Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/rz3xCyQBYp3-AwqwmEwKzHQ3rLg.roa
File: rz3xCyQBYp3-AwqwmEwKzHQ3rLg.roa (raw, json)
Hash identifier: cipmVWKNiITa5sYDceWwd1TdjOH1FN06GF78AEGpNUM=
Subject key identifier: AF:3D:F1:0B:24:01:62:9D:FE:03:0A:B0:98:4C:0A:CC:74:37:AC:B8
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AEF3CAA0D2EA626B684A2A048877A9
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/rz3xCyQBYp3-AwqwmEwKzHQ3rLg.roa
Signing time: Tue 26 Nov 2024 13:35:16 +0000
ROA not before: Tue 26 Nov 2024 13:35:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396562
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:ae:f3:ca:a0:d2:ea:62:6b:68:4a:2a:04:88:77:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af3df10b2401629dfe030ab0984c0acc7437acb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7b:44:4e:1c:48:bb:4c:80:0c:24:91:76:6d:
a0:2c:9a:29:c5:a2:31:88:3b:e8:62:77:1f:71:9b:
10:7c:ae:03:fb:d9:65:25:91:02:db:bd:38:4f:71:
c3:6e:bf:ee:72:35:12:29:f7:0b:89:95:05:05:67:
90:37:20:d2:b3:6a:79:a2:d3:f5:0e:66:ee:cc:78:
e3:60:d5:f1:31:c7:37:88:30:df:74:18:70:24:15:
95:46:4c:4b:7c:46:5a:60:f6:68:21:c5:39:a6:11:
d8:fc:ec:d8:05:99:a6:1f:e9:06:ae:69:43:e9:af:
87:40:9d:6a:be:32:75:da:9d:42:d3:56:25:2f:38:
38:d8:9a:1f:c9:62:97:b6:21:7c:36:96:2d:23:04:
b0:d0:d5:e8:82:31:27:60:f5:43:57:9a:43:81:56:
5c:4c:75:ce:1b:47:a7:c3:87:9c:bc:27:82:e8:b4:
94:8b:36:b0:4b:6e:d8:2e:0c:0a:70:1f:bf:04:d9:
6b:67:7e:24:40:5b:90:a8:f3:fa:65:5e:de:cc:13:
de:a8:a8:98:2b:af:31:31:cc:dc:7a:bf:31:b2:ec:
fe:4d:cd:ef:49:3c:d0:69:6a:51:ff:9a:ed:83:aa:
92:81:51:ec:fc:b7:7a:1e:bc:f4:ce:ea:b1:93:df:
3c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3D:F1:0B:24:01:62:9D:FE:03:0A:B0:98:4C:0A:CC:74:37:AC:B8
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/rz3xCyQBYp3-AwqwmEwKzHQ3rLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
31:bc:7d:77:6c:b7:40:37:cf:f9:38:07:5a:b4:4f:86:dc:a8:
64:86:32:4f:dd:27:84:c6:95:ed:45:4f:3e:50:94:cc:da:af:
7b:f7:32:78:86:83:82:9b:6d:a3:de:ae:53:79:50:03:3c:84:
05:2c:f7:73:78:ce:7f:29:18:13:f3:3a:83:5f:18:a0:b3:49:
01:aa:cd:29:7f:ca:57:b7:3e:f6:7e:0e:47:65:fa:f6:0e:2e:
6b:1d:7c:5c:cc:9f:91:a3:5a:de:68:6a:98:ad:ea:e4:ac:46:
9d:5c:0c:01:91:b7:49:2a:40:d1:4c:2b:75:e5:d8:05:6b:0b:
6d:56:96:ca:e9:e4:67:1e:9e:b9:7a:52:6e:27:f8:34:32:6c:
a4:ce:7a:47:15:0f:27:ba:6c:49:03:44:22:04:df:53:cc:b8:
c3:e0:1d:a7:c4:7e:25:f6:ec:a9:98:00:29:5d:18:68:82:bb:
fc:76:23:0f:29:54:67:da:fb:8a:1b:79:8a:c0:8c:08:45:cf:
29:77:31:b8:a9:db:6d:3d:2d:0f:32:22:0a:45:43:2d:e6:e4:
48:77:e4:33:e8:b8:c0:db:88:89:58:1b:d4:b8:da:25:f5:c7:
14:57:d6:b2:d5:ac:68:35:e3:9d:5b:aa:40:46:fe:25:b3:6c:
83:4e:00:d2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNorvPKoNLqYmtoSioEiHepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjNkZjEwYjI0MDE2MjlkZmUwMzBhYjA5ODRjMGFjYzc0MzdhY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3tEThxIu0yADCSRdm2gLJopxaIx
iDvoYncfcZsQfK4D+9llJZEC2704T3HDbr/ucjUSKfcLiZUFBWeQNyDSs2p5otP1
DmbuzHjjYNXxMcc3iDDfdBhwJBWVRkxLfEZaYPZoIcU5phHY/OzYBZmmH+kGrmlD
6a+HQJ1qvjJ12p1C01YlLzg42JofyWKXtiF8NpYtIwSw0NXogjEnYPVDV5pDgVZc
THXOG0enw4ecvCeC6LSUizawS27YLgwKcB+/BNlrZ34kQFuQqPP6ZV7ezBPeqKiY
K68xMczcer8xsuz+Tc3vSTzQaWpR/5rtg6qSgVHs/Ld6Hrz0zuqxk9885wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK898QskAWKd/gMKsJhMCsx0N6y4MB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvcnozeEN5UUJZcDMtQXdxd21Fd0t6SFEzckxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBADG8fXdst0A3z/k4B1q0T4bcqGSGMk/d
J4TGle1FTz5QlMzar3v3MniGg4KbbaPerlN5UAM8hAUs93N4zn8pGBPzOoNfGKCz
SQGqzSl/yle3PvZ+Dkdl+vYOLmsdfFzMn5GjWt5oapit6uSsRp1cDAGRt0kqQNFM
K3Xl2AVrC21Wlsrp5Gcenrl6Um4n+DQybKTOekcVDye6bEkDRCIE31PMuMPgHafE
fiX27KmYACldGGiCu/x2Iw8pVGfa+4obeYrAjAhFzyl3Mbip2209LQ8yIgpFQy3m
5Eh35DPouMDbiIlYG9S42iX1xxRX1rLVrGg1451bqkBG/iWzbINOANI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:48 2025 by rpki-client