Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/d237fa-b105-432e-83cb-6d35b7956fce/1/3Krd3X8gM6K6uQN1pZPs1zNdYR4.roa
File: 3Krd3X8gM6K6uQN1pZPs1zNdYR4.roa (raw, json)
Hash identifier: fGcfj1MLOHaxsx+wYEI+CaMKulrmVPv7+yNp06XKMSk=
Subject key identifier: DC:AA:DD:DD:7F:20:33:A2:BA:B9:03:75:A5:93:EC:D7:33:5D:61:1E
Certificate issuer: /CN=c4c3bc05aa52ab9eb5d184f50889f1ff0c90ce78
Certificate serial: 01941FFA311111485C9CD0A016DB2A49A968
Authority key identifier: C4:C3:BC:05:AA:52:AB:9E:B5:D1:84:F5:08:89:F1:FF:0C:90:CE:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xMO8BapSq5610YT1CInx_wyQzng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/d237fa-b105-432e-83cb-6d35b7956fce/1/3Krd3X8gM6K6uQN1pZPs1zNdYR4.roa
Signing time: Wed 01 Jan 2025 03:47:57 +0000
ROA not before: Wed 01 Jan 2025 03:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8708
IP address blocks: 194.176.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:31:11:11:48:5c:9c:d0:a0:16:db:2a:49:a9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4c3bc05aa52ab9eb5d184f50889f1ff0c90ce78
Validity
Not Before: Jan 1 03:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcaadddd7f2033a2bab90375a593ecd7335d611e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f3:91:73:76:02:8c:52:a9:57:69:a8:db:4e:
90:25:ad:3e:00:7b:93:af:4e:bf:1d:0b:3d:3d:cb:
fa:e2:06:51:7b:5e:b6:2e:fd:14:3a:9b:a3:a9:80:
d8:90:0a:55:d5:3c:b5:67:b7:2e:aa:29:3b:d7:c1:
29:af:68:7b:0c:2a:4c:a2:8d:91:88:74:29:9e:6d:
e0:59:68:82:b0:56:97:51:ef:23:f1:0b:e7:02:f8:
ce:01:fb:13:af:f9:90:6c:07:41:0d:95:af:fd:f6:
5a:52:f5:45:89:03:e4:0e:79:8d:1b:67:38:ff:7c:
dc:bb:29:31:ff:77:3c:20:66:bc:e3:cd:57:2a:bb:
b7:45:b4:0a:08:77:a2:a3:18:01:89:64:49:45:73:
5a:f5:c4:9b:2e:ff:31:7f:91:db:93:d5:60:b5:68:
89:36:01:79:cf:0f:c6:51:96:ec:c5:8b:e8:90:a9:
1b:17:17:93:8e:c6:b6:ca:6e:78:15:a0:01:24:19:
65:85:3e:18:11:9c:b3:ce:34:00:21:cf:cd:08:65:
f9:66:85:ff:16:7c:32:8b:66:fa:22:61:3e:46:62:
5e:6d:3b:c6:57:38:f3:42:c2:fd:bc:08:47:ac:47:
5e:48:8e:aa:18:7e:55:46:ef:ac:e0:23:34:ef:bd:
5f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AA:DD:DD:7F:20:33:A2:BA:B9:03:75:A5:93:EC:D7:33:5D:61:1E
X509v3 Authority Key Identifier:
keyid:C4:C3:BC:05:AA:52:AB:9E:B5:D1:84:F5:08:89:F1:FF:0C:90:CE:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xMO8BapSq5610YT1CInx_wyQzng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/d237fa-b105-432e-83cb-6d35b7956fce/1/3Krd3X8gM6K6uQN1pZPs1zNdYR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/d237fa-b105-432e-83cb-6d35b7956fce/1/xMO8BapSq5610YT1CInx_wyQzng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.176.173.0/24
Signature Algorithm: sha256WithRSAEncryption
85:f7:96:92:36:1c:05:54:26:c3:58:b3:f3:39:d6:99:65:b0:
0a:dd:ce:e5:6e:a8:2a:54:2b:ae:ca:83:e1:45:fc:c7:98:a9:
9a:ad:29:91:60:a2:b6:3e:fe:fb:9a:3b:21:55:23:69:fc:71:
0e:87:75:f7:5c:ae:ed:60:37:bd:37:79:67:6b:91:ce:35:e8:
6d:05:e5:5e:b0:d3:89:a2:bd:a8:ec:b9:7e:39:56:ce:43:3d:
b2:8a:68:4f:ec:52:a8:dd:43:a7:a3:0b:bc:4f:a8:06:0b:1a:
82:9e:44:16:87:3f:4a:8d:4b:cc:56:97:a4:fc:8d:2a:ed:38:
e1:a0:ba:9d:ff:7e:ba:45:f6:bf:1a:73:0b:84:83:d0:f0:aa:
48:04:26:7e:44:0f:fc:31:32:d1:5d:e6:9f:5a:42:3f:b6:e3:
c5:ca:58:31:8a:e1:21:04:40:be:32:2e:a8:8d:0b:40:9b:81:
08:fa:55:ff:c1:ef:ba:0a:ad:e1:b9:ca:a4:a9:99:7c:b6:8b:
30:ec:83:f2:61:33:0b:b2:9c:3f:52:62:33:11:f4:51:d5:82:
60:84:a2:ff:37:06:01:2e:d4:b6:70:21:fa:c9:36:b0:e3:48:
09:34:77:b0:10:22:38:97:dd:47:1f:d7:13:e5:60:03:e1:f7:
5d:21:79:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+jEREUhcnNCgFtsqSaloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YzNiYzA1YWE1MmFiOWViNWQxODRmNTA4ODlmMWZmMGM5
MGNlNzgwHhcNMjUwMTAxMDM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2FhZGRkZDdmMjAzM2EyYmFiOTAzNzVhNTkzZWNkNzMzNWQ2MTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5vORc3YCjFKpV2mo206QJa0+AHuT
r06/HQs9Pcv64gZRe162Lv0UOpujqYDYkApV1Ty1Z7cuqik718Epr2h7DCpMoo2R
iHQpnm3gWWiCsFaXUe8j8QvnAvjOAfsTr/mQbAdBDZWv/fZaUvVFiQPkDnmNG2c4
/3zcuykx/3c8IGa8481XKru3RbQKCHeioxgBiWRJRXNa9cSbLv8xf5Hbk9VgtWiJ
NgF5zw/GUZbsxYvokKkbFxeTjsa2ym54FaABJBllhT4YEZyzzjQAIc/NCGX5ZoX/
Fnwyi2b6ImE+RmJebTvGVzjzQsL9vAhHrEdeSI6qGH5VRu+s4CM0771fgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyq3d1/IDOiurkDdaWT7NczXWEeMB8GA1UdIwQY
MBaAFMTDvAWqUquetdGE9QiJ8f8MkM54MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE1POEJhcFNxNTYxMFlUMUNJbnhfd3lRem5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kMjM3ZmEtYjEwNS00MzJlLTgzY2It
NmQzNWI3OTU2ZmNlLzEvM0tyZDNYOGdNNks2dVFOMXBaUHMxek5kWVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kMjM3ZmEtYjEwNS00MzJlLTgzY2ItNmQzNWI3OTU2ZmNl
LzEveE1POEJhcFNxNTYxMFlUMUNJbnhfd3lRem5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrCtMA0G
CSqGSIb3DQEBCwUAA4IBAQCF95aSNhwFVCbDWLPzOdaZZbAK3c7lbqgqVCuuyoPh
RfzHmKmarSmRYKK2Pv77mjshVSNp/HEOh3X3XK7tYDe9N3lna5HONehtBeVesNOJ
or2o7Ll+OVbOQz2yimhP7FKo3UOnowu8T6gGCxqCnkQWhz9KjUvMVpek/I0q7Tjh
oLqd/366Rfa/GnMLhIPQ8KpIBCZ+RA/8MTLRXeafWkI/tuPFylgxiuEhBEC+Mi6o
jQtAm4EI+lX/we+6Cq3hucqkqZl8tosw7IPyYTMLspw/UmIzEfRR1YJghKL/NwYB
LtS2cCH6yTaw40gJNHewECI4l91HH9cT5WAD4fddIXl3
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:21 2025 by rpki-client