Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/2DDfXUiH85YC1X3PgfdtyKVgjPw.roa
File: 2DDfXUiH85YC1X3PgfdtyKVgjPw.roa (raw, json)
Hash identifier: IX38bNkkduAXN8SBzl133Uzin5uXQV9chMH9hhrcGco=
Subject key identifier: D8:30:DF:5D:48:87:F3:96:02:D5:7D:CF:81:F7:6D:C8:A5:60:8C:FC
Certificate issuer: /CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9
Certificate serial: 0194228D87BB637B6AA94741C05037038CCA
Authority key identifier: 39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/2DDfXUiH85YC1X3PgfdtyKVgjPw.roa
Signing time: Wed 01 Jan 2025 15:48:08 +0000
ROA not before: Wed 01 Jan 2025 15:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 149457
IP address blocks: 195.190.130.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:87:bb:63:7b:6a:a9:47:41:c0:50:37:03:8c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3936daf03756baf83ba4f38dbe5d68cb9baceff9
Validity
Not Before: Jan 1 15:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d830df5d4887f39602d57dcf81f76dc8a5608cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:9b:0e:58:08:24:f2:36:12:3c:a4:ab:62:05:
15:f3:1c:9b:d1:84:00:21:93:e0:cd:48:9e:a9:ae:
07:3e:4d:fa:f1:c7:b5:b8:86:be:57:9f:d6:67:76:
48:fb:18:30:b6:8a:8d:9c:2c:f7:a3:50:e9:80:21:
8f:d4:ab:15:dd:84:f9:ce:23:07:48:49:57:2e:7b:
61:cd:f0:a7:8b:30:2f:e5:5e:91:1e:77:45:20:7c:
ed:8c:4d:42:61:9c:a3:d0:2c:26:9f:9c:71:5c:43:
79:44:b1:05:25:81:00:72:01:9f:79:e8:4a:28:5e:
14:54:cb:41:f7:97:c5:3b:0d:55:2e:de:ab:58:63:
87:f1:d9:ed:2e:02:8b:f2:68:1f:74:de:8c:7f:f9:
08:1b:c0:51:09:bb:71:51:00:9b:ac:88:f2:ff:88:
22:11:b0:02:bc:fe:a3:9c:67:93:99:e1:d5:7d:67:
e6:dc:60:9a:a3:bf:c0:3c:04:58:19:d0:d0:c6:06:
19:d1:59:53:a3:ea:67:8e:db:8c:8e:af:6d:7d:b7:
1e:3b:5d:e3:e9:41:91:a6:01:9d:79:c5:85:4c:5c:
5a:4c:f8:c9:86:71:52:34:eb:f1:1f:ee:58:80:88:
66:1f:2d:23:2b:f9:c4:80:8b:5e:31:5a:52:0a:4a:
74:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:30:DF:5D:48:87:F3:96:02:D5:7D:CF:81:F7:6D:C8:A5:60:8C:FC
X509v3 Authority Key Identifier:
keyid:39:36:DA:F0:37:56:BA:F8:3B:A4:F3:8D:BE:5D:68:CB:9B:AC:EF:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OTba8DdWuvg7pPONvl1oy5us7_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/2DDfXUiH85YC1X3PgfdtyKVgjPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/04ea33-83aa-4e56-98cc-f95f66d6055c/1/OTba8DdWuvg7pPONvl1oy5us7_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.130.0/24
Signature Algorithm: sha256WithRSAEncryption
42:42:35:c9:48:23:84:6e:04:e0:97:47:9c:d1:c9:10:92:92:
88:0f:01:ff:fa:c5:7b:01:23:d4:f5:b7:0e:38:00:1d:1d:c6:
bc:c3:b8:37:62:de:83:41:1d:2f:b8:77:79:d2:3a:50:60:67:
19:88:63:40:bc:30:70:bd:4b:73:10:29:02:31:4a:83:31:7c:
97:a8:61:88:b7:08:59:1c:a8:7b:42:96:2b:48:fc:ff:82:0d:
06:d1:1c:16:4b:22:fc:28:5a:7f:7e:20:34:42:7b:61:aa:be:
7b:6e:6a:e9:6a:81:cc:8f:67:e3:b8:a8:73:68:34:76:7d:ac:
e1:66:8f:ce:90:2a:d9:86:48:8b:83:6d:db:8c:2c:37:2c:61:
7a:7c:62:67:e3:84:b7:3e:a1:60:3f:82:f4:02:1c:b5:53:47:
83:fd:9f:97:ca:0f:a2:5a:49:b6:bf:ab:a1:1e:fb:3c:03:64:
1b:84:ee:09:d9:2e:53:3c:4c:60:e0:ec:19:2b:05:9c:f2:d4:
2d:73:6f:db:be:f5:7e:4d:9c:cf:d4:60:00:2c:29:08:9e:eb:
04:16:7c:9a:9d:91:7c:13:54:c8:ff:71:53:4a:0a:3e:81:00:
25:ab:1e:d8:4b:74:fa:4e:d4:9e:39:35:73:7e:94:89:4b:bc:
52:ec:9b:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijYe7Y3tqqUdBwFA3A4zKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MzZkYWYwMzc1NmJhZjgzYmE0ZjM4ZGJlNWQ2OGNiOWJh
Y2VmZjkwHhcNMjUwMTAxMTU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODMwZGY1ZDQ4ODdmMzk2MDJkNTdkY2Y4MWY3NmRjOGE1NjA4Y2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA45sOWAgk8jYSPKSrYgUV8xyb0YQA
IZPgzUieqa4HPk368ce1uIa+V5/WZ3ZI+xgwtoqNnCz3o1DpgCGP1KsV3YT5ziMH
SElXLnthzfCnizAv5V6RHndFIHztjE1CYZyj0Cwmn5xxXEN5RLEFJYEAcgGfeehK
KF4UVMtB95fFOw1VLt6rWGOH8dntLgKL8mgfdN6Mf/kIG8BRCbtxUQCbrIjy/4gi
EbACvP6jnGeTmeHVfWfm3GCao7/APARYGdDQxgYZ0VlTo+pnjtuMjq9tfbceO13j
6UGRpgGdecWFTFxaTPjJhnFSNOvxH+5YgIhmHy0jK/nEgIteMVpSCkp0JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNgw311Ih/OWAtV9z4H3bcilYIz8MB8GA1UdIwQY
MBaAFDk22vA3Vrr4O6Tzjb5daMubrO/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2Mt
Zjk1ZjY2ZDYwNTVjLzEvMkREZlhVaUg4NVlDMVgzUGdmZHR5S1ZnalB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8wNGVhMzMtODNhYS00ZTU2LTk4Y2MtZjk1ZjY2ZDYwNTVj
LzEvT1RiYThEZFd1dmc3cFBPTnZsMW95NXVzN19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw76CMA0G
CSqGSIb3DQEBCwUAA4IBAQBCQjXJSCOEbgTgl0ec0ckQkpKIDwH/+sV7ASPU9bcO
OAAdHca8w7g3Yt6DQR0vuHd50jpQYGcZiGNAvDBwvUtzECkCMUqDMXyXqGGItwhZ
HKh7QpYrSPz/gg0G0RwWSyL8KFp/fiA0Qnthqr57bmrpaoHMj2fjuKhzaDR2fazh
Zo/OkCrZhkiLg23bjCw3LGF6fGJn44S3PqFgP4L0Ahy1U0eD/Z+Xyg+iWkm2v6uh
Hvs8A2QbhO4J2S5TPExg4OwZKwWc8tQtc2/bvvV+TZzP1GAALCkInusEFnyanZF8
E1TI/3FTSgo+gQAlqx7YS3T6TtSeOTVzfpSJS7xS7Ju7
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:11:18 2025 by rpki-client