Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/3ebe30-ee89-48de-874c-b469db10b68a/1/3tamc3sOw67HPVcPTfi-B2O8yU0.roa
File: 3tamc3sOw67HPVcPTfi-B2O8yU0.roa (raw, json)
Hash identifier: VKiy/+EDaLvbaW8IRlukGidMdNs6XDi7iV1i6VLWYS0=
Subject key identifier: DE:D6:A6:73:7B:0E:C3:AE:C7:3D:57:0F:4D:F8:BE:07:63:BC:C9:4D
Certificate issuer: /CN=654d96672a59ec3895fc15847aca1b29db791244
Certificate serial: 019428237704A623822D5B199070E69E349C
Authority key identifier: 65:4D:96:67:2A:59:EC:38:95:FC:15:84:7A:CA:1B:29:DB:79:12:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZU2WZypZ7DiV_BWEesobKdt5EkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebe30-ee89-48de-874c-b469db10b68a/1/3tamc3sOw67HPVcPTfi-B2O8yU0.roa
Signing time: Thu 02 Jan 2025 17:50:00 +0000
ROA not before: Thu 02 Jan 2025 17:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 327909
IP address blocks: 193.151.244.0/24 maxlen: 24
2a13:6040::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:77:04:a6:23:82:2d:5b:19:90:70:e6:9e:34:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=654d96672a59ec3895fc15847aca1b29db791244
Validity
Not Before: Jan 2 17:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ded6a6737b0ec3aec73d570f4df8be0763bcc94d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b6:f9:74:d2:58:78:73:c9:fc:9c:4c:2c:7b:
49:60:a4:95:00:41:c0:ff:9f:88:85:21:a7:86:0c:
32:f9:8d:16:93:c8:b4:9e:2f:00:dc:de:eb:fe:cc:
ce:4f:e5:f8:63:b3:ec:5f:3b:9e:8f:98:12:71:d9:
04:55:48:ea:b9:41:76:4a:20:c9:80:05:3d:68:10:
72:59:9c:1f:4c:ef:ab:6a:f4:69:66:a1:d8:88:9b:
01:45:0c:ce:ab:49:4d:90:02:d5:b9:26:aa:02:f4:
5d:38:c7:5d:af:4b:c0:79:a1:37:26:10:55:df:3f:
18:56:f4:f5:ab:1b:57:0f:d8:c0:75:a9:8e:92:26:
5f:e4:ab:dc:82:2c:c3:d0:ff:53:2e:02:83:30:55:
c9:fa:4f:41:1c:a9:fe:65:c5:16:2c:a8:dc:21:0c:
1d:bb:f9:7b:51:29:e5:22:12:36:40:03:af:67:3c:
57:06:6a:dc:fa:35:91:cb:99:c9:4a:b4:7d:65:ac:
11:80:0a:db:39:2b:01:ba:72:a9:7b:7c:55:ac:53:
6a:3d:7c:0d:e2:03:52:42:13:98:e7:ea:50:62:bb:
24:57:26:88:ce:ed:7e:a3:fe:74:c7:f1:74:ef:e7:
9a:7b:69:16:2b:69:4b:6c:68:f4:b2:8f:12:8c:4c:
8b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D6:A6:73:7B:0E:C3:AE:C7:3D:57:0F:4D:F8:BE:07:63:BC:C9:4D
X509v3 Authority Key Identifier:
keyid:65:4D:96:67:2A:59:EC:38:95:FC:15:84:7A:CA:1B:29:DB:79:12:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU2WZypZ7DiV_BWEesobKdt5EkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebe30-ee89-48de-874c-b469db10b68a/1/3tamc3sOw67HPVcPTfi-B2O8yU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3ebe30-ee89-48de-874c-b469db10b68a/1/ZU2WZypZ7DiV_BWEesobKdt5EkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.244.0/24
IPv6:
2a13:6040::/29
Signature Algorithm: sha256WithRSAEncryption
5c:7a:6a:ff:c8:7c:3c:53:89:0e:bf:ff:42:c7:b3:44:b2:35:
e1:fb:ba:8f:c1:2a:10:62:0c:b6:83:3e:54:fa:8f:bc:d7:66:
21:f5:21:ea:b3:41:73:5a:b1:38:4f:c4:71:da:ec:2e:38:89:
c7:8b:e5:be:e0:dc:ba:09:f9:19:7a:ba:20:f6:df:a5:65:da:
79:fe:38:cf:78:7c:07:38:94:64:bb:0f:e3:2e:b7:1f:9e:80:
43:fb:b0:ac:ab:00:22:19:d0:bd:96:36:97:6b:f0:6b:59:ee:
93:5f:f8:2d:9f:eb:ab:3f:f7:99:80:8b:af:79:d6:86:6e:50:
e8:3e:99:2d:86:f2:af:f2:fa:54:7f:e6:c3:e5:00:1e:ad:66:
ca:34:f6:11:e6:5c:f5:f6:53:ed:8b:c5:81:e2:04:c7:7e:df:
b2:1a:5e:66:54:68:5e:9a:13:3a:95:cb:42:bf:df:cc:b6:49:
b9:32:bd:db:66:b7:53:72:41:66:f8:f3:53:c2:f7:e0:02:f2:
d8:5d:5c:7a:eb:de:f8:92:14:35:d5:1c:4a:b6:e2:f2:7c:46:
9f:af:5d:b3:5f:74:c8:7e:d9:38:bb:0b:4b:53:5c:21:d0:ee:
73:c6:b9:66:18:26:ec:87:87:c6:20:11:98:1f:7f:70:3b:9f:
58:fb:5e:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoI3cEpiOCLVsZkHDmnjScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NGQ5NjY3MmE1OWVjMzg5NWZjMTU4NDdhY2ExYjI5ZGI3
OTEyNDQwHhcNMjUwMTAyMTc1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWQ2YTY3MzdiMGVjM2FlYzczZDU3MGY0ZGY4YmUwNzYzYmNjOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLb5dNJYeHPJ/JxMLHtJYKSVAEHA
/5+IhSGnhgwy+Y0Wk8i0ni8A3N7r/szOT+X4Y7PsXzuej5gScdkEVUjquUF2SiDJ
gAU9aBByWZwfTO+ravRpZqHYiJsBRQzOq0lNkALVuSaqAvRdOMddr0vAeaE3JhBV
3z8YVvT1qxtXD9jAdamOkiZf5KvcgizD0P9TLgKDMFXJ+k9BHKn+ZcUWLKjcIQwd
u/l7USnlIhI2QAOvZzxXBmrc+jWRy5nJSrR9ZawRgArbOSsBunKpe3xVrFNqPXwN
4gNSQhOY5+pQYrskVyaIzu1+o/50x/F07+eae2kWK2lLbGj0so8SjEyLvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN7WpnN7DsOuxz1XD034vgdjvMlNMB8GA1UdIwQY
MBaAFGVNlmcqWew4lfwVhHrKGynbeRJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlUyV1p5cFo3RGlWX0JXRWVzb2JLZHQ1RWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zZWJlMzAtZWU4OS00OGRlLTg3NGMt
YjQ2OWRiMTBiNjhhLzEvM3RhbWMzc093NjdIUFZjUFRmaS1CMk84eVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zZWJlMzAtZWU4OS00OGRlLTg3NGMtYjQ2OWRiMTBiNjhh
LzEvWlUyV1p5cFo3RGlWX0JXRWVzb2JLZHQ1RWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwZf0MA0E
AgACMAcDBQMqE2BAMA0GCSqGSIb3DQEBCwUAA4IBAQBcemr/yHw8U4kOv/9Cx7NE
sjXh+7qPwSoQYgy2gz5U+o+812Yh9SHqs0FzWrE4T8Rx2uwuOInHi+W+4Ny6CfkZ
erog9t+lZdp5/jjPeHwHOJRkuw/jLrcfnoBD+7CsqwAiGdC9ljaXa/BrWe6TX/gt
n+urP/eZgIuvedaGblDoPpkthvKv8vpUf+bD5QAerWbKNPYR5lz19lPti8WB4gTH
ft+yGl5mVGhemhM6lctCv9/Mtkm5Mr3bZrdTckFm+PNTwvfgAvLYXVx66974khQ1
1RxKtuLyfEafr12zX3TIftk4uwtLU1wh0O5zxrlmGCbsh4fGIBGYH39wO59Y+14z
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:08:35 2025 by rpki-client