Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/3hIGYNFfKZSPS43DHn16a7udvQU.roa
File: 3hIGYNFfKZSPS43DHn16a7udvQU.roa (raw, json)
Hash identifier: PO9alNl+RVGZRgdIqxYjT0QoK3HKd4jp7Hnx9+MHpAA=
Subject key identifier: DE:12:06:60:D1:5F:29:94:8F:4B:8D:C3:1E:7D:7A:6B:BB:9D:BD:05
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 0195A189FD032F239AAA73324C4B3455E725
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/3hIGYNFfKZSPS43DHn16a7udvQU.roa
Signing time: Mon 17 Mar 2025 00:38:49 +0000
ROA not before: Mon 17 Mar 2025 00:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4515
IP address blocks: 188.209.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a1:89:fd:03:2f:23:9a:aa:73:32:4c:4b:34:55:e7:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Mar 17 00:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de120660d15f29948f4b8dc31e7d7a6bbb9dbd05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ff:fa:b3:ea:e7:8e:a8:99:40:62:3a:83:9a:
10:12:93:9b:bc:27:7b:4e:08:19:9a:d8:e4:2c:cb:
b4:03:2e:30:c0:a3:09:b1:0f:a5:9e:74:26:1d:13:
70:b3:70:ac:a7:f2:f5:8d:6c:79:06:ed:3d:4f:b7:
9b:9b:16:9d:c9:b1:02:0b:cc:da:c1:f0:c1:14:f9:
d3:27:18:81:a8:11:f1:c7:3d:db:b8:9c:d2:eb:9f:
76:9d:f4:84:de:a5:2c:56:23:d6:f6:d8:e3:35:72:
fb:ae:e8:18:ff:e0:9e:03:0c:87:08:92:94:20:da:
0a:55:23:bf:de:7e:2a:42:b3:0b:f2:f8:62:f6:27:
a0:20:6f:7b:f0:0d:7f:10:ae:37:b2:cc:5e:0b:71:
f7:b4:0b:89:c2:fb:3b:aa:6d:9b:1f:db:00:52:e1:
38:63:ef:95:f3:18:57:aa:e4:23:a9:3a:ef:73:b2:
76:b5:dd:ff:59:e7:ce:26:2e:09:2a:0a:ec:1b:f8:
09:4a:b2:7c:05:c6:d1:6d:1f:32:36:7d:33:da:f7:
16:a5:ae:db:19:fb:0c:96:d6:3d:cd:2d:42:a5:3d:
de:1c:b6:b9:40:64:e9:63:bd:91:32:5f:14:00:34:
58:f8:91:a5:8e:61:da:2d:fc:2a:16:0e:4a:5b:f3:
90:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:12:06:60:D1:5F:29:94:8F:4B:8D:C3:1E:7D:7A:6B:BB:9D:BD:05
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/3hIGYNFfKZSPS43DHn16a7udvQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.141.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:cb:bf:c9:c1:e8:4b:bf:73:10:8c:fc:80:87:6f:03:1f:01:
62:43:9c:80:e8:67:17:13:75:b1:21:55:7c:2b:56:29:56:e8:
c7:1d:f6:12:d9:b0:e1:cd:1e:dc:d8:29:80:9f:ee:0f:9a:de:
d7:e3:30:72:5f:89:33:c0:98:1e:5b:88:3e:88:b9:8f:5c:b2:
16:56:9a:5b:73:f1:fb:50:32:16:2b:90:88:95:49:21:95:03:
44:4f:80:91:90:94:c8:31:ff:55:79:c2:65:d0:74:03:2f:77:
5e:f1:d0:c1:b1:64:e9:7d:f6:20:b2:d0:b2:32:4a:53:86:e4:
63:3f:cc:a1:70:58:ed:52:b1:0d:42:cb:1a:5a:65:6a:5e:ad:
e6:01:7c:b4:c6:7c:fb:6c:cd:49:1e:bd:b4:2c:4b:b4:41:cc:
5f:c9:b4:22:1c:ad:68:b3:af:d3:10:b4:c9:93:87:6d:a2:d6:
25:ad:ca:d4:ad:b9:67:2e:79:91:9a:9d:32:ea:c7:57:8e:f7:
97:9e:9f:57:23:ef:aa:c9:57:55:89:1e:c7:29:70:4f:cb:27:
34:f4:6b:6d:29:9e:bf:c3:d7:df:88:d0:54:a4:d5:a7:af:54:
86:a0:c0:fd:94:30:69:f9:50:ee:d7:3e:e6:59:aa:3c:81:d2:
47:08:69:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWhif0DLyOaqnMyTEs0VeclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMzE3MDAzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEyMDY2MGQxNWYyOTk0OGY0YjhkYzMxZTdkN2E2YmJiOWRiZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf/6s+rnjqiZQGI6g5oQEpObvCd7
TggZmtjkLMu0Ay4wwKMJsQ+lnnQmHRNws3Csp/L1jWx5Bu09T7ebmxadybECC8za
wfDBFPnTJxiBqBHxxz3buJzS6592nfSE3qUsViPW9tjjNXL7rugY/+CeAwyHCJKU
INoKVSO/3n4qQrML8vhi9iegIG978A1/EK43ssxeC3H3tAuJwvs7qm2bH9sAUuE4
Y++V8xhXquQjqTrvc7J2td3/WefOJi4JKgrsG/gJSrJ8BcbRbR8yNn0z2vcWpa7b
GfsMltY9zS1CpT3eHLa5QGTpY72RMl8UADRY+JGljmHaLfwqFg5KW/OQ/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4SBmDRXymUj0uNwx59emu7nb0FMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvM2hJR1lORmZLWlNQUzQzREhuMTZhN3VkdlFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGNMA0G
CSqGSIb3DQEBCwUAA4IBAQBPy7/JwehLv3MQjPyAh28DHwFiQ5yA6GcXE3WxIVV8
K1YpVujHHfYS2bDhzR7c2CmAn+4Pmt7X4zByX4kzwJgeW4g+iLmPXLIWVppbc/H7
UDIWK5CIlUkhlQNET4CRkJTIMf9VecJl0HQDL3de8dDBsWTpffYgstCyMkpThuRj
P8yhcFjtUrENQssaWmVqXq3mAXy0xnz7bM1JHr20LEu0QcxfybQiHK1os6/TELTJ
k4dtotYlrcrUrblnLnmRmp0y6sdXjveXnp9XI++qyVdViR7HKXBPyyc09GttKZ6/
w9ffiNBUpNWnr1SGoMD9lDBp+VDu1z7mWao8gdJHCGli
-----END CERTIFICATE-----
Generated at Tue Mar 25 18:05:40 2025 by rpki-client on console.sobornost.net