Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3frD60aCP8jogWf1if7zFBZHLkc.roa
File: 3frD60aCP8jogWf1if7zFBZHLkc.roa (raw, json)
Hash identifier: C/dKQUgTL/Isu8yxyQthVC3A7tzM30QSDttrM9BEPvk=
Subject key identifier: DD:FA:C3:EB:46:82:3F:C8:E8:81:67:F5:89:FE:F3:14:16:47:2E:47
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A33F0163248D7D72CFB907AD4604B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3frD60aCP8jogWf1if7zFBZHLkc.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 5.183.207.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:33:f0:16:32:48:d7:d7:2c:fb:90:7a:d4:60:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddfac3eb46823fc8e88167f589fef31416472e47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b9:8e:f0:72:57:fe:df:3c:b7:48:52:44:f4:
7a:19:f5:b0:f7:31:f2:96:9d:c2:55:fb:9a:4c:7c:
7b:ce:94:99:46:f6:12:fa:45:8d:0d:5c:30:d8:01:
9e:ce:08:b9:e4:42:f2:d9:03:e1:19:51:2d:ed:ed:
b6:00:df:f9:48:c2:f5:b5:be:cc:52:24:3a:8b:8f:
6c:63:5e:ed:78:d7:dd:c8:7b:b2:14:c0:1e:a4:d3:
c8:04:3a:a7:5a:14:74:6d:aa:bd:72:20:5f:b1:e6:
cf:91:14:74:40:c3:43:8f:93:27:d1:93:5c:bb:a6:
4d:80:51:e2:65:f6:98:c6:dd:55:ab:1a:d4:3f:9d:
8f:e5:05:6f:fb:1c:bb:49:f9:a4:95:dc:11:be:dc:
d5:77:c7:06:43:dc:3c:e7:51:6a:0a:d5:83:23:31:
c2:3c:9f:33:d9:57:67:8c:8a:95:08:67:db:90:c9:
81:00:e2:f1:36:34:6f:c3:12:c1:37:42:b8:7a:2e:
80:b6:5d:a6:cd:d0:c3:a5:92:23:26:4e:5f:b2:08:
01:fe:2d:c5:7f:56:76:4b:26:93:84:7e:ce:4a:c9:
f6:af:3e:03:22:37:6e:c5:2e:24:77:0a:17:33:d8:
33:f2:f9:63:0b:03:40:66:e4:94:19:43:18:2f:2c:
89:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FA:C3:EB:46:82:3F:C8:E8:81:67:F5:89:FE:F3:14:16:47:2E:47
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3frD60aCP8jogWf1if7zFBZHLkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.207.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:69:cb:a1:ed:5e:0a:a7:2e:21:8f:9f:b4:be:cb:62:7e:73:
c3:1c:84:3b:b5:29:82:80:38:c4:d3:b7:aa:ed:e9:48:52:ea:
35:74:b1:c6:81:c1:0f:96:bf:44:28:3c:d8:d5:aa:34:e7:c3:
49:a9:f0:60:fe:4b:80:91:c0:06:c0:22:9e:4d:93:09:ab:22:
fd:21:87:f5:6d:34:f7:48:be:af:af:02:08:03:cb:56:48:cd:
73:f3:c8:53:ff:81:df:19:1b:36:a7:5f:8d:46:02:49:d9:84:
02:4b:1b:f9:8a:1d:ec:12:2d:b8:e3:7d:af:e2:b5:c1:b9:40:
c7:4f:05:3a:df:88:6c:28:12:17:e4:81:5e:8b:6d:b6:33:ef:
54:cd:2a:3e:ff:ef:b3:72:6c:81:29:c5:eb:f7:eb:d2:3c:24:
5a:1a:11:52:52:70:a9:68:fb:0e:7b:c4:7c:19:bb:93:26:6c:
ac:c8:75:23:3e:5e:91:47:19:59:ca:31:b6:6e:93:01:53:1a:
77:e0:b6:01:4a:4f:2e:cf:ba:97:0a:df:ab:5a:46:c3:f9:87:
52:25:98:eb:c2:eb:f6:ef:0e:55:ec:10:a7:85:c6:da:fb:ca:
76:19:9c:9d:d6:a0:36:79:de:ed:3c:01:d3:48:fb:1a:78:20:
2e:8a:4b:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjajPwFjJI19cs+5B61GBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGZhYzNlYjQ2ODIzZmM4ZTg4MTY3ZjU4OWZlZjMxNDE2NDcyZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37mO8HJX/t88t0hSRPR6GfWw9zHy
lp3CVfuaTHx7zpSZRvYS+kWNDVww2AGezgi55ELy2QPhGVEt7e22AN/5SML1tb7M
UiQ6i49sY17teNfdyHuyFMAepNPIBDqnWhR0baq9ciBfsebPkRR0QMNDj5Mn0ZNc
u6ZNgFHiZfaYxt1VqxrUP52P5QVv+xy7SfmkldwRvtzVd8cGQ9w851FqCtWDIzHC
PJ8z2VdnjIqVCGfbkMmBAOLxNjRvwxLBN0K4ei6Atl2mzdDDpZIjJk5fsggB/i3F
f1Z2SyaThH7OSsn2rz4DIjduxS4kdwoXM9gz8vljCwNAZuSUGUMYLyyJqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN36w+tGgj/I6IFn9Yn+8xQWRy5HMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvM2ZyRDYwYUNQOGpvZ1dmMWlmN3pGQlpITGtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbfPMA0G
CSqGSIb3DQEBCwUAA4IBAQC8acuh7V4Kpy4hj5+0vstifnPDHIQ7tSmCgDjE07eq
7elIUuo1dLHGgcEPlr9EKDzY1ao058NJqfBg/kuAkcAGwCKeTZMJqyL9IYf1bTT3
SL6vrwIIA8tWSM1z88hT/4HfGRs2p1+NRgJJ2YQCSxv5ih3sEi24432v4rXBuUDH
TwU634hsKBIX5IFei222M+9UzSo+/++zcmyBKcXr9+vSPCRaGhFSUnCpaPsOe8R8
GbuTJmysyHUjPl6RRxlZyjG2bpMBUxp34LYBSk8uz7qXCt+rWkbD+YdSJZjrwuv2
7w5V7BCnhcba+8p2GZyd1qA2ed7tPAHTSPsaeCAuiktI
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:29:11 2025 by rpki-client