Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Obsr3_Q8ibyn0IDJhF_y3nTEHDI.roa
File: Obsr3_Q8ibyn0IDJhF_y3nTEHDI.roa (raw, json)
Hash identifier: GroZMGldayph8EZlfkx1fNR96xbgq1y1FdZFUJ6uhDg=
Subject key identifier: 39:BB:2B:DF:F4:3C:89:BC:A7:D0:80:C9:84:5F:F2:DE:74:C4:1C:32
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AEFC80F5F5648D7441446415FDC4E6
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Obsr3_Q8ibyn0IDJhF_y3nTEHDI.roa
Signing time: Tue 26 Nov 2024 13:35:18 +0000
ROA not before: Tue 26 Nov 2024 13:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396580
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:ae:fc:80:f5:f5:64:8d:74:41:44:64:15:fd:c4:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39bb2bdff43c89bca7d080c9845ff2de74c41c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b8:27:3f:c5:d5:16:bd:23:a2:25:24:35:a2:
a3:2f:61:5f:0a:97:50:92:78:d6:3a:2e:68:90:e2:
ca:d1:7a:72:9c:41:73:14:30:9c:84:99:d8:0f:3d:
79:32:f8:4b:84:84:fe:3e:74:32:a8:b9:f9:70:ed:
aa:58:43:7e:c3:5f:cd:4c:d6:3c:dd:2f:9f:3b:36:
74:ce:58:e5:71:0f:31:ee:92:12:21:7b:21:a6:69:
45:81:49:76:57:bb:56:5a:29:36:09:ff:7d:c1:13:
d6:86:09:b0:14:91:28:f9:61:8f:e6:6c:8f:96:d9:
77:a7:f7:44:88:24:d7:6c:35:56:4b:b0:62:f0:f8:
00:6e:af:11:60:c9:05:77:e6:01:fc:75:f4:52:22:
74:a3:cf:7c:83:51:2e:bf:50:a4:6c:24:c9:2b:02:
0d:d4:5c:1f:ce:25:0d:91:01:02:d6:a4:0f:fd:ee:
da:b1:08:ff:af:03:63:b2:5b:81:54:fa:8d:cc:6a:
fa:d0:93:71:22:9d:ff:f2:38:71:73:24:d3:73:5a:
47:5f:64:a0:90:1c:81:2a:4f:cf:1b:b0:c2:ec:47:
48:b5:0a:da:9d:a6:ad:26:2b:7e:f2:8a:74:ac:8d:
f8:17:22:ba:51:c6:4e:a7:24:1c:ef:29:c8:2d:80:
8f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:BB:2B:DF:F4:3C:89:BC:A7:D0:80:C9:84:5F:F2:DE:74:C4:1C:32
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Obsr3_Q8ibyn0IDJhF_y3nTEHDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
9f:b7:94:de:da:41:c3:c0:1b:f3:06:48:45:9e:27:a9:27:99:
1d:7d:dd:70:d5:87:7c:29:c2:98:0f:6e:fd:41:39:51:dd:11:
c3:d4:81:20:7e:cc:33:56:29:f3:e4:71:88:ac:6d:5c:23:5a:
e2:99:98:c2:5e:76:d4:be:0c:a6:b8:f8:36:db:94:24:a7:53:
ab:48:15:79:d3:6d:76:b6:f3:2d:f6:bf:c6:94:d6:86:f6:17:
3a:91:d3:0d:33:79:7f:db:b3:48:54:49:d5:25:63:a9:de:18:
8e:2b:c6:3d:3d:4f:08:8b:96:d0:c0:7d:9a:41:6e:1d:d4:44:
f0:4d:77:30:45:ad:b7:94:c1:9f:54:4f:8c:d3:6e:ad:24:4c:
87:b4:74:96:d9:2b:c3:c4:cd:3a:ce:dc:99:82:de:7b:c3:8f:
23:23:88:7c:39:20:df:3a:89:51:4f:ee:b5:7d:79:53:ed:7e:
d5:ed:12:ac:19:53:37:49:87:26:6e:e0:f5:32:40:97:62:c0:
02:77:69:b3:5f:da:ac:f5:d9:5c:49:f9:02:5b:2a:3d:37:7d:
6f:4d:15:ff:21:7c:ea:df:3e:10:90:dd:e1:76:ae:be:19:83:
fe:37:70:c8:0b:fa:5d:4a:42:aa:8e:fa:9c:0a:6e:05:33:72:
7d:d9:a9:43
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNorvyA9fVkjXRBRGQV/cTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWJiMmJkZmY0M2M4OWJjYTdkMDgwYzk4NDVmZjJkZTc0YzQxYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLgnP8XVFr0joiUkNaKjL2FfCpdQ
knjWOi5okOLK0XpynEFzFDCchJnYDz15MvhLhIT+PnQyqLn5cO2qWEN+w1/NTNY8
3S+fOzZ0zljlcQ8x7pISIXshpmlFgUl2V7tWWik2Cf99wRPWhgmwFJEo+WGP5myP
ltl3p/dEiCTXbDVWS7Bi8PgAbq8RYMkFd+YB/HX0UiJ0o898g1Euv1CkbCTJKwIN
1FwfziUNkQEC1qQP/e7asQj/rwNjsluBVPqNzGr60JNxIp3/8jhxcyTTc1pHX2Sg
kByBKk/PG7DC7EdItQranaatJit+8op0rI34FyK6UcZOpyQc7ynILYCPBwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDm7K9/0PIm8p9CAyYRf8t50xBwyMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvT2JzcjNfUThpYnluMElESmhGX3kzblRFSERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAJ+3lN7aQcPAG/MGSEWeJ6knmR193XDV
h3wpwpgPbv1BOVHdEcPUgSB+zDNWKfPkcYisbVwjWuKZmMJedtS+DKa4+DbblCSn
U6tIFXnTbXa28y32v8aU1ob2FzqR0w0zeX/bs0hUSdUlY6neGI4rxj09TwiLltDA
fZpBbh3URPBNdzBFrbeUwZ9UT4zTbq0kTIe0dJbZK8PEzTrO3JmC3nvDjyMjiHw5
IN86iVFP7rV9eVPtftXtEqwZUzdJhyZu4PUyQJdiwAJ3abNf2qz12VxJ+QJbKj03
fW9NFf8hfOrfPhCQ3eF2rr4Zg/43cMgL+l1KQqqO+pwKbgUzcn3ZqUM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:39 2025 by rpki-client