Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/pOvELxmVMCJOREXgcbJwYPWQcLY.roa
File: pOvELxmVMCJOREXgcbJwYPWQcLY.roa (raw, json)
Hash identifier: 8NAO5qgs1zoQcDKNETGRxihZubfEYTFA3QAx7BgtdEo=
Subject key identifier: A4:EB:C4:2F:19:95:30:22:4E:44:45:E0:71:B2:70:60:F5:90:70:B6
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 019422FC1A96BBEBD88812E423890F7D898C
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/pOvELxmVMCJOREXgcbJwYPWQcLY.roa
Signing time: Wed 01 Jan 2025 17:48:54 +0000
ROA not before: Wed 01 Jan 2025 17:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205766
IP address blocks: 82.98.82.0/24 maxlen: 24
82.98.87.0/24 maxlen: 24
212.19.38.240/28 maxlen: 28
212.19.62.160/27 maxlen: 27
2a02:2e0:3fc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:1a:96:bb:eb:d8:88:12:e4:23:89:0f:7d:89:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 1 17:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4ebc42f199530224e4445e071b27060f59070b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:22:63:7f:a9:fa:d6:3b:e6:1c:43:97:55:b9:
55:24:3c:a3:3d:a6:98:29:68:6c:4b:38:05:3c:20:
4a:16:7e:e7:51:b6:0b:7e:13:29:f3:c7:97:61:ba:
3e:fe:60:6d:73:9e:0d:ce:8e:98:17:86:3f:d8:9e:
5b:58:c7:33:e9:ff:24:3e:50:c0:46:a7:42:05:77:
77:74:84:6a:55:3e:42:91:d4:93:a8:6e:07:de:df:
41:d0:cf:fa:d9:f0:f0:41:f7:d9:8f:8d:3f:40:bb:
85:2e:1d:52:e6:90:b8:c3:79:da:16:e1:e9:b6:ae:
b1:82:b2:40:dd:4a:29:e1:45:73:e5:cf:5d:61:db:
3b:10:48:f0:ab:73:52:99:71:7a:5d:31:f2:41:05:
05:fd:ef:12:6f:22:2c:29:e9:6f:9a:d4:0e:3d:e3:
7a:89:79:44:30:b4:84:00:30:e6:10:cf:24:10:42:
d9:68:fe:71:57:34:b0:9a:1f:b1:3c:18:3b:30:6e:
51:b0:06:79:b6:c0:31:54:63:a0:5c:3d:f9:97:14:
58:eb:b5:fe:40:e8:d6:fd:79:c0:0d:49:28:f2:31:
78:cc:43:09:b5:37:12:aa:31:f1:53:db:9a:ef:eb:
35:81:40:af:7c:f9:be:b1:00:30:bd:27:c2:75:e5:
6d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EB:C4:2F:19:95:30:22:4E:44:45:E0:71:B2:70:60:F5:90:70:B6
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/pOvELxmVMCJOREXgcbJwYPWQcLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.82.0/24
82.98.87.0/24
212.19.38.240/28
212.19.62.160/27
IPv6:
2a02:2e0:3fc::/48
Signature Algorithm: sha256WithRSAEncryption
bc:d3:1c:34:ac:3a:cf:da:e0:1c:e1:13:d9:83:9f:5d:41:36:
49:ad:6f:52:d9:98:87:25:11:d8:3e:33:e5:62:18:d0:d8:d0:
8b:a2:c3:8f:ec:bb:7d:ee:d2:63:cb:ff:a7:4f:78:68:b4:53:
33:13:cc:69:fd:16:e6:80:56:af:4f:53:eb:48:63:2b:2b:94:
57:e2:62:a1:56:6b:18:0c:b8:38:69:17:8e:39:6c:f5:9b:83:
2a:8f:b2:8d:77:31:20:67:c5:32:10:73:13:c1:a9:e8:19:e8:
30:47:9b:f9:d8:94:dd:64:f7:dc:91:4d:11:34:98:f9:e4:94:
07:08:f4:05:06:0f:30:af:5b:3d:67:a2:58:34:68:31:96:36:
27:41:b4:5f:2e:ea:5b:5d:23:b2:86:0a:dc:e8:e3:23:0f:6c:
37:07:eb:4f:ba:46:af:9c:7f:67:f2:b2:32:1a:b3:2e:41:f6:
92:bc:36:d4:b5:58:a1:43:2a:38:76:a1:b3:af:76:34:b3:0d:
34:7e:a9:18:fc:69:2b:ec:6c:a4:1e:82:36:6b:aa:83:68:63:
7d:b9:c6:1f:eb:f5:60:bc:94:a7:da:c0:b8:90:de:3a:c7:c3:
d8:b2:e4:c1:da:37:a6:fd:75:ed:91:ed:df:30:d4:25:aa:66:
2b:3f:b4:1d
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZQi/BqWu+vYiBLkI4kPfYmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjUwMTAxMTc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGViYzQyZjE5OTUzMDIyNGU0NDQ1ZTA3MWIyNzA2MGY1OTA3MGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCJjf6n61jvmHEOXVblVJDyjPaaY
KWhsSzgFPCBKFn7nUbYLfhMp88eXYbo+/mBtc54Nzo6YF4Y/2J5bWMcz6f8kPlDA
RqdCBXd3dIRqVT5CkdSTqG4H3t9B0M/62fDwQffZj40/QLuFLh1S5pC4w3naFuHp
tq6xgrJA3Uop4UVz5c9dYds7EEjwq3NSmXF6XTHyQQUF/e8SbyIsKelvmtQOPeN6
iXlEMLSEADDmEM8kEELZaP5xVzSwmh+xPBg7MG5RsAZ5tsAxVGOgXD35lxRY67X+
QOjW/XnADUko8jF4zEMJtTcSqjHxU9ua7+s1gUCvfPm+sQAwvSfCdeVtdwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFKTrxC8ZlTAiTkRF4HGycGD1kHC2MB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvcE92RUx4bVZNQ0pPUkVYZ2NiSndZUFdRY0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQAUmJSAwQA
UmJXAwUE1BMm8AMFBdQTPqAwDwQCAAIwCQMHACoCAuAD/DANBgkqhkiG9w0BAQsF
AAOCAQEAvNMcNKw6z9rgHOET2YOfXUE2Sa1vUtmYhyUR2D4z5WIY0NjQi6LDj+y7
fe7SY8v/p094aLRTMxPMaf0W5oBWr09T60hjKyuUV+JioVZrGAy4OGkXjjls9ZuD
Ko+yjXcxIGfFMhBzE8Gp6BnoMEeb+diU3WT33JFNETSY+eSUBwj0BQYPMK9bPWei
WDRoMZY2J0G0Xy7qW10jsoYK3OjjIw9sNwfrT7pGr5x/Z/KyMhqzLkH2krw21LVY
oUMqOHahs692NLMNNH6pGPxpK+xspB6CNmuqg2hjfbnGH+v1YLyUp9rAuJDeOsfD
2LLkwdo3pv117ZHt3zDUJapmKz+0HQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:03:19 2025 by rpki-client