Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/3z_hCQPug6V4m9xkstRZsP40Tfs.roa
File: 3z_hCQPug6V4m9xkstRZsP40Tfs.roa (raw, json)
Hash identifier: cwnVGLLf1nQI5U8l0+mm70qiUtzVpTMx/mmlCrzQ9JI=
Subject key identifier: DF:3F:E1:09:03:EE:83:A5:78:9B:DC:64:B2:D4:59:B0:FE:34:4D:FB
Certificate issuer: /CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Certificate serial: 019421B23ECEEC18DB4D8D8782A9ADFEAB2B
Authority key identifier: 44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/3z_hCQPug6V4m9xkstRZsP40Tfs.roa
Signing time: Wed 01 Jan 2025 11:48:37 +0000
ROA not before: Wed 01 Jan 2025 11:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25473
IP address blocks: 82.196.160.0/19 maxlen: 19
2a01:e8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3e:ce:ec:18:db:4d:8d:87:82:a9:ad:fe:ab:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Validity
Not Before: Jan 1 11:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df3fe10903ee83a5789bdc64b2d459b0fe344dfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b9:e2:1b:9c:77:cc:4d:bc:95:de:5a:63:84:
e2:98:f4:49:f6:19:17:cf:7b:b2:ec:bc:ca:3e:70:
6d:12:7a:1a:d3:a1:8a:54:8e:d0:4d:34:41:50:a8:
7d:22:1d:82:84:8d:ee:9b:ad:6c:de:93:b0:b0:3b:
2c:c7:c9:1b:15:82:68:28:44:b5:f1:b2:0e:95:78:
2e:bd:21:43:7b:8f:f1:07:7f:ea:ec:0c:6a:5c:81:
26:7f:21:87:a3:a5:e6:d6:52:13:f4:da:de:9d:13:
85:9b:9e:65:1e:26:e8:33:20:15:81:ee:ec:40:60:
96:60:48:8a:66:d1:30:0f:29:6e:fc:b4:d5:b9:6e:
2e:44:72:94:4e:36:4d:56:54:24:02:68:06:a0:95:
19:c0:66:3c:5a:b1:2d:e5:09:33:e5:9c:03:36:75:
c2:33:d2:83:28:38:48:8e:5d:e8:60:8e:6a:d0:15:
ef:6d:e6:41:fc:59:ae:b6:a6:b3:ce:15:72:2c:a7:
33:85:4d:a6:56:38:be:75:39:22:21:2d:d7:77:bb:
f1:96:e6:aa:21:b1:b9:64:f4:d1:98:c3:b2:71:bd:
34:6e:4c:93:dc:48:2e:53:90:fe:ed:bb:02:c6:d0:
3a:a2:c8:4c:8c:1d:8c:72:29:1c:ba:61:78:ea:0c:
43:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3F:E1:09:03:EE:83:A5:78:9B:DC:64:B2:D4:59:B0:FE:34:4D:FB
X509v3 Authority Key Identifier:
keyid:44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/3z_hCQPug6V4m9xkstRZsP40Tfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/RKfloz2cWpZdn7_e7NyHGvCl1Pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.160.0/19
IPv6:
2a01:e8::/32
Signature Algorithm: sha256WithRSAEncryption
76:ca:b8:69:b6:37:d6:11:f5:8b:fc:13:40:26:ed:e7:64:91:
d0:76:7a:2a:37:8e:2b:cd:2a:67:4b:c0:c8:d6:96:57:e1:a5:
fa:45:b9:5d:41:ca:e1:52:04:08:c4:12:44:48:7b:d1:a7:f2:
89:5d:f5:d7:d4:07:b1:5e:3b:eb:9a:f5:76:b7:42:97:b9:c6:
5f:d8:d9:18:90:6c:4c:a3:15:90:ee:9a:26:f0:f4:d7:fe:5b:
a0:2a:4f:78:39:5f:d9:f4:b4:f9:1d:94:32:cf:22:e0:71:da:
5c:1c:59:29:2a:02:b3:7c:44:2f:e7:22:ed:5f:d7:be:c9:41:
93:cb:2d:e9:6c:be:7f:b9:f2:73:85:b2:af:b9:d7:5f:6c:a8:
97:d7:6a:4a:81:ba:5b:43:c7:5d:19:53:43:17:f5:66:28:20:
9b:da:3c:d8:0f:9b:f8:b1:07:b6:2d:02:d7:1f:90:68:f1:47:
3e:00:a1:17:cc:de:32:dc:5a:4b:64:24:69:21:74:31:77:1d:
a3:84:b5:d5:a5:4d:6c:ae:b1:fb:a7:9c:dd:34:15:ca:a4:4d:
20:88:fa:67:c6:7d:42:5d:05:ae:be:13:57:26:33:b3:bd:44:
c4:32:1b:04:b5:50:2b:19:d6:e1:4e:94:a9:0e:fb:dd:e1:85:
e8:bc:4c:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsj7O7BjbTY2Hgqmt/qsrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTdlNWEzM2Q5YzVhOTY1ZDlmYmZkZWVjZGM4NzFhZjBh
NWQ0ZjgwHhcNMjUwMTAxMTE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjNmZTEwOTAzZWU4M2E1Nzg5YmRjNjRiMmQ0NTliMGZlMzQ0ZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrniG5x3zE28ld5aY4TimPRJ9hkX
z3uy7LzKPnBtEnoa06GKVI7QTTRBUKh9Ih2ChI3um61s3pOwsDssx8kbFYJoKES1
8bIOlXguvSFDe4/xB3/q7AxqXIEmfyGHo6Xm1lIT9NrenROFm55lHiboMyAVge7s
QGCWYEiKZtEwDylu/LTVuW4uRHKUTjZNVlQkAmgGoJUZwGY8WrEt5Qkz5ZwDNnXC
M9KDKDhIjl3oYI5q0BXvbeZB/FmutqazzhVyLKczhU2mVji+dTkiIS3Xd7vxluaq
IbG5ZPTRmMOycb00bkyT3EguU5D+7bsCxtA6oshMjB2McikcumF46gxDnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN8/4QkD7oOleJvcZLLUWbD+NE37MB8GA1UdIwQY
MBaAFESn5aM9nFqWXZ+/3uzchxrwpdT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYt
MjFjZjU2Y2JjZTEyLzEvM3pfaENRUHVnNlY0bTl4a3N0UlpzUDQwVGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wZDgwODgtZWE5My00YWJiLTg5OTYtMjFjZjU2Y2JjZTEy
LzEvUktmbG96MmNXcFpkbjdfZTdOeUhHdkNsMVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFUsSgMA0E
AgACMAcDBQAqAQDoMA0GCSqGSIb3DQEBCwUAA4IBAQB2yrhptjfWEfWL/BNAJu3n
ZJHQdnoqN44rzSpnS8DI1pZX4aX6RbldQcrhUgQIxBJESHvRp/KJXfXX1AexXjvr
mvV2t0KXucZf2NkYkGxMoxWQ7pom8PTX/lugKk94OV/Z9LT5HZQyzyLgcdpcHFkp
KgKzfEQv5yLtX9e+yUGTyy3pbL5/ufJzhbKvuddfbKiX12pKgbpbQ8ddGVNDF/Vm
KCCb2jzYD5v4sQe2LQLXH5Bo8Uc+AKEXzN4y3FpLZCRpIXQxdx2jhLXVpU1srrH7
p5zdNBXKpE0giPpnxn1CXQWuvhNXJjOzvUTEMhsEtVArGdbhTpSpDvvd4YXovEx3
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:49:26 2025 by rpki-client