Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d0a3dc-7d9a-4375-b2fd-c7542f88e797/1/3Vh4V2QgqmooTGsNFJzabIkkGuM.roa
File: 3Vh4V2QgqmooTGsNFJzabIkkGuM.roa (raw, json)
Hash identifier: pE5OL1gfqKCShXk+oFUj+oL3mmpNWjZD2zCOccDVAJo=
Subject key identifier: DD:58:78:57:64:20:AA:6A:28:4C:6B:0D:14:9C:DA:6C:89:24:1A:E3
Certificate issuer: /CN=2b04d555763fbaa094dca7a93daaa78fd4008554
Certificate serial: 019426D927F776C3AF8EA392EBA928BE199C
Authority key identifier: 2B:04:D5:55:76:3F:BA:A0:94:DC:A7:A9:3D:AA:A7:8F:D4:00:85:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwTVVXY_uqCU3KepPaqnj9QAhVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/d0a3dc-7d9a-4375-b2fd-c7542f88e797/1/3Vh4V2QgqmooTGsNFJzabIkkGuM.roa
Signing time: Thu 02 Jan 2025 11:49:13 +0000
ROA not before: Thu 02 Jan 2025 11:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198656
IP address blocks: 194.36.20.0/24 maxlen: 24
2001:67c:734::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:27:f7:76:c3:af:8e:a3:92:eb:a9:28:be:19:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b04d555763fbaa094dca7a93daaa78fd4008554
Validity
Not Before: Jan 2 11:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd5878576420aa6a284c6b0d149cda6c89241ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:57:7a:db:9b:c3:00:6d:21:39:c2:03:33:07:
85:3f:6c:65:20:9c:94:7f:66:2a:fe:67:69:94:7f:
88:2d:34:27:8c:cc:62:58:e0:f7:74:12:ab:04:3f:
bf:ea:8c:2d:8f:d2:e6:fd:48:0e:1f:13:22:4b:40:
ed:34:89:76:56:9a:7a:7b:9e:1a:fc:fc:d9:14:51:
11:f8:c2:85:33:59:ff:b0:e4:8c:b7:f1:47:07:06:
9d:b6:16:dc:eb:a4:8b:e3:16:30:43:d9:2c:7e:94:
dc:fd:8e:9a:b1:5a:df:5c:82:6c:c3:1f:b0:3a:bb:
cd:fb:1d:85:6f:c8:cb:a4:11:61:d2:62:58:1b:49:
e2:c1:2a:26:f3:1d:21:ad:76:f1:91:2e:32:80:82:
34:68:64:be:5e:5a:eb:f2:8e:bd:90:97:8b:e3:ca:
1e:3c:47:ca:a1:16:36:3b:28:69:0c:1c:0f:b1:7a:
23:cd:a7:33:22:b6:e0:a0:2d:81:7c:dd:e0:4a:fc:
37:8d:ed:9f:f1:6c:9e:12:9b:aa:a8:bf:01:48:a1:
ff:d7:74:7d:63:8b:2d:37:1c:83:13:4d:93:ad:c2:
ee:10:20:28:b1:eb:f8:4d:8d:f9:3e:cc:3e:24:9c:
93:8a:5a:d0:bb:c0:94:84:5b:70:13:0b:ce:ab:a5:
5f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:58:78:57:64:20:AA:6A:28:4C:6B:0D:14:9C:DA:6C:89:24:1A:E3
X509v3 Authority Key Identifier:
keyid:2B:04:D5:55:76:3F:BA:A0:94:DC:A7:A9:3D:AA:A7:8F:D4:00:85:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwTVVXY_uqCU3KepPaqnj9QAhVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d0a3dc-7d9a-4375-b2fd-c7542f88e797/1/3Vh4V2QgqmooTGsNFJzabIkkGuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d0a3dc-7d9a-4375-b2fd-c7542f88e797/1/KwTVVXY_uqCU3KepPaqnj9QAhVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.20.0/24
IPv6:
2001:67c:734::/48
Signature Algorithm: sha256WithRSAEncryption
44:e0:b6:52:40:e0:c6:42:c7:09:4a:80:53:50:d9:77:64:9e:
69:2e:97:d2:12:57:e0:3b:dc:7f:27:61:b0:00:ac:7c:40:98:
0d:2a:ec:6f:4a:ff:04:27:9b:24:23:85:d7:a1:80:db:cd:b2:
9f:47:ef:ec:09:bf:52:ef:cf:5e:60:51:a2:95:a5:fb:47:84:
b2:0a:62:2b:09:96:a4:9f:55:38:5b:57:41:3c:b8:6d:ac:b0:
fe:a0:8a:54:cd:aa:a0:ec:40:d5:77:73:01:12:71:1b:f8:dc:
8f:b5:3e:54:76:7a:ef:44:b8:ac:dd:45:1e:bd:bc:bb:3a:30:
78:69:0b:21:e2:4f:97:85:44:0a:89:1d:9c:9e:1c:66:13:28:
57:4b:28:72:78:3d:7b:87:da:5c:8b:47:79:83:82:c7:4a:cb:
94:51:aa:2b:8c:4d:3d:2d:ba:cc:fa:bc:73:a6:42:93:fc:60:
b1:15:35:e5:85:94:e3:ec:2d:78:ff:82:e3:55:6d:07:01:59:
f3:c0:ea:d5:92:13:4f:3e:bb:ba:17:c7:cf:cb:ce:ec:7f:4c:
4e:5c:bb:84:73:bf:b3:27:98:26:f2:be:7c:e0:24:73:f8:9a:
0a:38:80:d0:65:e2:58:6d:89:f9:41:30:1c:4a:ee:a6:d4:a2:
70:fd:0d:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQm2Sf3dsOvjqOS66kovhmcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMDRkNTU1NzYzZmJhYTA5NGRjYTdhOTNkYWFhNzhmZDQw
MDg1NTQwHhcNMjUwMTAyMTE0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDU4Nzg1NzY0MjBhYTZhMjg0YzZiMGQxNDljZGE2Yzg5MjQxYWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFd625vDAG0hOcIDMweFP2xlIJyU
f2Yq/mdplH+ILTQnjMxiWOD3dBKrBD+/6owtj9Lm/UgOHxMiS0DtNIl2Vpp6e54a
/PzZFFER+MKFM1n/sOSMt/FHBwadthbc66SL4xYwQ9ksfpTc/Y6asVrfXIJswx+w
OrvN+x2Fb8jLpBFh0mJYG0niwSom8x0hrXbxkS4ygII0aGS+Xlrr8o69kJeL48oe
PEfKoRY2OyhpDBwPsXojzaczIrbgoC2BfN3gSvw3je2f8WyeEpuqqL8BSKH/13R9
Y4stNxyDE02TrcLuECAosev4TY35Psw+JJyTilrQu8CUhFtwEwvOq6VfoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN1YeFdkIKpqKExrDRSc2myJJBrjMB8GA1UdIwQY
MBaAFCsE1VV2P7qglNynqT2qp4/UAIVUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3dUVlZYWV91cUNVM0tlcFBhcW5qOVFBaFZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kMGEzZGMtN2Q5YS00Mzc1LWIyZmQt
Yzc1NDJmODhlNzk3LzEvM1ZoNFYyUWdxbW9vVEdzTkZKemFiSWtrR3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kMGEzZGMtN2Q5YS00Mzc1LWIyZmQtYzc1NDJmODhlNzk3
LzEvS3dUVlZYWV91cUNVM0tlcFBhcW5qOVFBaFZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwiQUMA8E
AgACMAkDBwAgAQZ8BzQwDQYJKoZIhvcNAQELBQADggEBAETgtlJA4MZCxwlKgFNQ
2Xdknmkul9ISV+A73H8nYbAArHxAmA0q7G9K/wQnmyQjhdehgNvNsp9H7+wJv1Lv
z15gUaKVpftHhLIKYisJlqSfVThbV0E8uG2ssP6gilTNqqDsQNV3cwEScRv43I+1
PlR2eu9EuKzdRR69vLs6MHhpCyHiT5eFRAqJHZyeHGYTKFdLKHJ4PXuH2lyLR3mD
gsdKy5RRqiuMTT0tusz6vHOmQpP8YLEVNeWFlOPsLXj/guNVbQcBWfPA6tWSE08+
u7oXx8/Lzux/TE5cu4Rzv7MnmCbyvnzgJHP4mgo4gNBl4lhtiflBMBxK7qbUonD9
DfI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:16 2025 by rpki-client on console.sobornost.net