Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/3RFddkozoZGvDJWQRcnS3tQnN6k.roa
File: 3RFddkozoZGvDJWQRcnS3tQnN6k.roa (raw, json)
Hash identifier: KSM4qOmDj4X6PN9gZp6oxzJSTfcXsGzAsnDPsOPcYvo=
Subject key identifier: DD:11:5D:76:4A:33:A1:91:AF:0C:95:90:45:C9:D2:DE:D4:27:37:A9
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 0194214451D59951A951AF2236C9CE440B47
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/3RFddkozoZGvDJWQRcnS3tQnN6k.roa
Signing time: Wed 01 Jan 2025 09:48:33 +0000
ROA not before: Wed 01 Jan 2025 09:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47775
IP address blocks: 213.5.104.0/22 maxlen: 22
213.5.104.0/23 maxlen: 23
213.5.104.0/24 maxlen: 24
213.5.105.0/24 maxlen: 24
213.5.106.0/23 maxlen: 23
213.5.106.0/24 maxlen: 24
213.5.107.0/24 maxlen: 24
2a02:1c8:5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:51:d5:99:51:a9:51:af:22:36:c9:ce:44:0b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 1 09:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd115d764a33a191af0c959045c9d2ded42737a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:22:41:f8:c5:d3:2b:45:04:1d:18:cd:06:80:
7d:46:a4:e5:e0:9b:03:6c:e1:d6:bf:16:89:26:2f:
28:10:ff:97:13:86:5f:ff:70:34:e8:73:bc:38:98:
d1:06:39:c4:8d:16:01:17:ec:af:87:bd:54:3c:d9:
21:9c:eb:4f:6c:74:ef:8d:41:df:2a:13:6c:87:9d:
60:47:5a:95:c3:d4:a7:28:bd:a8:4e:77:6d:3a:8d:
80:aa:20:b0:ed:b8:e6:4e:6b:be:27:2c:7d:62:ec:
31:ab:88:74:0d:ea:1b:5c:c6:69:fe:35:1b:87:2f:
58:2a:85:5b:95:17:73:e7:bb:c5:6d:df:b8:11:6b:
19:95:42:93:eb:47:72:51:a7:53:df:98:9a:44:77:
a6:e1:bb:1b:c1:ee:15:c8:73:53:18:8e:18:2b:aa:
97:de:49:98:ab:b4:f5:ef:89:fd:6e:5f:bd:96:33:
7d:fe:64:a5:3e:40:e1:89:36:95:f1:8e:fa:4c:d7:
1b:9f:43:27:66:78:5c:9d:c6:ee:b2:df:ed:c6:38:
b0:81:42:94:39:f6:e7:74:27:c8:87:74:9e:7f:58:
a7:4a:3f:86:92:ba:1d:62:fb:17:7d:6a:aa:5b:d6:
93:0c:54:45:ab:60:5a:57:39:bf:4b:77:8c:01:5c:
28:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:11:5D:76:4A:33:A1:91:AF:0C:95:90:45:C9:D2:DE:D4:27:37:A9
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/3RFddkozoZGvDJWQRcnS3tQnN6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.104.0/22
IPv6:
2a02:1c8:5::/48
Signature Algorithm: sha256WithRSAEncryption
45:88:e0:19:d8:78:88:9a:54:72:b8:80:3d:75:16:e7:15:eb:
1a:29:7f:02:7b:11:2d:b0:3a:f1:0f:43:f2:8f:c9:72:b4:58:
6b:53:7f:ca:73:7d:2c:54:e9:39:28:b0:e2:d8:b1:ab:ea:40:
cd:79:b1:cc:19:a8:47:be:21:da:af:ad:f1:87:a6:d3:96:80:
ff:5e:40:03:f1:a3:17:5d:97:fd:aa:85:91:6a:ca:f1:7b:86:
bb:f2:26:64:47:17:e5:4a:4c:42:50:5c:6f:42:63:b5:f5:00:
ea:9b:2e:89:34:3c:65:36:54:64:4a:9c:f3:7e:6c:de:6d:c8:
44:17:e7:ba:57:61:9b:ef:e7:f9:b8:d3:08:f5:82:d9:d6:30:
48:e1:b1:9c:e2:3a:bf:94:a7:94:d0:f9:8d:fb:87:29:aa:4b:
25:c3:d0:fd:b8:b7:97:a3:5a:e9:fb:8c:66:9e:52:d0:55:10:
f1:bd:4c:ea:9a:36:3c:0c:7e:99:78:d5:5e:77:3f:a3:60:a6:
13:e8:1e:ac:0c:f3:b6:d6:c4:ce:9b:9b:8b:10:60:c4:93:a4:
03:91:e6:b6:59:b3:9a:80:5e:1a:02:08:e4:c6:4f:46:71:45:
6b:47:36:b5:09:85:4f:d6:ab:cd:f2:0d:7f:44:3f:d0:7e:d9:
23:c3:0b:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhRFHVmVGpUa8iNsnORAtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjUwMTAxMDk0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDExNWQ3NjRhMzNhMTkxYWYwYzk1OTA0NWM5ZDJkZWQ0MjczN2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSJB+MXTK0UEHRjNBoB9RqTl4JsD
bOHWvxaJJi8oEP+XE4Zf/3A06HO8OJjRBjnEjRYBF+yvh71UPNkhnOtPbHTvjUHf
KhNsh51gR1qVw9SnKL2oTndtOo2AqiCw7bjmTmu+Jyx9Yuwxq4h0DeobXMZp/jUb
hy9YKoVblRdz57vFbd+4EWsZlUKT60dyUadT35iaRHem4bsbwe4VyHNTGI4YK6qX
3kmYq7T174n9bl+9ljN9/mSlPkDhiTaV8Y76TNcbn0MnZnhcncbust/txjiwgUKU
OfbndCfIh3Sef1inSj+GkrodYvsXfWqqW9aTDFRFq2BaVzm/S3eMAVwoZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN0RXXZKM6GRrwyVkEXJ0t7UJzepMB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvM1JGZGRrb3pvWkd2REpXUVJjblMzdFFuTjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQC1QVoMA8E
AgACMAkDBwAqAgHIAAUwDQYJKoZIhvcNAQELBQADggEBAEWI4BnYeIiaVHK4gD11
FucV6xopfwJ7ES2wOvEPQ/KPyXK0WGtTf8pzfSxU6TkosOLYsavqQM15scwZqEe+
IdqvrfGHptOWgP9eQAPxoxddl/2qhZFqyvF7hrvyJmRHF+VKTEJQXG9CY7X1AOqb
Lok0PGU2VGRKnPN+bN5tyEQX57pXYZvv5/m40wj1gtnWMEjhsZziOr+Up5TQ+Y37
hymqSyXD0P24t5ejWun7jGaeUtBVEPG9TOqaNjwMfpl41V53P6NgphPoHqwM87bW
xM6bm4sQYMSTpAOR5rZZs5qAXhoCCOTGT0ZxRWtHNrUJhU/Wq83yDX9EP9B+2SPD
C4w=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:29 2025 by rpki-client on console.sobornost.net