Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/3cGL8dlItyNx0ujADjdxejSUo1w.roa
File: 3cGL8dlItyNx0ujADjdxejSUo1w.roa (raw, json)
Hash identifier: yaTdyFTHQ9yJW1xp2WAZxcHghp1YiRXSYqMzJH+BnVY=
Subject key identifier: DD:C1:8B:F1:D9:48:B7:23:71:D2:E8:C0:0E:37:71:7A:34:94:A3:5C
Certificate issuer: /CN=ff36ed3375a6a895cadd49e0ecd4299454b3b89c
Certificate serial: 0AC3C2C4
Authority key identifier: FF:36:ED:33:75:A6:A8:95:CA:DD:49:E0:EC:D4:29:94:54:B3:B8:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zbtM3WmqJXK3Ung7NQplFSzuJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/3cGL8dlItyNx0ujADjdxejSUo1w.roa
Signing time: Sun 19 Jun 2022 01:31:44 +0000
ROA not before: Sun 19 Jun 2022 01:31:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399916
IP address blocks: 91.188.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180601540 (0xac3c2c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff36ed3375a6a895cadd49e0ecd4299454b3b89c
Validity
Not Before: Jun 19 01:31:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddc18bf1d948b72371d2e8c00e37717a3494a35c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fd:07:84:0c:ae:68:e6:37:9e:f1:6e:b0:80:
f9:f1:ae:32:6e:8e:96:49:a8:45:73:f0:47:c1:ab:
42:52:ab:3b:82:1f:5b:7e:c0:13:ab:1a:e7:67:65:
99:de:cf:81:a6:51:d9:3f:5b:49:66:f7:fd:38:ce:
5d:86:42:8a:e8:0b:0f:ef:ee:81:59:24:ea:f6:ea:
39:12:28:9b:d5:d6:7b:20:a3:fa:49:a4:73:a2:43:
31:b2:ae:50:86:3b:2b:b0:c2:f2:94:18:c7:47:24:
1e:9d:d7:a3:3c:3d:13:53:3f:e4:cb:af:53:ee:2c:
75:ba:3d:03:af:2a:d5:f1:2a:de:21:4c:3d:85:56:
1c:e2:37:eb:69:14:ce:c3:e0:b9:97:65:b5:92:d3:
89:de:78:89:c3:08:d3:6b:36:5d:62:3b:1f:1d:da:
77:ca:7d:87:b0:1a:73:1a:36:b5:0c:be:91:ec:7b:
d7:41:52:06:14:80:c8:49:8d:5f:bc:46:82:60:65:
57:77:87:51:77:ee:f2:89:b1:c1:17:b0:4e:fb:ff:
98:41:94:66:de:56:f2:80:12:e5:b3:12:c3:d7:aa:
9e:e3:4a:d5:6b:12:fb:b0:59:db:d5:e1:c7:6a:fc:
5a:72:8a:be:a6:e9:10:e8:4b:96:44:1f:ec:c4:f5:
1d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C1:8B:F1:D9:48:B7:23:71:D2:E8:C0:0E:37:71:7A:34:94:A3:5C
X509v3 Authority Key Identifier:
keyid:FF:36:ED:33:75:A6:A8:95:CA:DD:49:E0:EC:D4:29:94:54:B3:B8:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zbtM3WmqJXK3Ung7NQplFSzuJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/3cGL8dlItyNx0ujADjdxejSUo1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/3bc840-8329-4389-a34b-ec190b1ceaca/1/_zbtM3WmqJXK3Ung7NQplFSzuJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.253.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ce:42:7d:7c:6e:b5:5b:09:4d:d1:39:6e:3b:f9:61:04:64:
8e:8c:c4:51:32:3d:c9:a0:0c:79:37:01:12:56:48:61:08:7d:
ee:fd:6d:c3:ad:03:9c:ab:e9:9d:3d:68:16:2f:4f:b7:23:fe:
d0:c4:70:bf:3c:51:10:8d:9b:7e:e3:d9:65:6a:9f:a6:7d:05:
a2:ce:c3:ef:c8:bf:00:b4:64:89:fe:e5:13:dc:b5:c1:64:d1:
d2:36:7f:e7:33:d6:6d:19:89:d9:1b:70:15:f3:60:ac:12:20:
25:0e:d0:42:25:d6:c3:4f:e3:0c:dc:fe:ca:fc:32:c8:a8:0f:
88:84:a4:10:b9:c3:29:42:ba:f8:6c:e1:06:3a:d4:61:91:6b:
37:bb:fd:bc:f2:c3:f3:18:d0:7e:3d:cd:32:59:58:04:c1:5e:
38:af:44:5c:28:80:8f:f6:88:7a:ba:65:e9:e9:e6:b4:0d:ba:
a4:7a:ec:60:3e:d7:2d:b8:4b:95:6b:96:f2:d6:a3:8b:13:cf:
67:ff:9c:7e:8c:72:e6:2d:5e:73:7a:49:14:e4:0d:a5:75:57:
90:84:5e:bd:52:1c:03:4e:dc:88:45:1c:90:db:eb:26:4e:af:
9c:69:9c:13:4f:3e:41:94:84:88:59:36:54:54:f7:5a:12:61:
d2:b6:d4:34
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECsPCxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjM2ZWQzMzc1YTZhODk1Y2FkZDQ5ZTBlY2Q0Mjk5NDU0YjNiODljMB4XDTIyMDYx
OTAxMzE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRjMThiZjFkOTQ4
YjcyMzcxZDJlOGMwMGUzNzcxN2EzNDk0YTM1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMn9B4QMrmjmN57xbrCA+fGuMm6OlkmoRXPwR8GrQlKrO4If
W37AE6sa52dlmd7PgaZR2T9bSWb3/TjOXYZCiugLD+/ugVkk6vbqORIom9XWeyCj
+kmkc6JDMbKuUIY7K7DC8pQYx0ckHp3Xozw9E1M/5MuvU+4sdbo9A68q1fEq3iFM
PYVWHOI362kUzsPguZdltZLTid54icMI02s2XWI7Hx3ad8p9h7Aacxo2tQy+kex7
10FSBhSAyEmNX7xGgmBlV3eHUXfu8omxwRewTvv/mEGUZt5W8oAS5bMSw9eqnuNK
1WsS+7BZ29Xhx2r8WnKKvqbpEOhLlkQf7MT1HbkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTdwYvx2Ui3I3HS6MAON3F6NJSjXDAfBgNVHSMEGDAWgBT/Nu0zdaaolcrd
SeDs1CmUVLO4nDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L196YnRNM1dtcUpYSzNVbmc3TlFwbEZTenVKdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvM2JjODQwLTgzMjktNDM4OS1hMzRiLWVjMTkwYjFjZWFjYS8x
LzNjR0w4ZGxJdHlOeDB1akFEamR4ZWpTVW8xdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
M2JjODQwLTgzMjktNDM4OS1hMzRiLWVjMTkwYjFjZWFjYS8xL196YnRNM1dtcUpY
SzNVbmc3TlFwbEZTenVKdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFu8/TANBgkqhkiG9w0BAQsFAAOC
AQEATM5CfXxutVsJTdE5bjv5YQRkjozEUTI9yaAMeTcBElZIYQh97v1tw60DnKvp
nT1oFi9PtyP+0MRwvzxREI2bfuPZZWqfpn0Fos7D78i/ALRkif7lE9y1wWTR0jZ/
5zPWbRmJ2RtwFfNgrBIgJQ7QQiXWw0/jDNz+yvwyyKgPiISkELnDKUK6+GzhBjrU
YZFrN7v9vPLD8xjQfj3NMllYBMFeOK9EXCiAj/aIerpl6enmtA26pHrsYD7XLbhL
lWuW8tajixPPZ/+cfoxy5i1ec3pJFOQNpXVXkIRevVIcA07ciEUckNvrJk6vnGmc
E08+QZSEiFk2VFT3WhJh0rbUNA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:28 2025 by rpki-client