Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/cwI21tJzYqOr9HSPPCz6L9ZgwVI.roa
File: cwI21tJzYqOr9HSPPCz6L9ZgwVI.roa (raw, json)
Hash identifier: XU/ushJjB+n9xmj9cQdOxUY6BAOcpjTXGMQ5mCVCcNA=
Subject key identifier: 73:02:36:D6:D2:73:62:A3:AB:F4:74:8F:3C:2C:FA:2F:D6:60:C1:52
Certificate issuer: /CN=3b544ca0e2be18e9fd74e281324a30b0ea2d1d52
Certificate serial: 01942369DD8526D4CF61B977EC66771F8493
Authority key identifier: 3B:54:4C:A0:E2:BE:18:E9:FD:74:E2:81:32:4A:30:B0:EA:2D:1D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O1RMoOK-GOn9dOKBMkowsOotHVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/cwI21tJzYqOr9HSPPCz6L9ZgwVI.roa
Signing time: Wed 01 Jan 2025 19:48:47 +0000
ROA not before: Wed 01 Jan 2025 19:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15404
IP address blocks: 145.224.32.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:dd:85:26:d4:cf:61:b9:77:ec:66:77:1f:84:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b544ca0e2be18e9fd74e281324a30b0ea2d1d52
Validity
Not Before: Jan 1 19:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=730236d6d27362a3abf4748f3c2cfa2fd660c152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d7:cc:7c:7c:52:2a:e7:e5:43:73:07:17:77:
3a:b9:f6:a1:5b:d0:26:60:5b:b2:43:31:38:a4:10:
30:de:ec:cd:b1:39:83:6c:3d:bb:56:17:82:cf:15:
48:cc:4d:ea:51:c2:59:b7:55:34:27:6b:9e:a2:b1:
62:91:7d:10:b4:ff:03:22:64:f8:27:02:5a:cc:e4:
ff:7b:93:32:fd:e1:e9:63:45:5d:fe:4e:c0:1f:6b:
d8:b9:8d:55:1a:0f:b8:8c:a0:f3:d4:a9:49:47:c7:
79:0f:4a:df:f1:74:7c:1c:1c:28:1c:0b:1a:eb:bb:
18:2f:d9:bb:7b:1b:d5:b9:20:35:41:da:4a:43:26:
5d:a7:bb:47:33:d5:d3:34:67:4a:93:5c:76:c8:e8:
c2:37:ac:83:d9:ab:7a:64:48:0e:5b:ab:e2:7e:35:
21:9c:5b:6f:cb:38:ed:2e:f8:47:77:86:b6:b3:01:
37:1c:db:ef:90:cf:b4:7f:af:b5:ad:6e:ee:10:8c:
0f:35:6c:3b:ac:e4:22:f8:ee:39:5c:96:ef:13:ae:
b6:07:fc:0a:0b:ab:2a:9a:53:6d:69:dd:95:62:12:
9d:4a:5a:4b:eb:ac:55:65:1f:1f:7e:c0:94:a9:67:
18:ae:2b:ad:2d:dd:99:ce:0c:23:1f:72:0a:05:b3:
c9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:02:36:D6:D2:73:62:A3:AB:F4:74:8F:3C:2C:FA:2F:D6:60:C1:52
X509v3 Authority Key Identifier:
keyid:3B:54:4C:A0:E2:BE:18:E9:FD:74:E2:81:32:4A:30:B0:EA:2D:1D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O1RMoOK-GOn9dOKBMkowsOotHVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/cwI21tJzYqOr9HSPPCz6L9ZgwVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3030bb-42c2-4e3c-859a-876a9d7629f6/1/O1RMoOK-GOn9dOKBMkowsOotHVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.32.0/23
Signature Algorithm: sha256WithRSAEncryption
63:9a:06:f8:64:d6:81:81:59:d6:fb:fb:92:f8:26:9b:fa:5c:
76:60:ae:84:a8:4c:f3:b2:be:8e:c0:23:4b:d2:f5:d3:24:ee:
f0:4b:5d:d1:c3:87:3c:f4:fa:4a:25:1b:10:0d:cc:60:a5:37:
b0:01:97:76:c8:f6:a1:7a:ab:a3:a4:5d:23:ad:54:df:93:8b:
e3:48:e5:44:0a:55:b9:7a:09:7d:64:bd:74:d2:d9:2b:5c:c5:
b5:cd:08:a8:dc:06:48:a3:70:df:6a:7b:c3:47:ca:22:5f:fc:
69:7f:18:0c:60:53:2c:af:97:6e:ce:f1:9a:f4:c7:37:74:f9:
76:8a:ce:35:e3:1c:0a:c1:25:f3:49:2b:1e:00:f2:6e:b1:d0:
9b:17:d3:ca:99:33:97:09:46:d7:c9:08:cb:e5:60:6b:81:fa:
54:dd:89:39:a2:8b:65:b4:6f:5c:73:de:fe:42:f0:8b:36:3c:
d1:e0:07:32:39:b8:aa:0d:0e:70:5f:19:f5:9c:f8:23:ec:40:
49:dd:53:df:94:9d:d4:d4:f1:67:5c:31:c8:66:c8:96:8d:04:
98:18:c8:13:fb:f5:fe:0e:3b:cc:d2:6a:70:86:de:bb:ca:69:
eb:e6:8c:38:f2:f0:8a:23:44:3e:8d:d8:49:4d:4e:10:0d:61:
91:9e:a0:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjad2FJtTPYbl37GZ3H4STMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNTQ0Y2EwZTJiZTE4ZTlmZDc0ZTI4MTMyNGEzMGIwZWEy
ZDFkNTIwHhcNMjUwMTAxMTk0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzAyMzZkNmQyNzM2MmEzYWJmNDc0OGYzYzJjZmEyZmQ2NjBjMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2tfMfHxSKuflQ3MHF3c6ufahW9Am
YFuyQzE4pBAw3uzNsTmDbD27VheCzxVIzE3qUcJZt1U0J2ueorFikX0QtP8DImT4
JwJazOT/e5My/eHpY0Vd/k7AH2vYuY1VGg+4jKDz1KlJR8d5D0rf8XR8HBwoHAsa
67sYL9m7exvVuSA1QdpKQyZdp7tHM9XTNGdKk1x2yOjCN6yD2at6ZEgOW6vifjUh
nFtvyzjtLvhHd4a2swE3HNvvkM+0f6+1rW7uEIwPNWw7rOQi+O45XJbvE662B/wK
C6sqmlNtad2VYhKdSlpL66xVZR8ffsCUqWcYriutLd2ZzgwjH3IKBbPJnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMCNtbSc2Kjq/R0jzws+i/WYMFSMB8GA1UdIwQY
MBaAFDtUTKDivhjp/XTigTJKMLDqLR1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzFSTW9PSy1HT245ZE9LQk1rb3dzT290SFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zMDMwYmItNDJjMi00ZTNjLTg1OWEt
ODc2YTlkNzYyOWY2LzEvY3dJMjF0SnpZcU9yOUhTUFBDejZMOVpnd1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zMDMwYmItNDJjMi00ZTNjLTg1OWEtODc2YTlkNzYyOWY2
LzEvTzFSTW9PSy1HT245ZE9LQk1rb3dzT290SFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkeAgMA0G
CSqGSIb3DQEBCwUAA4IBAQBjmgb4ZNaBgVnW+/uS+Cab+lx2YK6EqEzzsr6OwCNL
0vXTJO7wS13Rw4c89PpKJRsQDcxgpTewAZd2yPahequjpF0jrVTfk4vjSOVEClW5
egl9ZL100tkrXMW1zQio3AZIo3DfanvDR8oiX/xpfxgMYFMsr5duzvGa9Mc3dPl2
is414xwKwSXzSSseAPJusdCbF9PKmTOXCUbXyQjL5WBrgfpU3Yk5ootltG9cc97+
QvCLNjzR4AcyObiqDQ5wXxn1nPgj7EBJ3VPflJ3U1PFnXDHIZsiWjQSYGMgT+/X+
DjvM0mpwht67ymnr5ow48vCKI0Q+jdhJTU4QDWGRnqBf
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:59:40 2025 by rpki-client