Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/3R71uiQs8A2yEYIuhFU6ltMSdoA.roa
File: 3R71uiQs8A2yEYIuhFU6ltMSdoA.roa (raw, json)
Hash identifier: q6Bu6mNsK7g3Ktdy/8WD0fy0JiscBHWIuVXEPQ7F3vc=
Subject key identifier: DD:1E:F5:BA:24:2C:F0:0D:B2:11:82:2E:84:55:3A:96:D3:12:76:80
Certificate issuer: /CN=3a00807698f0b097d69ab3926917d1dcc838a624
Certificate serial: 01942368D2E288209155925E56145983729D
Authority key identifier: 3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/3R71uiQs8A2yEYIuhFU6ltMSdoA.roa
Signing time: Wed 01 Jan 2025 19:47:39 +0000
ROA not before: Wed 01 Jan 2025 19:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134823
IP address blocks: 45.11.78.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d2:e2:88:20:91:55:92:5e:56:14:59:83:72:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a00807698f0b097d69ab3926917d1dcc838a624
Validity
Not Before: Jan 1 19:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd1ef5ba242cf00db211822e84553a96d3127680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:92:24:e6:6d:52:80:de:f0:85:2d:5e:7a:75:
aa:ae:d7:ee:06:d5:52:49:08:d8:49:46:bb:10:80:
fe:a9:f7:77:e0:b1:6b:46:a7:4b:5c:e4:5b:e6:dd:
d8:b8:49:8a:c4:fc:bc:db:dc:f3:72:d3:c0:00:23:
17:b3:16:9a:1d:44:59:44:f2:bf:58:7f:aa:49:ce:
2b:8c:c8:9f:47:76:7e:75:1a:a6:03:2e:fe:9e:57:
0f:57:31:f0:9e:34:dd:23:bf:24:21:8a:b3:a1:4f:
e6:cf:c2:96:f0:4b:e1:c0:37:38:07:d2:da:57:03:
e9:88:85:2f:e2:ce:95:2f:3f:74:f7:7a:1b:f0:98:
06:45:af:f2:9e:a1:af:77:28:7f:6b:83:02:db:1d:
60:9b:d1:69:61:18:9d:58:9a:2d:96:af:59:00:d2:
97:7f:be:04:80:e6:16:f0:97:7c:a4:1e:63:93:2d:
a0:bd:ad:3f:16:56:50:f9:d9:3f:1d:02:7c:d3:22:
15:b2:7f:2c:f9:19:89:78:68:2e:d2:02:cd:a0:f2:
20:4b:be:cd:80:09:9d:1b:47:20:6f:f9:c4:27:de:
80:42:e4:9b:ed:fe:b8:41:34:d8:99:74:ab:ba:aa:
eb:ed:03:9f:5a:27:54:eb:e0:92:25:14:67:bb:25:
13:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1E:F5:BA:24:2C:F0:0D:B2:11:82:2E:84:55:3A:96:D3:12:76:80
X509v3 Authority Key Identifier:
keyid:3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/3R71uiQs8A2yEYIuhFU6ltMSdoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.78.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:99:74:9d:66:ca:17:a6:1f:cf:c0:20:67:72:7b:c3:de:03:
47:79:a8:4e:0e:2a:55:13:39:3b:5e:83:00:1d:68:17:0d:8f:
a2:18:fd:f4:d6:1d:a5:86:ec:b6:84:12:0b:4e:5f:a9:8a:0e:
6f:8a:bb:1a:a6:94:07:ac:38:ce:95:0d:cd:b3:54:a3:08:80:
5c:86:9c:41:f8:14:2f:12:ab:bf:85:d8:be:0a:33:92:7e:9b:
5b:8d:00:9c:a3:2d:26:55:cc:0d:59:08:8c:c4:05:3f:4a:0b:
c5:11:8d:6e:c4:95:01:9a:cd:be:d0:73:2a:78:f5:ff:3b:de:
ee:f1:3b:fc:f2:66:a1:b1:37:96:0e:6b:7d:25:74:0f:bd:24:
ea:1b:f4:1d:fc:35:12:3b:27:bd:ab:e8:ac:37:8f:cc:29:92:
0f:da:14:7f:1e:4f:13:ba:4a:7f:91:5c:e6:42:9e:75:95:19:
b1:ec:bf:de:d7:a2:83:5f:ad:01:be:2f:4e:ba:f6:5a:7b:10:
76:32:c1:14:e1:95:97:f8:93:1e:7c:ac:7d:a8:86:d2:ea:b7:
7e:9f:db:73:c9:cb:c4:5d:9f:65:0b:ac:e2:df:02:2e:3a:43:
69:75:8f:cd:b0:9a:10:68:52:bc:dd:ca:04:13:8e:e8:33:57:
2d:78:86:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaNLiiCCRVZJeVhRZg3KdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDA4MDc2OThmMGIwOTdkNjlhYjM5MjY5MTdkMWRjYzgz
OGE2MjQwHhcNMjUwMTAxMTk0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFlZjViYTI0MmNmMDBkYjIxMTgyMmU4NDU1M2E5NmQzMTI3NjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5Ik5m1SgN7whS1eenWqrtfuBtVS
SQjYSUa7EID+qfd34LFrRqdLXORb5t3YuEmKxPy829zzctPAACMXsxaaHURZRPK/
WH+qSc4rjMifR3Z+dRqmAy7+nlcPVzHwnjTdI78kIYqzoU/mz8KW8EvhwDc4B9La
VwPpiIUv4s6VLz9093ob8JgGRa/ynqGvdyh/a4MC2x1gm9FpYRidWJotlq9ZANKX
f74EgOYW8Jd8pB5jky2gva0/FlZQ+dk/HQJ80yIVsn8s+RmJeGgu0gLNoPIgS77N
gAmdG0cgb/nEJ96AQuSb7f64QTTYmXSruqrr7QOfWidU6+CSJRRnuyUT/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0e9bokLPANshGCLoRVOpbTEnaAMB8GA1UdIwQY
MBaAFDoAgHaY8LCX1pqzkmkX0dzIOKYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMt
MTZhZmM0ZGZmZGQ0LzEvM1I3MXVpUXM4QTJ5RVlJdWhGVTZsdE1TZG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMtMTZhZmM0ZGZmZGQ0
LzEvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQtOMA0G
CSqGSIb3DQEBCwUAA4IBAQAvmXSdZsoXph/PwCBncnvD3gNHeahODipVEzk7XoMA
HWgXDY+iGP301h2lhuy2hBILTl+pig5virsappQHrDjOlQ3Ns1SjCIBchpxB+BQv
Equ/hdi+CjOSfptbjQCcoy0mVcwNWQiMxAU/SgvFEY1uxJUBms2+0HMqePX/O97u
8Tv88mahsTeWDmt9JXQPvSTqG/Qd/DUSOye9q+isN4/MKZIP2hR/Hk8Tukp/kVzm
Qp51lRmx7L/e16KDX60Bvi9OuvZaexB2MsEU4ZWX+JMefKx9qIbS6rd+n9tzycvE
XZ9lC6zi3wIuOkNpdY/NsJoQaFK83coEE47oM1cteIYi
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:32:03 2025 by rpki-client