roa
Signing time: Wed 01 Jan 2025 03:48:30 +0000
ROA not before: Wed 01 Jan 2025 03:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48767
IP address blocks: 185.140.52.0/24 maxlen: 24
2a07:1a80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b2:2b:74:3e:e7:3f:64:50:c3:4a:c3:e3:df:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=816d220b2b5a46fbeb27ef2d969fa21dd338c5b3
Validity
Not Before: Jan 1 03:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dee30fc7fa1884c4482c6e4b1336933936f73df0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:8d:e4:11:b0:86:76:d9:97:5c:84:18:a9:d3:
38:79:40:94:6c:bc:34:78:f9:7b:ff:52:d5:05:eb:
29:e3:4f:db:60:2a:2a:bb:8b:eb:ba:28:f4:86:12:
88:bb:7f:e2:ec:10:2a:7b:9c:7f:15:87:6f:6e:6d:
25:56:7f:99:d2:ba:17:4b:1e:e3:c1:78:fc:45:fa:
bd:41:e3:df:7b:9a:f9:c0:26:b0:1b:2a:97:de:01:
ed:15:94:cf:bf:e5:44:f2:2f:d2:8c:6f:1e:a4:a9:
ad:80:41:b1:c5:58:62:43:9c:47:74:50:55:22:8b:
89:ac:0c:22:de:48:b6:ec:2b:ac:48:c3:78:d0:4a:
fc:bc:fb:76:89:3f:64:a7:06:d7:2d:f7:b4:cf:b6:
cf:e7:81:c8:a7:49:15:60:d4:97:fe:13:55:df:84:
93:db:41:89:83:2e:3a:a9:b2:9a:fb:ac:28:b4:69:
12:fb:f2:66:d1:91:bf:51:c0:f9:f7:f4:42:a5:73:
76:09:de:be:0b:66:75:02:8a:31:7e:fa:95:1a:f2:
b2:66:63:6c:08:d9:5a:98:7f:b8:32:90:85:0b:c5:
d5:f9:a2:b6:19:0b:79:e6:3c:1c:54:8b:e5:83:e0:
eb:f2:f7:90:a9:93:f6:dd:23:cc:90:66:df:82:39:
cb:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E3:0F:C7:FA:18:84:C4:48:2C:6E:4B:13:36:93:39:36:F7:3D:F0
X509v3 Authority Key Identifier:
keyid:81:6D:22:0B:2B:5A:46:FB:EB:27:EF:2D:96:9F:A2:1D:D3:38:C5:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gW0iCytaRvvrJ-8tlp-iHdM4xbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/971311-f47f-46db-8c57-e9782041cc24/1/3uMPx_oYhMRILG5LEzaTOTb3PfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/971311-f47f-46db-8c57-e9782041cc24/1/gW0iCytaRvvrJ-8tlp-iHdM4xbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.52.0/24
IPv6:
2a07:1a80::/48
Signature Algorithm: sha256WithRSAEncryption
0d:6f:d5:0f:60:64:4f:7e:4b:03:7b:f6:a5:92:f2:84:4e:2a:
fa:0a:c5:96:31:f0:c4:94:8f:5b:58:61:90:cf:2b:27:92:da:
90:c8:6a:03:c0:6c:92:6d:8a:06:7a:a9:d0:d6:ba:66:ff:ab:
c2:1e:31:a3:3a:29:70:04:5b:ba:55:27:0d:5e:39:27:b4:74:
fe:11:e7:71:b5:6f:fe:0c:cb:cd:06:f2:d9:bc:e5:d0:b1:0e:
03:fe:2e:c7:be:9c:88:1e:07:58:8a:d9:d9:ce:40:2f:82:a3:
11:39:d0:e6:76:62:da:2f:ff:ec:46:0d:d2:23:db:ea:ca:2f:
06:c7:8a:0c:db:61:f4:61:0c:a3:a2:02:f1:dc:07:d3:ed:fd:
3a:b2:d1:63:ee:67:d1:d1:da:b4:ca:c0:9b:cf:67:59:40:66:
d1:7b:6c:8d:dc:c6:1b:95:61:d1:a5:87:b5:ca:dd:8b:8d:8a:
ac:30:80:c9:4d:f0:90:55:f5:a6:2f:25:48:47:03:54:f0:49:
69:28:75:15:6e:13:51:9e:14:ee:59:03:b0:70:63:3e:5a:6f:
d9:11:17:05:b8:d6:c2:a5:fb:ed:4e:76:f7:ec:d4:53:11:8b:
c9:9d:07:e7:f3:65:3b:57:6b:75:f6:29:f2:02:82:e6:3d:73:
3b:7a:a0:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQf+rIrdD7nP2RQw0rD4995MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNmQyMjBiMmI1YTQ2ZmJlYjI3ZWYyZDk2OWZhMjFkZDMz
OGM1YjMwHhcNMjUwMTAxMDM0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWUzMGZjN2ZhMTg4NGM0NDgyYzZlNGIxMzM2OTMzOTM2ZjczZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9o3kEbCGdtmXXIQYqdM4eUCUbLw0
ePl7/1LVBesp40/bYCoqu4vruij0hhKIu3/i7BAqe5x/FYdvbm0lVn+Z0roXSx7j
wXj8Rfq9QePfe5r5wCawGyqX3gHtFZTPv+VE8i/SjG8epKmtgEGxxVhiQ5xHdFBV
IouJrAwi3ki27CusSMN40Er8vPt2iT9kpwbXLfe0z7bP54HIp0kVYNSX/hNV34ST
20GJgy46qbKa+6wotGkS+/Jm0ZG/UcD59/RCpXN2Cd6+C2Z1AooxfvqVGvKyZmNs
CNlamH+4MpCFC8XV+aK2GQt55jwcVIvlg+Dr8veQqZP23SPMkGbfgjnLuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN7jD8f6GITESCxuSxM2kzk29z3wMB8GA1UdIwQY
MBaAFIFtIgsrWkb76yfvLZafoh3TOMWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1cwaUN5dGFSdnZySi04dGxwLWlIZE00eGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85NzEzMTEtZjQ3Zi00NmRiLThjNTct
ZTk3ODIwNDFjYzI0LzEvM3VNUHhfb1loTVJJTEc1TEV6YVRPVGIzUGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC85NzEzMTEtZjQ3Zi00NmRiLThjNTctZTk3ODIwNDFjYzI0
LzEvZ1cwaUN5dGFSdnZySi04dGxwLWlIZE00eGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYw0MA8E
AgACMAkDBwAqBxqAAAAwDQYJKoZIhvcNAQELBQADggEBAA1v1Q9gZE9+SwN79qWS
8oROKvoKxZYx8MSUj1tYYZDPKyeS2pDIagPAbJJtigZ6qdDWumb/q8IeMaM6KXAE
W7pVJw1eOSe0dP4R53G1b/4My80G8tm85dCxDgP+Lse+nIgeB1iK2dnOQC+CoxE5
0OZ2Ytov/+xGDdIj2+rKLwbHigzbYfRhDKOiAvHcB9Pt/Tqy0WPuZ9HR2rTKwJvP
Z1lAZtF7bI3cxhuVYdGlh7XK3YuNiqwwgMlN8JBV9aYvJUhHA1TwSWkodRVuE1Ge
FO5ZA7BwYz5ab9kRFwW41sKl++1Odvfs1FMRi8mdB+fzZTtXa3X2KfICguY9czt6
oLo=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:39:59 2025 by rpki-client