Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/a64061-52c9-43dc-9ee0-5afde294d1c2/1/3kOlhGkip3kgnQsIY8SC74zGCiI.roa
File: 3kOlhGkip3kgnQsIY8SC74zGCiI.roa (raw, json)
Hash identifier: /UwQjBVGSZIPq8A/OPI8snl6YQ2rtRZFuZ7cKHq3xcM=
Subject key identifier: DE:43:A5:84:69:22:A7:79:20:9D:0B:08:63:C4:82:EF:8C:C6:0A:22
Certificate issuer: /CN=3b13bf822592bd1b54b77cc2c1cc42b28ccf1669
Certificate serial: 018B142815ADB8F25A0D72A998094EAEFD42
Authority key identifier: 3B:13:BF:82:25:92:BD:1B:54:B7:7C:C2:C1:CC:42:B2:8C:CF:16:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OxO_giWSvRtUt3zCwcxCsozPFmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/a64061-52c9-43dc-9ee0-5afde294d1c2/1/3kOlhGkip3kgnQsIY8SC74zGCiI.roa
Signing time: Mon 09 Oct 2023 11:17:33 +0000
ROA not before: Mon 09 Oct 2023 11:17:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 213.178.142.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:28:15:ad:b8:f2:5a:0d:72:a9:98:09:4e:ae:fd:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b13bf822592bd1b54b77cc2c1cc42b28ccf1669
Validity
Not Before: Oct 9 11:17:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de43a5846922a779209d0b0863c482ef8cc60a22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:1b:0e:68:d4:a8:6c:15:48:e2:a8:61:de:59:
df:7d:30:ab:7b:4d:0a:38:3a:36:9e:22:f6:25:1e:
0f:3b:46:61:11:fd:5c:c1:7d:e7:46:e2:b1:9b:86:
c9:8b:80:5e:d0:12:66:1b:6c:51:2e:d0:f3:72:1a:
45:ea:ca:df:39:12:0f:cc:7d:9c:9c:29:bc:50:33:
8a:a4:1b:d3:4e:af:f4:44:69:c3:1e:55:3c:3a:f3:
e9:7d:de:a6:68:9c:21:0f:ce:e7:60:00:c9:58:16:
ff:cc:8b:70:99:a7:87:03:ff:f1:e4:69:59:3a:75:
f3:61:3b:8c:0e:26:ed:75:c7:c6:5e:51:71:82:d3:
c4:ef:02:0a:e1:36:34:03:e0:00:a6:c5:35:47:c6:
7a:ea:e0:24:e7:29:8e:5a:26:53:70:77:2a:de:3b:
9e:29:44:63:05:5a:a1:17:8f:68:9a:ae:37:cd:24:
d9:d2:9d:48:0c:7f:41:df:89:37:7b:b3:e9:06:be:
12:d1:61:b0:85:dc:94:65:22:30:cc:2b:19:11:e2:
40:e3:5c:bb:a2:ad:54:ec:3e:c4:b6:11:b6:51:8e:
f7:cf:dc:7f:f9:a2:5c:8f:8d:ce:40:a9:f4:ac:b8:
a5:e7:a8:57:ac:5d:e6:78:e9:ae:91:08:ee:cc:f4:
c8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:43:A5:84:69:22:A7:79:20:9D:0B:08:63:C4:82:EF:8C:C6:0A:22
X509v3 Authority Key Identifier:
keyid:3B:13:BF:82:25:92:BD:1B:54:B7:7C:C2:C1:CC:42:B2:8C:CF:16:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OxO_giWSvRtUt3zCwcxCsozPFmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/a64061-52c9-43dc-9ee0-5afde294d1c2/1/3kOlhGkip3kgnQsIY8SC74zGCiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/a64061-52c9-43dc-9ee0-5afde294d1c2/1/OxO_giWSvRtUt3zCwcxCsozPFmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.178.142.0/24
Signature Algorithm: sha256WithRSAEncryption
14:eb:18:b9:0c:62:41:68:8e:55:ad:f4:54:3b:6f:a5:ca:f2:
84:b8:f6:d9:64:a1:91:4a:cb:33:1d:2b:69:f0:8a:92:e8:58:
35:09:40:33:4c:03:01:d6:20:ce:da:71:25:44:12:24:86:44:
4a:23:8b:d3:a6:04:1e:ec:4d:c0:3c:c3:3c:d9:cb:d7:53:e9:
b1:9d:a0:2c:a2:57:b7:bc:1c:48:ba:73:a1:5b:e4:86:37:26:
47:98:ab:6c:08:30:01:65:f8:65:3e:32:6a:f7:8d:48:26:94:
17:e5:a4:8b:79:5f:b7:a5:ba:d3:69:ca:30:c1:83:97:62:ad:
87:47:46:bf:cf:03:d3:d3:82:ad:56:da:b4:a2:c7:fa:3c:a4:
1c:b8:eb:e0:dc:31:e2:ae:31:3a:e2:6f:2e:1a:7a:05:5e:28:
82:3d:cf:aa:98:a1:25:e7:f9:5e:1a:b5:65:be:28:ed:9d:15:
fc:79:a0:86:4f:e1:ea:ca:9f:2c:b9:e9:e5:76:7e:02:57:48:
f6:c5:c8:53:5f:66:e5:de:c0:86:89:87:98:e2:02:7a:74:70:
1e:28:0c:3b:a5:d9:3a:6e:6b:63:cf:67:c5:1f:8c:f9:ab:00:
9f:e9:f9:a5:bc:56:1f:04:17:52:72:60:23:c7:e9:85:3a:5a:
75:ec:23:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsUKBWtuPJaDXKpmAlOrv1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMTNiZjgyMjU5MmJkMWI1NGI3N2NjMmMxY2M0MmIyOGNj
ZjE2NjkwHhcNMjMxMDA5MTExNzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQzYTU4NDY5MjJhNzc5MjA5ZDBiMDg2M2M0ODJlZjhjYzYwYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RsOaNSobBVI4qhh3lnffTCre00K
ODo2niL2JR4PO0ZhEf1cwX3nRuKxm4bJi4Be0BJmG2xRLtDzchpF6srfORIPzH2c
nCm8UDOKpBvTTq/0RGnDHlU8OvPpfd6maJwhD87nYADJWBb/zItwmaeHA//x5GlZ
OnXzYTuMDibtdcfGXlFxgtPE7wIK4TY0A+AApsU1R8Z66uAk5ymOWiZTcHcq3jue
KURjBVqhF49omq43zSTZ0p1IDH9B34k3e7PpBr4S0WGwhdyUZSIwzCsZEeJA41y7
oq1U7D7EthG2UY73z9x/+aJcj43OQKn0rLil56hXrF3meOmukQjuzPTICQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5DpYRpIqd5IJ0LCGPEgu+MxgoiMB8GA1UdIwQY
MBaAFDsTv4Ilkr0bVLd8wsHMQrKMzxZpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3hPX2dpV1N2UnRVdDN6Q3djeENzb3pQRm1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9hNjQwNjEtNTJjOS00M2RjLTllZTAt
NWFmZGUyOTRkMWMyLzEvM2tPbGhHa2lwM2tnblFzSVk4U0M3NHpHQ2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9hNjQwNjEtNTJjOS00M2RjLTllZTAtNWFmZGUyOTRkMWMy
LzEvT3hPX2dpV1N2UnRVdDN6Q3djeENzb3pQRm1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1bKOMA0G
CSqGSIb3DQEBCwUAA4IBAQAU6xi5DGJBaI5VrfRUO2+lyvKEuPbZZKGRSsszHStp
8IqS6Fg1CUAzTAMB1iDO2nElRBIkhkRKI4vTpgQe7E3APMM82cvXU+mxnaAsole3
vBxIunOhW+SGNyZHmKtsCDABZfhlPjJq941IJpQX5aSLeV+3pbrTacowwYOXYq2H
R0a/zwPT04KtVtq0osf6PKQcuOvg3DHirjE64m8uGnoFXiiCPc+qmKEl5/leGrVl
vijtnRX8eaCGT+Hqyp8suenldn4CV0j2xchTX2bl3sCGiYeY4gJ6dHAeKAw7pdk6
bmtjz2fFH4z5qwCf6fmlvFYfBBdScmAjx+mFOlp17CM5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:26 2025 by rpki-client