Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/3-sSJoZSPekx4Aa1OQXl_rwnCgE.roa
File: 3-sSJoZSPekx4Aa1OQXl_rwnCgE.roa (raw, json)
Hash identifier: pUzH+yyfi1mC0E9a+KrNmmC+qEMzcBTviDyMsSj8qaU=
Subject key identifier: DF:EB:12:26:86:52:3D:E9:31:E0:06:B5:39:05:E5:FE:BC:27:0A:01
Certificate issuer: /CN=edfffb3c661e2f78a5785be95916044b06af51d2
Certificate serial: 019424B2A96296642A9494157D3E41CB3B89
Authority key identifier: ED:FF:FB:3C:66:1E:2F:78:A5:78:5B:E9:59:16:04:4B:06:AF:51:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7f_7PGYeL3ileFvpWRYESwavUdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/3-sSJoZSPekx4Aa1OQXl_rwnCgE.roa
Signing time: Thu 02 Jan 2025 01:47:56 +0000
ROA not before: Thu 02 Jan 2025 01:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57087
IP address blocks: 5.182.130.0/24 maxlen: 24
5.182.131.0/24 maxlen: 24
193.163.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:a9:62:96:64:2a:94:94:15:7d:3e:41:cb:3b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edfffb3c661e2f78a5785be95916044b06af51d2
Validity
Not Before: Jan 2 01:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfeb122686523de931e006b53905e5febc270a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:55:dc:fd:30:9a:bd:84:ad:3f:d2:06:74:5b:
d5:f1:97:06:7f:40:c0:39:e8:b4:50:7c:34:2c:97:
90:92:99:a4:09:44:03:82:5b:76:04:08:7c:e7:b3:
34:9b:f9:ad:f5:9b:59:57:d6:2c:e4:b1:f8:f7:35:
86:61:39:30:b0:94:b8:1e:f2:d9:19:b5:54:23:0b:
72:c6:9b:18:c6:5a:bf:ef:ea:3d:2a:1c:8d:12:b9:
a2:7d:38:f2:aa:3a:ce:4f:af:a8:b1:86:37:66:91:
39:44:10:23:5c:f3:d3:71:67:78:a4:5e:18:c2:7a:
74:cd:21:50:15:26:24:46:ae:fc:f7:fa:81:30:be:
59:fe:a6:74:08:13:dc:2a:e2:24:da:6e:5c:eb:6d:
64:25:d1:1e:c0:e5:e7:3b:e1:bc:a4:17:c2:1d:a2:
bb:df:28:e5:e6:27:d7:60:9a:0c:db:0f:93:56:1a:
d4:f0:67:05:32:12:94:1d:fb:e0:2b:0e:96:87:54:
52:fc:35:c9:61:d3:17:c0:75:9c:58:8a:46:91:f9:
2c:31:8f:bb:35:39:37:19:dc:9b:10:a9:b7:92:95:
a5:7d:3a:cd:5c:f4:0c:3c:90:54:fe:98:cc:19:f7:
a2:9d:93:1c:72:4b:2e:14:59:dc:06:30:f0:a1:6d:
a0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:EB:12:26:86:52:3D:E9:31:E0:06:B5:39:05:E5:FE:BC:27:0A:01
X509v3 Authority Key Identifier:
keyid:ED:FF:FB:3C:66:1E:2F:78:A5:78:5B:E9:59:16:04:4B:06:AF:51:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f_7PGYeL3ileFvpWRYESwavUdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/3-sSJoZSPekx4Aa1OQXl_rwnCgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a38e4f-4d10-4b9f-8f2f-a9893545c3c5/1/7f_7PGYeL3ileFvpWRYESwavUdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.130.0/23
193.163.44.0/24
Signature Algorithm: sha256WithRSAEncryption
89:06:ff:41:01:b1:87:90:7f:6e:5f:50:d9:a2:47:7b:1e:f2:
d3:7e:97:e7:6c:10:ff:d8:cc:6c:40:92:fb:71:97:72:30:9a:
38:64:71:d5:e8:e8:f0:91:d4:02:de:3d:0c:7f:e7:51:6c:57:
13:c1:96:09:5c:47:1a:88:fb:5c:0b:64:e7:66:2c:2b:9b:18:
10:27:40:c2:cb:66:de:34:85:8f:d7:6b:85:2a:3d:b4:ef:76:
fa:ea:59:41:47:d6:a1:91:29:77:fc:34:1f:a6:16:06:52:e2:
a6:7b:c4:74:e0:ff:39:b5:b3:f5:c8:8f:f4:9e:1f:ed:70:aa:
18:3a:fe:05:a7:ff:fa:2e:70:44:19:32:75:db:90:34:6e:8f:
bb:c2:13:10:e8:d5:fc:00:92:1b:27:b4:70:c9:ca:97:a2:ad:
c0:3f:a1:06:45:97:e3:69:2e:b2:b9:ee:78:40:08:50:84:ba:
bd:31:d3:f5:a3:bb:46:b5:8a:2a:dc:83:6d:1f:4b:e7:90:51:
2b:6a:b2:91:4b:5f:86:03:7b:d4:80:e8:42:e1:7d:bb:f2:3a:
00:50:fc:81:59:06:f1:d5:0e:8e:55:f2:db:95:66:5e:b2:fa:
af:fd:c9:db:b8:75:ab:cd:f9:73:d9:46:2d:d6:b7:31:6b:6d:
d9:d7:0d:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQksqlilmQqlJQVfT5ByzuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkZmZmYjNjNjYxZTJmNzhhNTc4NWJlOTU5MTYwNDRiMDZh
ZjUxZDIwHhcNMjUwMTAyMDE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmViMTIyNjg2NTIzZGU5MzFlMDA2YjUzOTA1ZTVmZWJjMjcwYTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1Xc/TCavYStP9IGdFvV8ZcGf0DA
Oei0UHw0LJeQkpmkCUQDglt2BAh857M0m/mt9ZtZV9Ys5LH49zWGYTkwsJS4HvLZ
GbVUIwtyxpsYxlq/7+o9KhyNErmifTjyqjrOT6+osYY3ZpE5RBAjXPPTcWd4pF4Y
wnp0zSFQFSYkRq789/qBML5Z/qZ0CBPcKuIk2m5c621kJdEewOXnO+G8pBfCHaK7
3yjl5ifXYJoM2w+TVhrU8GcFMhKUHfvgKw6Wh1RS/DXJYdMXwHWcWIpGkfksMY+7
NTk3GdybEKm3kpWlfTrNXPQMPJBU/pjMGfeinZMccksuFFncBjDwoW2g2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN/rEiaGUj3pMeAGtTkF5f68JwoBMB8GA1UdIwQY
MBaAFO3/+zxmHi94pXhb6VkWBEsGr1HSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2ZfN1BHWWVMM2lsZUZ2cFdSWUVTd2F2VWRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hMzhlNGYtNGQxMC00YjlmLThmMmYt
YTk4OTM1NDVjM2M1LzEvMy1zU0pvWlNQZWt4NEFhMU9RWGxfcnduQ2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hMzhlNGYtNGQxMC00YjlmLThmMmYtYTk4OTM1NDVjM2M1
LzEvN2ZfN1BHWWVMM2lsZUZ2cFdSWUVTd2F2VWRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBbaCAwQA
waMsMA0GCSqGSIb3DQEBCwUAA4IBAQCJBv9BAbGHkH9uX1DZokd7HvLTfpfnbBD/
2MxsQJL7cZdyMJo4ZHHV6OjwkdQC3j0Mf+dRbFcTwZYJXEcaiPtcC2TnZiwrmxgQ
J0DCy2beNIWP12uFKj2073b66llBR9ahkSl3/DQfphYGUuKme8R04P85tbP1yI/0
nh/tcKoYOv4Fp//6LnBEGTJ125A0bo+7whMQ6NX8AJIbJ7RwycqXoq3AP6EGRZfj
aS6yue54QAhQhLq9MdP1o7tGtYoq3INtH0vnkFErarKRS1+GA3vUgOhC4X278joA
UPyBWQbx1Q6OVfLblWZesvqv/cnbuHWrzflz2UYt1rcxa23Z1w24
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:55:40 2025 by rpki-client on console.sobornost.net