Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/3RGBqUK3Xv0JP7ez0P-m3VNiDHY.roa
File: 3RGBqUK3Xv0JP7ez0P-m3VNiDHY.roa (raw, json)
Hash identifier: yrCq7iHuvCP3ZZOy9TgGhkh7qYKM+uZzphtzhnPZGC4=
Subject key identifier: DD:11:81:A9:42:B7:5E:FD:09:3F:B7:B3:D0:FF:A6:DD:53:62:0C:76
Certificate issuer: /CN=13afa6ce6542e1bb523e1d03bd00a4d22b7fdaed
Certificate serial: 01942747B6B811CD5D2D6C8F533E61162E03
Authority key identifier: 13:AF:A6:CE:65:42:E1:BB:52:3E:1D:03:BD:00:A4:D2:2B:7F:DA:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E6-mzmVC4btSPh0DvQCk0it_2u0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/3RGBqUK3Xv0JP7ez0P-m3VNiDHY.roa
Signing time: Thu 02 Jan 2025 13:49:58 +0000
ROA not before: Thu 02 Jan 2025 13:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211417
IP address blocks: 185.144.92.0/22 maxlen: 24
2a03:a920::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:b6:b8:11:cd:5d:2d:6c:8f:53:3e:61:16:2e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13afa6ce6542e1bb523e1d03bd00a4d22b7fdaed
Validity
Not Before: Jan 2 13:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd1181a942b75efd093fb7b3d0ffa6dd53620c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:96:3d:07:02:b9:e0:b8:37:1d:57:1e:85:86:
18:e9:97:21:1c:0f:b7:18:be:39:1f:21:b6:33:a2:
ea:98:9d:e1:38:2e:e5:dc:ea:cf:0d:d3:0f:32:ed:
77:4d:f7:14:ee:61:35:42:f3:5d:6e:a1:5b:cf:50:
15:8c:0d:7c:1e:5b:7c:e9:08:89:56:b9:0c:c9:0d:
f2:3e:62:06:43:48:42:6e:87:1d:a0:54:88:96:d1:
e6:a0:ca:be:08:08:04:e0:ba:4e:c6:59:b5:ad:1f:
cd:94:69:96:f0:11:fe:64:3e:c4:7f:ec:db:e2:4e:
12:4b:41:2d:97:d8:b5:a6:41:e2:ca:9f:99:50:ac:
c9:10:af:6e:4f:05:44:63:43:03:54:96:da:91:14:
bb:10:1f:0f:13:8f:27:4d:55:cb:07:6b:c4:45:fa:
20:6a:86:43:0b:90:65:6a:71:bd:0c:1b:eb:1f:44:
59:2f:3b:af:a8:a0:7f:3a:04:1c:01:76:43:62:fc:
ad:14:96:33:7d:bd:e2:3e:c1:8d:16:bd:d2:d4:ab:
61:ff:4d:76:98:1d:a8:58:40:45:ce:ab:52:44:72:
f1:e2:8e:7c:5b:3c:fd:83:f9:1c:3f:17:43:19:8f:
99:ae:9d:e7:69:54:3a:f6:b1:1d:96:dc:c3:95:38:
26:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:11:81:A9:42:B7:5E:FD:09:3F:B7:B3:D0:FF:A6:DD:53:62:0C:76
X509v3 Authority Key Identifier:
keyid:13:AF:A6:CE:65:42:E1:BB:52:3E:1D:03:BD:00:A4:D2:2B:7F:DA:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E6-mzmVC4btSPh0DvQCk0it_2u0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/3RGBqUK3Xv0JP7ez0P-m3VNiDHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/E6-mzmVC4btSPh0DvQCk0it_2u0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.92.0/22
IPv6:
2a03:a920::/32
Signature Algorithm: sha256WithRSAEncryption
56:02:b9:90:6a:2d:91:dc:61:7e:0d:72:40:73:0f:95:f6:64:
09:04:39:4b:b3:0f:3e:df:d4:c2:21:41:14:24:ad:b4:a6:cc:
af:94:30:99:e4:ea:a6:2b:d5:b2:0b:11:ac:d3:77:ad:81:64:
66:fc:29:94:6b:49:ef:3f:ee:e9:41:a9:b1:1b:0f:be:ed:2c:
f6:84:c4:76:54:ed:c9:ff:86:fa:ce:5d:2d:51:5a:20:14:67:
ef:9c:b5:e9:ef:e9:15:46:b7:81:06:4a:a7:d7:91:e1:27:7e:
cd:cb:3c:cb:35:85:6c:c9:ed:0b:18:93:cf:c9:f0:37:0c:6b:
d1:ba:c9:32:a7:b4:35:fd:e6:6d:58:cf:48:a7:79:dc:a8:c8:
30:a0:c0:e7:6d:8c:ce:1f:5c:11:0d:70:3f:b8:fb:56:c5:0a:
e0:9f:ad:cd:4f:c0:80:16:a9:0f:78:d4:b1:60:4f:7d:49:cb:
93:01:e6:6a:f1:09:cc:25:7b:cd:79:48:db:56:1a:77:a2:1f:
3e:62:7e:5f:b1:69:bc:8c:33:9a:80:87:73:7f:05:2a:1b:de:
7c:ad:20:75:fa:a1:56:dc:84:fb:f9:ba:7e:cb:53:9c:fb:f9:
97:2f:b9:6a:a6:f3:e1:07:f9:4d:ae:e3:aa:54:6a:a5:76:bc:
3c:1e:59:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnR7a4Ec1dLWyPUz5hFi4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYWZhNmNlNjU0MmUxYmI1MjNlMWQwM2JkMDBhNGQyMmI3
ZmRhZWQwHhcNMjUwMTAyMTM0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDExODFhOTQyYjc1ZWZkMDkzZmI3YjNkMGZmYTZkZDUzNjIwYzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZY9BwK54Lg3HVcehYYY6ZchHA+3
GL45HyG2M6LqmJ3hOC7l3OrPDdMPMu13TfcU7mE1QvNdbqFbz1AVjA18Hlt86QiJ
VrkMyQ3yPmIGQ0hCbocdoFSIltHmoMq+CAgE4LpOxlm1rR/NlGmW8BH+ZD7Ef+zb
4k4SS0Etl9i1pkHiyp+ZUKzJEK9uTwVEY0MDVJbakRS7EB8PE48nTVXLB2vERfog
aoZDC5BlanG9DBvrH0RZLzuvqKB/OgQcAXZDYvytFJYzfb3iPsGNFr3S1Kth/012
mB2oWEBFzqtSRHLx4o58Wzz9g/kcPxdDGY+Zrp3naVQ69rEdltzDlTgmoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN0RgalCt179CT+3s9D/pt1TYgx2MB8GA1UdIwQY
MBaAFBOvps5lQuG7Uj4dA70ApNIrf9rtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTYtbXptVkM0YnRTUGgwRHZRQ2swaXRfMnUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS83MzFjN2MtOWExNy00YmNhLTk4NGMt
YzdmYmZjNGRjOWRjLzEvM1JHQnFVSzNYdjBKUDdlejBQLW0zVk5pREhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS83MzFjN2MtOWExNy00YmNhLTk4NGMtYzdmYmZjNGRjOWRj
LzEvRTYtbXptVkM0YnRTUGgwRHZRQ2swaXRfMnUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZBcMA0E
AgACMAcDBQAqA6kgMA0GCSqGSIb3DQEBCwUAA4IBAQBWArmQai2R3GF+DXJAcw+V
9mQJBDlLsw8+39TCIUEUJK20psyvlDCZ5OqmK9WyCxGs03etgWRm/CmUa0nvP+7p
QamxGw++7Sz2hMR2VO3J/4b6zl0tUVogFGfvnLXp7+kVRreBBkqn15HhJ37NyzzL
NYVsye0LGJPPyfA3DGvRuskyp7Q1/eZtWM9Ip3ncqMgwoMDnbYzOH1wRDXA/uPtW
xQrgn63NT8CAFqkPeNSxYE99ScuTAeZq8QnMJXvNeUjbVhp3oh8+Yn5fsWm8jDOa
gIdzfwUqG958rSB1+qFW3IT7+bp+y1Oc+/mXL7lqpvPhB/lNruOqVGqldrw8Hlm0
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net