Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/3RInciSdJGuSvDB_51KkkZIJFSM.roa
File: 3RInciSdJGuSvDB_51KkkZIJFSM.roa (raw, json)
Hash identifier: 3/HjzRtzuMbFeOMatgJOwMZQLWYkmzjLRu3ceCOI8Rg=
Subject key identifier: DD:12:27:72:24:9D:24:6B:92:BC:30:7F:E7:52:A4:91:92:09:15:23
Certificate issuer: /CN=cfd6e161dcfb7b72775149d435b79ba9d56d1417
Certificate serial: 019421B1A3056782AB867AC0FEA583DC357D
Authority key identifier: CF:D6:E1:61:DC:FB:7B:72:77:51:49:D4:35:B7:9B:A9:D5:6D:14:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/3RInciSdJGuSvDB_51KkkZIJFSM.roa
Signing time: Wed 01 Jan 2025 11:47:57 +0000
ROA not before: Wed 01 Jan 2025 11:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5400
IP address blocks: 195.171.36.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a3:05:67:82:ab:86:7a:c0:fe:a5:83:dc:35:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfd6e161dcfb7b72775149d435b79ba9d56d1417
Validity
Not Before: Jan 1 11:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd122772249d246b92bc307fe752a49192091523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f9:e5:1b:a3:71:76:a0:da:21:71:ea:60:7e:
80:a9:96:1b:a1:3c:32:85:2e:a6:0f:d6:5b:a4:a7:
11:2b:ef:eb:e1:98:53:d9:53:7c:28:a7:01:f7:b0:
cd:3b:90:6e:1a:c2:0c:2e:1b:f3:e4:f8:99:5c:9e:
34:dd:3f:82:8f:74:8e:55:88:ff:c2:56:94:f2:f6:
90:b6:5c:af:7b:e1:c4:44:a4:01:4b:34:b2:db:3d:
68:9f:c8:8a:d9:17:d8:f6:c3:8f:db:5b:d8:9a:40:
bc:2e:dc:53:eb:4b:ef:ce:8b:4d:2e:1d:53:f6:3d:
71:2d:54:e8:cc:12:f5:c5:01:0a:0a:ed:0d:a1:08:
c1:cc:2f:34:34:39:b9:54:b9:a8:c7:1c:35:31:1b:
2f:9c:c7:a0:45:3d:72:dd:61:fd:76:2b:1a:04:26:
e7:8f:2b:1a:fc:f8:54:4c:04:bd:bc:a0:8a:52:d6:
4e:15:e3:f4:0c:53:ce:43:1b:9a:9c:d8:37:f1:2b:
ed:1a:c5:63:cf:7a:f0:d3:34:79:4b:a7:9e:e4:b9:
a9:18:b1:bb:83:76:8a:b5:af:39:8b:6a:cc:d6:08:
6f:51:21:07:4a:8e:dd:5b:b3:bd:f2:d4:a8:10:52:
51:b5:d5:d1:8e:e0:20:60:01:3f:ec:f7:cb:7b:12:
22:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:12:27:72:24:9D:24:6B:92:BC:30:7F:E7:52:A4:91:92:09:15:23
X509v3 Authority Key Identifier:
keyid:CF:D6:E1:61:DC:FB:7B:72:77:51:49:D4:35:B7:9B:A9:D5:6D:14:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9bhYdz7e3J3UUnUNbebqdVtFBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/3RInciSdJGuSvDB_51KkkZIJFSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/852140-a27f-449b-b5ff-223742ee4375/1/z9bhYdz7e3J3UUnUNbebqdVtFBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.171.36.0/22
Signature Algorithm: sha256WithRSAEncryption
49:15:01:6a:7e:d5:32:7c:34:f9:01:c6:3f:79:a0:cd:22:ec:
71:a6:56:c8:dc:30:f8:d8:f4:37:7c:ae:c6:53:66:1d:47:69:
64:9f:5e:8a:69:ae:b9:0e:2b:2c:17:d0:91:54:c7:dd:a6:c5:
a0:3e:61:6f:46:9f:88:c0:2b:e3:d0:90:b8:23:27:22:14:19:
a0:9a:57:49:d1:d1:28:24:e4:82:fa:15:67:30:97:e9:3e:61:
c0:5c:8f:df:a8:9f:6b:62:f7:80:0e:54:d5:02:4e:e8:14:f9:
85:74:c6:fc:4c:70:5b:43:a1:6a:83:0b:93:9e:a8:b6:45:cc:
d0:49:69:c6:f0:fe:2c:66:e1:8b:3e:6e:36:32:ce:c1:9f:e2:
5f:f0:23:7f:2e:ef:16:3a:29:ba:e8:e3:20:ae:28:df:8b:9d:
e4:3d:db:2b:3b:b0:6b:e7:6f:62:32:c9:a3:13:bb:49:30:b7:
07:d9:e3:57:5b:66:f6:2a:8b:44:45:09:07:4f:70:d8:35:4d:
40:12:bc:bc:2d:9e:48:8f:e3:42:ed:1c:d1:0f:0d:09:f1:6f:
5f:23:f6:b2:ab:eb:0f:9b:c8:7d:28:13:ca:ef:79:8f:0c:f2:
07:1a:e7:3b:c0:bb:b4:9b:3f:51:f4:cf:08:4c:65:b5:5e:b2:
6a:06:64:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsaMFZ4KrhnrA/qWD3DV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZDZlMTYxZGNmYjdiNzI3NzUxNDlkNDM1Yjc5YmE5ZDU2
ZDE0MTcwHhcNMjUwMTAxMTE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDEyMjc3MjI0OWQyNDZiOTJiYzMwN2ZlNzUyYTQ5MTkyMDkxNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4PnlG6NxdqDaIXHqYH6AqZYboTwy
hS6mD9ZbpKcRK+/r4ZhT2VN8KKcB97DNO5BuGsIMLhvz5PiZXJ403T+Cj3SOVYj/
wlaU8vaQtlyve+HERKQBSzSy2z1on8iK2RfY9sOP21vYmkC8LtxT60vvzotNLh1T
9j1xLVTozBL1xQEKCu0NoQjBzC80NDm5VLmoxxw1MRsvnMegRT1y3WH9disaBCbn
jysa/PhUTAS9vKCKUtZOFeP0DFPOQxuanNg38SvtGsVjz3rw0zR5S6ee5LmpGLG7
g3aKta85i2rM1ghvUSEHSo7dW7O98tSoEFJRtdXRjuAgYAE/7PfLexIiVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN0SJ3IknSRrkrwwf+dSpJGSCRUjMB8GA1UdIwQY
MBaAFM/W4WHc+3tyd1FJ1DW3m6nVbRQXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejliaFlkejdlM0ozVVVuVU5iZWJxZFZ0RkJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS84NTIxNDAtYTI3Zi00NDliLWI1ZmYt
MjIzNzQyZWU0Mzc1LzEvM1JJbmNpU2RKR3VTdkRCXzUxS2trWklKRlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS84NTIxNDAtYTI3Zi00NDliLWI1ZmYtMjIzNzQyZWU0Mzc1
LzEvejliaFlkejdlM0ozVVVuVU5iZWJxZFZ0RkJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw6skMA0G
CSqGSIb3DQEBCwUAA4IBAQBJFQFqftUyfDT5AcY/eaDNIuxxplbI3DD42PQ3fK7G
U2YdR2lkn16Kaa65DissF9CRVMfdpsWgPmFvRp+IwCvj0JC4IyciFBmgmldJ0dEo
JOSC+hVnMJfpPmHAXI/fqJ9rYveADlTVAk7oFPmFdMb8THBbQ6FqgwuTnqi2RczQ
SWnG8P4sZuGLPm42Ms7Bn+Jf8CN/Lu8WOim66OMgrijfi53kPdsrO7Br529iMsmj
E7tJMLcH2eNXW2b2KotERQkHT3DYNU1AEry8LZ5Ij+NC7RzRDw0J8W9fI/ayq+sP
m8h9KBPK73mPDPIHGuc7wLu0mz9R9M8ITGW1XrJqBmSN
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:01 2025 by rpki-client on console.sobornost.net