Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3pS_1tOu2xMITsrOP9oXIVzOcoM.roa
File: 3pS_1tOu2xMITsrOP9oXIVzOcoM.roa (raw, json)
Hash identifier: Qrx5ZqbtQ9+0anNOAnvUoLyCsn8CUpTkZ3ybYrjnCJQ=
Subject key identifier: DE:94:BF:D6:D3:AE:DB:13:08:4E:CA:CE:3F:DA:17:21:5C:CE:72:83
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A4C0B373457788810F05C41DC221B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3pS_1tOu2xMITsrOP9oXIVzOcoM.roa
Signing time: Wed 01 Jan 2025 19:49:16 +0000
ROA not before: Wed 01 Jan 2025 19:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 140096
IP address blocks: 185.188.5.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:4c:0b:37:34:57:78:88:10:f0:5c:41:dc:22:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de94bfd6d3aedb13084ecace3fda17215cce7283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:50:7f:a1:41:d9:b1:7d:a2:b9:39:7c:d9:15:
39:91:b1:b9:2e:02:df:8b:4a:2d:89:4d:dc:36:dc:
73:62:29:be:7b:2c:f2:12:b8:72:ca:ed:34:35:e3:
ae:95:ea:22:ef:07:9c:9c:e2:4a:af:2a:05:fd:43:
73:0a:32:85:15:de:77:5d:93:29:e8:a4:3d:4b:e8:
3e:25:c2:22:b7:6a:43:cf:8f:00:69:5a:3b:ae:30:
aa:06:9e:56:46:f0:54:88:d5:fe:38:9c:f7:4e:c4:
13:ce:af:13:6e:54:0a:de:18:dd:d9:ca:bd:f5:3f:
98:06:b9:d0:d7:a4:8d:25:f6:26:12:42:6e:68:39:
b9:cc:b0:78:0f:c8:fc:3a:e4:c9:8e:09:40:5f:ea:
a9:c4:b7:e4:57:26:f1:cc:b9:05:dc:53:f5:c8:e4:
a0:8c:70:c6:ae:83:c5:d9:c5:3d:f4:75:0a:b7:72:
86:70:58:d7:8b:a7:3c:1e:14:f5:08:e1:87:09:0d:
98:80:c0:8c:13:aa:94:4a:86:ce:db:23:cd:b3:f7:
33:8b:90:28:43:3e:d6:59:3d:a4:75:71:23:3b:5b:
99:3b:51:aa:b9:12:ce:65:22:ed:1e:2f:e2:79:ef:
a7:c0:ca:68:e7:cc:29:ad:f4:87:1d:fd:e8:c7:14:
a9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:94:BF:D6:D3:AE:DB:13:08:4E:CA:CE:3F:DA:17:21:5C:CE:72:83
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/3pS_1tOu2xMITsrOP9oXIVzOcoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.5.0/24
Signature Algorithm: sha256WithRSAEncryption
98:90:5d:d2:1c:55:69:63:6d:2f:70:96:26:94:eb:ed:79:45:
ab:ac:78:4f:79:70:0a:49:a6:64:67:b3:69:0f:fc:2d:f7:92:
31:c7:82:97:c5:3d:b6:9c:be:8a:25:bb:9c:be:56:6c:30:b6:
45:54:a4:bf:13:cc:f4:ea:84:5b:4c:59:d8:64:53:b5:38:ef:
75:9b:af:b0:a5:0c:6f:0f:82:4d:15:7e:dc:e4:c1:c5:ad:d4:
51:0b:80:64:4c:3b:0b:aa:26:28:ce:7f:1b:25:cf:fd:33:18:
a7:0c:23:b4:d5:75:5c:a2:29:7e:56:fb:61:c4:e5:bf:be:de:
9e:5b:3c:9d:a8:a0:f0:49:6c:62:b0:41:2e:06:5f:1d:10:68:
79:19:84:7a:2a:39:7c:03:66:45:aa:27:bf:bb:a9:ce:d7:bb:
16:cd:ba:d1:6b:f9:3f:a9:45:d0:41:ff:24:65:59:df:d6:c5:
7f:f3:c8:42:5a:68:a9:9e:d0:e6:d8:26:2c:96:ca:5d:fe:32:
ca:1c:14:b8:70:2b:be:63:55:4f:a4:84:61:ce:7d:3d:db:69:
3c:dc:de:88:86:4b:af:6a:88:21:60:ad:3f:9d:ae:05:9f:36:
3a:71:fa:76:dc:df:52:ee:cf:ec:17:d7:3d:95:04:da:21:79:
0c:7e:cd:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjakwLNzRXeIgQ8FxB3CIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTk0YmZkNmQzYWVkYjEzMDg0ZWNhY2UzZmRhMTcyMTVjY2U3MjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VB/oUHZsX2iuTl82RU5kbG5LgLf
i0otiU3cNtxzYim+eyzyErhyyu00NeOuleoi7wecnOJKryoF/UNzCjKFFd53XZMp
6KQ9S+g+JcIit2pDz48AaVo7rjCqBp5WRvBUiNX+OJz3TsQTzq8TblQK3hjd2cq9
9T+YBrnQ16SNJfYmEkJuaDm5zLB4D8j8OuTJjglAX+qpxLfkVybxzLkF3FP1yOSg
jHDGroPF2cU99HUKt3KGcFjXi6c8HhT1COGHCQ2YgMCME6qUSobO2yPNs/czi5Ao
Qz7WWT2kdXEjO1uZO1GquRLOZSLtHi/iee+nwMpo58wprfSHHf3oxxSprQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6Uv9bTrtsTCE7Kzj/aFyFcznKDMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvM3BTXzF0T3UyeE1JVHNyT1A5b1hJVnpPY29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubwFMA0G
CSqGSIb3DQEBCwUAA4IBAQCYkF3SHFVpY20vcJYmlOvteUWrrHhPeXAKSaZkZ7Np
D/wt95Ixx4KXxT22nL6KJbucvlZsMLZFVKS/E8z06oRbTFnYZFO1OO91m6+wpQxv
D4JNFX7c5MHFrdRRC4BkTDsLqiYozn8bJc/9MxinDCO01XVcoil+VvthxOW/vt6e
WzydqKDwSWxisEEuBl8dEGh5GYR6Kjl8A2ZFqie/u6nO17sWzbrRa/k/qUXQQf8k
ZVnf1sV/88hCWmipntDm2CYslspd/jLKHBS4cCu+Y1VPpIRhzn0922k83N6Ihkuv
aoghYK0/na4FnzY6cfp23N9S7s/sF9c9lQTaIXkMfs1d
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:16:38 2025 by rpki-client