Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/3LyGnKUrtS-bd3Yu3eH07LtQYR8.roa
File: 3LyGnKUrtS-bd3Yu3eH07LtQYR8.roa (raw, json)
Hash identifier: 5NomKYbD4FvnokbGtOTNPOIwbgTTBvKVyFQCl7SiC8k=
Subject key identifier: DC:BC:86:9C:A5:2B:B5:2F:9B:77:76:2E:DD:E1:F4:EC:BB:50:61:1F
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 01951F5FBC6D7080FE7A0DFB31AB1760FCB0
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/3LyGnKUrtS-bd3Yu3eH07LtQYR8.roa
Signing time: Wed 19 Feb 2025 18:02:02 +0000
ROA not before: Wed 19 Feb 2025 18:02:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213043
IP address blocks: 194.35.228.0/22 maxlen: 22
194.99.40.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1f:5f:bc:6d:70:80:fe:7a:0d:fb:31:ab:17:60:fc:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Feb 19 18:02:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcbc869ca52bb52f9b77762edde1f4ecbb50611f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e9:bf:a2:74:5a:59:6e:ea:25:9b:bd:02:da:
4b:26:bf:eb:de:1d:58:e9:c4:a6:20:9f:3d:03:f6:
e7:37:c1:d1:4e:89:36:11:62:e9:f9:84:68:8f:f8:
a0:01:cb:86:0e:e7:65:c9:59:74:1c:b4:4c:a0:44:
a2:0f:7c:88:76:9b:18:4f:d1:1c:d7:51:ce:b5:4b:
eb:35:02:b1:01:25:4f:28:d8:8b:59:f8:bc:d6:ec:
fa:b5:e0:44:0b:4f:df:12:e3:78:3b:1e:94:b4:b7:
30:39:ad:d5:0d:ce:c0:0f:8b:34:56:6e:f7:6a:73:
e9:3c:15:32:21:3f:58:1a:b8:25:be:b2:a2:2e:73:
2b:e0:c6:3c:de:fb:86:a6:49:0a:ac:0f:87:43:85:
6d:e9:b8:d1:b9:6b:55:06:47:87:da:eb:2c:36:09:
48:a8:08:49:ac:b5:4b:df:db:0a:1d:39:ce:95:04:
83:74:69:fa:22:8d:da:7c:a0:37:2b:6c:df:74:2f:
dc:cd:ea:3a:f8:33:48:4c:43:a0:26:c5:eb:4a:82:
72:ff:06:ef:47:97:66:b6:3e:7e:39:56:6a:61:a7:
f1:3e:6a:d0:63:1e:06:4c:49:a2:5e:6d:86:a7:64:
a0:f5:34:79:fb:3f:68:78:cb:78:4c:4d:b3:d7:cf:
f3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:BC:86:9C:A5:2B:B5:2F:9B:77:76:2E:DD:E1:F4:EC:BB:50:61:1F
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/3LyGnKUrtS-bd3Yu3eH07LtQYR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.228.0/22
194.99.40.0/22
Signature Algorithm: sha256WithRSAEncryption
30:de:dd:b4:4b:16:dd:79:1b:2c:f5:5c:e2:7d:e7:28:9c:9c:
00:d0:46:e0:08:57:af:27:22:52:da:ee:62:7f:5f:fd:0a:64:
fa:fe:9a:98:ca:06:6b:95:04:ab:71:a0:b6:ed:d0:4c:9e:44:
29:ef:3f:dd:a5:de:7e:95:2e:4a:2d:84:6c:bb:e9:30:fe:47:
b9:f4:a9:8a:90:3a:b2:c9:c3:90:a6:41:9a:a3:39:20:64:97:
85:45:42:18:69:b6:59:c0:d1:e8:87:fe:0a:40:a6:31:38:8c:
77:ea:5b:c3:76:52:a8:53:85:ef:39:f2:45:f2:69:16:71:35:
bd:0d:44:10:df:8b:ac:33:e6:e5:ff:38:74:1a:77:1b:58:49:
9c:01:2e:88:d9:7e:f1:df:85:5a:d0:0c:59:41:01:58:f3:e7:
39:21:6a:40:10:87:9f:d2:30:75:bd:ac:e3:97:ea:c8:63:52:
62:b5:e9:05:3d:c1:58:fb:24:47:5f:9e:6a:78:bd:52:d9:f6:
70:a0:fb:2a:a1:27:dc:4c:e6:42:e8:0e:0b:65:8d:40:a8:bb:
42:4a:92:e1:e8:4c:55:b4:04:53:c3:75:1d:f4:d5:63:8d:45:
a3:d3:6e:e8:db:c1:ce:d3:6c:55:3f:69:7a:32:7f:44:a5:01:
52:79:08:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUfX7xtcID+eg37MasXYPywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjUwMjE5MTgwMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2JjODY5Y2E1MmJiNTJmOWI3Nzc2MmVkZGUxZjRlY2JiNTA2MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnum/onRaWW7qJZu9AtpLJr/r3h1Y
6cSmIJ89A/bnN8HRTok2EWLp+YRoj/igAcuGDudlyVl0HLRMoESiD3yIdpsYT9Ec
11HOtUvrNQKxASVPKNiLWfi81uz6teBEC0/fEuN4Ox6UtLcwOa3VDc7AD4s0Vm73
anPpPBUyIT9YGrglvrKiLnMr4MY83vuGpkkKrA+HQ4Vt6bjRuWtVBkeH2ussNglI
qAhJrLVL39sKHTnOlQSDdGn6Io3afKA3K2zfdC/czeo6+DNITEOgJsXrSoJy/wbv
R5dmtj5+OVZqYafxPmrQYx4GTEmiXm2Gp2Sg9TR5+z9oeMt4TE2z18/zZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNy8hpylK7Uvm3d2Lt3h9Oy7UGEfMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvM0x5R25LVXJ0Uy1iZDNZdTNlSDA3THRRWVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwiPkAwQC
wmMoMA0GCSqGSIb3DQEBCwUAA4IBAQAw3t20SxbdeRss9VzifeconJwA0EbgCFev
JyJS2u5if1/9CmT6/pqYygZrlQSrcaC27dBMnkQp7z/dpd5+lS5KLYRsu+kw/ke5
9KmKkDqyycOQpkGaozkgZJeFRUIYabZZwNHoh/4KQKYxOIx36lvDdlKoU4XvOfJF
8mkWcTW9DUQQ34usM+bl/zh0GncbWEmcAS6I2X7x34Va0AxZQQFY8+c5IWpAEIef
0jB1vazjl+rIY1JitekFPcFY+yRHX55qeL1S2fZwoPsqoSfcTOZC6A4LZY1AqLtC
SpLh6ExVtARTw3Ud9NVjjUWj027o28HO02xVP2l6Mn9EpQFSeQgT
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:56 2025 by rpki-client on console.sobornost.net