Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/3bXgf6qiHkZ7wpe3NbEbqd19UII.roa
File: 3bXgf6qiHkZ7wpe3NbEbqd19UII.roa (raw, json)
Hash identifier: GFgPfBtoaTen3iMblZ9KSc5rE6intd3/umoBeZq+ejs=
Subject key identifier: DD:B5:E0:7F:AA:A2:1E:46:7B:C2:97:B7:35:B1:1B:A9:DD:7D:50:82
Certificate issuer: /CN=391a0ecc2b9beaba9eb76d5519fe787b4033fc12
Certificate serial: 0195BF9CA837D4B41BB7A82A1DA345697F97
Authority key identifier: 39:1A:0E:CC:2B:9B:EA:BA:9E:B7:6D:55:19:FE:78:7B:40:33:FC:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORoOzCub6rqet21VGf54e0Az_BI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/3bXgf6qiHkZ7wpe3NbEbqd19UII.roa
Signing time: Sat 22 Mar 2025 20:47:49 +0000
ROA not before: Sat 22 Mar 2025 20:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50887
IP address blocks: 188.214.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bf:9c:a8:37:d4:b4:1b:b7:a8:2a:1d:a3:45:69:7f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=391a0ecc2b9beaba9eb76d5519fe787b4033fc12
Validity
Not Before: Mar 22 20:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddb5e07faaa21e467bc297b735b11ba9dd7d5082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a5:a9:92:52:79:91:c6:36:04:83:f9:76:c4:
f4:d5:75:bf:50:71:bc:8b:ae:49:76:3f:fb:28:9c:
49:65:f7:d3:f5:95:15:0c:2c:6a:0a:6d:81:99:b4:
65:c2:31:77:de:ba:ca:d7:79:87:64:6e:bd:33:2d:
2f:48:32:90:99:b8:21:67:ec:81:d6:e0:01:19:e8:
be:47:8b:0a:f5:14:da:b4:5f:b2:63:48:de:06:b8:
94:52:00:80:d4:5e:dc:36:32:b7:72:2d:ac:6b:79:
8c:76:7f:45:53:22:e3:7e:93:10:73:9e:82:d8:b2:
fc:2a:6a:be:25:1e:d9:9b:7f:bc:ce:97:bd:1d:10:
b7:6c:a3:e8:66:c9:96:71:f8:2c:2c:fb:48:eb:23:
85:a4:07:a1:58:ed:f2:83:37:2a:6a:b3:4b:73:0f:
ea:9b:f7:ef:60:64:20:e0:72:ea:5b:f7:0a:39:70:
ce:37:e8:ab:81:8f:2f:b9:a5:fd:8e:18:0e:32:ae:
40:2e:62:df:8d:55:18:31:d2:ac:0e:0b:66:5f:e1:
bf:a2:5f:85:16:cb:ff:2b:a0:07:c7:bf:ea:60:d7:
81:f9:d6:63:d9:da:06:65:99:e1:8a:f9:7c:b7:4f:
22:6e:5d:6d:e9:54:19:14:bb:55:5f:2f:20:30:a6:
08:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B5:E0:7F:AA:A2:1E:46:7B:C2:97:B7:35:B1:1B:A9:DD:7D:50:82
X509v3 Authority Key Identifier:
keyid:39:1A:0E:CC:2B:9B:EA:BA:9E:B7:6D:55:19:FE:78:7B:40:33:FC:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORoOzCub6rqet21VGf54e0Az_BI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/3bXgf6qiHkZ7wpe3NbEbqd19UII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/ORoOzCub6rqet21VGf54e0Az_BI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.31.0/24
Signature Algorithm: sha256WithRSAEncryption
33:dc:97:d6:e8:db:90:e9:41:c2:25:6f:43:7e:4b:4d:f6:37:
0c:d3:be:5e:56:52:d9:80:c0:6a:9f:b3:c6:9f:38:e5:74:d0:
8d:dc:b8:dc:6c:5b:b3:2b:b4:58:be:62:3f:ff:0f:76:95:93:
e8:1f:c7:66:07:ad:88:b1:02:3b:86:c2:ae:db:15:98:ff:ce:
27:96:ad:18:61:82:dc:10:5b:3e:3a:54:a4:76:4b:db:25:f3:
19:92:a1:85:db:5c:b9:fa:fc:8b:66:89:71:f4:90:93:ac:e9:
6d:6e:35:6a:ab:a3:c5:d5:d1:21:6f:54:c2:4d:57:fb:6b:b0:
1c:84:e2:09:17:6c:d9:0b:63:58:32:68:07:0d:75:98:eb:10:
00:fe:02:37:8a:e2:cf:c4:49:4d:c6:d5:29:9a:72:2b:18:68:
26:84:dc:d2:6a:5c:71:d4:78:a4:45:65:f4:ae:9d:ab:ea:e5:
77:13:c6:17:96:25:f5:2a:af:9f:b4:1f:99:9c:da:7a:ae:e8:
d0:a9:d8:e1:af:fe:20:e6:7d:73:c6:d8:9f:8d:8b:15:4c:d8:
ff:a3:9e:2b:96:2a:fb:f5:b2:1f:ac:47:da:a6:29:c0:9a:67:
11:de:f7:79:a3:4f:cc:ba:1f:5a:7c:1e:a7:2c:13:b8:c7:97:
81:b8:b1:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZW/nKg31LQbt6gqHaNFaX+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWEwZWNjMmI5YmVhYmE5ZWI3NmQ1NTE5ZmU3ODdiNDAz
M2ZjMTIwHhcNMjUwMzIyMjA0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGI1ZTA3ZmFhYTIxZTQ2N2JjMjk3YjczNWIxMWJhOWRkN2Q1MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqWpklJ5kcY2BIP5dsT01XW/UHG8
i65Jdj/7KJxJZffT9ZUVDCxqCm2BmbRlwjF33rrK13mHZG69My0vSDKQmbghZ+yB
1uABGei+R4sK9RTatF+yY0jeBriUUgCA1F7cNjK3ci2sa3mMdn9FUyLjfpMQc56C
2LL8Kmq+JR7Zm3+8zpe9HRC3bKPoZsmWcfgsLPtI6yOFpAehWO3ygzcqarNLcw/q
m/fvYGQg4HLqW/cKOXDON+irgY8vuaX9jhgOMq5ALmLfjVUYMdKsDgtmX+G/ol+F
Fsv/K6AHx7/qYNeB+dZj2doGZZnhivl8t08ibl1t6VQZFLtVXy8gMKYIjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN214H+qoh5Ge8KXtzWxG6ndfVCCMB8GA1UdIwQY
MBaAFDkaDswrm+q6nrdtVRn+eHtAM/wSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JvT3pDdWI2cnFldDIxVkdmNTRlMEF6X0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9jMjdjZDEtNTcwYi00N2QxLWIyNTYt
MTgxNDIyM2Q5MmNlLzEvM2JYZ2Y2cWlIa1o3d3BlM05iRWJxZDE5VUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9jMjdjZDEtNTcwYi00N2QxLWIyNTYtMTgxNDIyM2Q5MmNl
LzEvT1JvT3pDdWI2cnFldDIxVkdmNTRlMEF6X0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNYfMA0G
CSqGSIb3DQEBCwUAA4IBAQAz3JfW6NuQ6UHCJW9DfktN9jcM075eVlLZgMBqn7PG
nzjldNCN3LjcbFuzK7RYvmI//w92lZPoH8dmB62IsQI7hsKu2xWY/84nlq0YYYLc
EFs+OlSkdkvbJfMZkqGF21y5+vyLZolx9JCTrOltbjVqq6PF1dEhb1TCTVf7a7Ac
hOIJF2zZC2NYMmgHDXWY6xAA/gI3iuLPxElNxtUpmnIrGGgmhNzSalxx1HikRWX0
rp2r6uV3E8YXliX1Kq+ftB+ZnNp6rujQqdjhr/4g5n1zxtifjYsVTNj/o54rlir7
9bIfrEfapinAmmcR3vd5o0/Muh9afB6nLBO4x5eBuLHp
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:17:55 2025 by rpki-client