Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/3Lm8-5Q2HqnpNNP6U2NQelZwPfE.roa
File: 3Lm8-5Q2HqnpNNP6U2NQelZwPfE.roa (raw, json)
Hash identifier: RRB6DwZBs9cwJUuT3nZOVMBd+Plk7WFxG7mLFueSOiw=
Subject key identifier: DC:B9:BC:FB:94:36:1E:A9:E9:34:D3:FA:53:63:50:7A:56:70:3D:F1
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 01856CEF4902FBD0BDF477C2920544B06318
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/3Lm8-5Q2HqnpNNP6U2NQelZwPfE.roa
Signing time: Sun 01 Jan 2023 10:44:59 +0000
ROA not before: Sun 01 Jan 2023 10:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44152
IP address blocks: 82.98.90.0/24 maxlen: 24
82.98.75.80/29 maxlen: 32
82.98.94.120/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:49:02:fb:d0:bd:f4:77:c2:92:05:44:b0:63:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 1 10:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcb9bcfb94361ea9e934d3fa5363507a56703df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5a:48:68:a0:9f:ec:82:e9:48:f7:0e:3a:a6:
9a:82:95:e4:c6:1e:48:02:31:d8:bb:48:52:34:f1:
ff:a1:1a:64:01:a1:07:0e:bf:2c:37:be:ca:96:70:
80:42:16:bb:b3:b6:86:ef:58:56:b0:9f:02:52:c9:
65:f5:c6:76:97:a7:d2:bf:0d:f0:9f:4d:b2:d3:ab:
52:b4:25:55:4a:33:31:eb:43:a2:f9:0e:f6:63:12:
6d:82:b1:db:ea:67:45:9a:13:c4:3f:a2:05:47:8c:
3f:d7:97:50:bd:df:fc:93:fa:77:25:ae:ff:b5:dc:
1e:8d:e9:01:3c:64:55:41:9f:8d:c7:34:32:dc:98:
5f:a0:44:e0:21:10:bb:58:6d:a3:66:86:19:23:60:
d4:b3:98:18:c9:d7:da:20:5b:cc:4c:86:0d:b4:84:
b8:b6:a6:73:2e:97:16:c4:c5:5a:ba:8a:3c:c1:17:
c9:80:39:30:77:af:f5:c3:7c:1f:5e:47:bd:1d:26:
4e:f3:1c:3e:1b:80:be:37:a7:43:d1:eb:fc:b4:33:
82:11:02:18:38:b6:6d:ab:4c:34:db:1b:4d:bc:34:
f5:cb:d7:e4:5b:12:59:e5:94:2b:cc:97:7f:b9:96:
ce:23:00:cd:f2:61:13:71:35:40:8a:84:6c:6f:a8:
01:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B9:BC:FB:94:36:1E:A9:E9:34:D3:FA:53:63:50:7A:56:70:3D:F1
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/3Lm8-5Q2HqnpNNP6U2NQelZwPfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.75.80/29
82.98.90.0/24
82.98.94.120/29
Signature Algorithm: sha256WithRSAEncryption
a8:77:87:90:ef:17:99:45:9c:0d:5a:f3:45:e2:99:a1:e2:e3:
7e:1e:d8:6f:07:41:fd:4d:f6:d2:ef:d0:eb:51:2c:57:66:c8:
25:f2:f1:23:21:fa:20:e8:a4:53:ca:cf:a3:03:cd:3b:33:4b:
11:ed:3a:00:da:8a:35:8c:4d:ee:bb:48:c7:05:9d:a4:3d:c7:
98:a2:a3:ec:af:5e:da:5a:a9:68:81:09:d2:84:c5:9e:e5:ba:
c5:65:04:84:12:1e:9b:45:3a:e6:64:45:e6:a0:1c:91:54:22:
0e:5e:38:10:aa:25:a0:bf:f2:12:55:3f:59:25:ce:b2:04:56:
e1:61:8c:86:82:3b:b6:45:63:72:8c:40:64:7b:ba:69:16:a7:
2d:2e:3e:96:8a:63:c8:89:12:e3:c5:6b:9a:f8:14:c1:28:14:
24:64:3a:e9:00:cc:19:a7:ad:0a:a1:99:85:58:3c:78:9d:e3:
dd:bb:42:20:ce:3a:43:b6:ac:30:c3:52:aa:29:50:4a:f5:f9:
79:2c:91:81:3c:1f:32:d3:c3:9e:18:64:37:d1:6a:5b:9b:f2:
ba:07:3f:f7:2f:c4:b0:a4:e5:e1:b4:3d:29:34:d7:7a:c8:c8:
bf:79:94:4c:eb:b7:7a:66:9d:7c:30:12:6d:8b:fb:09:97:1b:
26:91:8b:cc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVs70kC+9C99HfCkgVEsGMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjMwMTAxMTA0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2I5YmNmYjk0MzYxZWE5ZTkzNGQzZmE1MzYzNTA3YTU2NzAzZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFpIaKCf7ILpSPcOOqaagpXkxh5I
AjHYu0hSNPH/oRpkAaEHDr8sN77KlnCAQha7s7aG71hWsJ8CUsll9cZ2l6fSvw3w
n02y06tStCVVSjMx60Oi+Q72YxJtgrHb6mdFmhPEP6IFR4w/15dQvd/8k/p3Ja7/
tdwejekBPGRVQZ+NxzQy3JhfoETgIRC7WG2jZoYZI2DUs5gYydfaIFvMTIYNtIS4
tqZzLpcWxMVauoo8wRfJgDkwd6/1w3wfXke9HSZO8xw+G4C+N6dD0ev8tDOCEQIY
OLZtq0w02xtNvDT1y9fkWxJZ5ZQrzJd/uZbOIwDN8mETcTVAioRsb6gBlwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNy5vPuUNh6p6TTT+lNjUHpWcD3xMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvM0xtOC01UTJIcW5wTk5QNlUyTlFlbFp3UGZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwUDUmJLUAME
AFJiWgMFA1JiXngwDQYJKoZIhvcNAQELBQADggEBAKh3h5DvF5lFnA1a80XimaHi
434e2G8HQf1N9tLv0OtRLFdmyCXy8SMh+iDopFPKz6MDzTszSxHtOgDaijWMTe67
SMcFnaQ9x5iio+yvXtpaqWiBCdKExZ7lusVlBIQSHptFOuZkReagHJFUIg5eOBCq
JaC/8hJVP1klzrIEVuFhjIaCO7ZFY3KMQGR7umkWpy0uPpaKY8iJEuPFa5r4FMEo
FCRkOukAzBmnrQqhmYVYPHid4927QiDOOkO2rDDDUqopUEr1+XkskYE8HzLTw54Y
ZDfRalub8roHP/cvxLCk5eG0PSk013rIyL95lEzrt3pmnXwwEm2L+wmXGyaRi8w=
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:37 2025 by rpki-client