Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f9097c-10c2-4ae6-94dd-1610a0c993b4/1/3dfo7BpSW_BmeECHIG8JDsYb8u8.roa
File: 3dfo7BpSW_BmeECHIG8JDsYb8u8.roa (raw, json)
Hash identifier: Mc/2XZP0dbZZL2dPFjnm1ja/V9Hgm3wwQPBvcIgdoxY=
Subject key identifier: DD:D7:E8:EC:1A:52:5B:F0:66:78:40:87:20:6F:09:0E:C6:1B:F2:EF
Certificate issuer: /CN=d90784fd81d49ec445a09b2d06f8e560cdaa06a6
Certificate serial: 0194258F798DFAF6C58B211B983254179862
Authority key identifier: D9:07:84:FD:81:D4:9E:C4:45:A0:9B:2D:06:F8:E5:60:CD:AA:06:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2QeE_YHUnsRFoJstBvjlYM2qBqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f9097c-10c2-4ae6-94dd-1610a0c993b4/1/3dfo7BpSW_BmeECHIG8JDsYb8u8.roa
Signing time: Thu 02 Jan 2025 05:49:07 +0000
ROA not before: Thu 02 Jan 2025 05:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210108
IP address blocks: 194.49.100.0/23 maxlen: 23
194.49.102.0/24 maxlen: 24
194.49.103.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:79:8d:fa:f6:c5:8b:21:1b:98:32:54:17:98:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d90784fd81d49ec445a09b2d06f8e560cdaa06a6
Validity
Not Before: Jan 2 05:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddd7e8ec1a525bf066784087206f090ec61bf2ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:51:dc:ba:66:ff:0d:f1:8a:98:31:68:65:63:
87:e9:dd:38:06:73:48:de:d8:c4:4f:9c:f3:8c:17:
1d:1d:f2:15:c4:82:4d:24:6d:91:d7:65:1f:01:2a:
7b:f0:b2:21:2d:b6:ec:fe:da:b3:e1:b0:fc:9c:c6:
65:6e:df:2e:c5:d5:33:4c:cf:d9:bb:cc:fd:34:8a:
80:6f:91:90:4e:6a:03:10:78:64:ef:41:48:fd:b6:
8a:29:db:b1:61:93:52:6d:83:d7:d0:44:27:b3:43:
dc:dc:92:1c:dc:62:a1:6b:cc:c8:a7:65:f7:74:bb:
69:21:f8:c7:c7:4c:4a:b7:c0:b6:c1:d8:f2:71:6b:
95:3f:a7:5b:04:c2:59:78:0f:b5:77:d4:a3:9f:40:
5b:a3:7f:51:9f:ac:36:fd:2b:05:4f:ee:11:79:b5:
92:5d:0a:f9:bf:35:15:8c:94:c4:49:5c:5c:db:85:
e9:3c:18:ce:c8:d4:a5:d1:df:53:5f:8d:93:ae:98:
a2:9d:41:07:a3:99:bd:b8:d1:1e:5a:c9:be:82:0d:
cd:bb:8b:4d:88:d8:42:37:d1:22:a1:51:18:57:11:
3e:a1:29:12:e9:3e:28:00:cc:a2:da:f0:4c:e2:13:
64:f0:5a:1e:02:0d:5a:72:a3:bc:44:6e:3e:9e:8f:
63:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D7:E8:EC:1A:52:5B:F0:66:78:40:87:20:6F:09:0E:C6:1B:F2:EF
X509v3 Authority Key Identifier:
keyid:D9:07:84:FD:81:D4:9E:C4:45:A0:9B:2D:06:F8:E5:60:CD:AA:06:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QeE_YHUnsRFoJstBvjlYM2qBqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f9097c-10c2-4ae6-94dd-1610a0c993b4/1/3dfo7BpSW_BmeECHIG8JDsYb8u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f9097c-10c2-4ae6-94dd-1610a0c993b4/1/2QeE_YHUnsRFoJstBvjlYM2qBqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.100.0/22
Signature Algorithm: sha256WithRSAEncryption
58:28:d1:c3:a7:51:d4:30:9b:c2:d3:7c:a8:a4:4c:77:d8:43:
7c:16:8b:2c:60:aa:ac:cc:64:3f:9f:25:d2:0d:1f:c3:d2:b4:
5f:f3:a0:36:0e:bd:d7:9c:8f:6e:4a:19:cc:01:c1:eb:1b:8d:
ae:8d:27:7b:a3:b3:92:31:99:ff:80:1b:97:16:7f:a7:11:29:
06:01:8c:31:9b:ce:ee:69:7c:41:95:57:98:aa:e2:5c:d5:b9:
26:50:e6:60:ae:7d:8d:d2:c4:7b:00:fc:2b:64:c5:fc:50:39:
18:fc:9e:aa:12:29:a8:c4:29:ac:79:ee:83:92:eb:52:2a:7b:
82:ec:b4:cc:12:31:1e:63:b9:c7:ba:bd:2d:85:05:94:52:18:
38:24:4f:43:e4:d3:ac:d2:d6:6e:ed:a5:4b:ca:2a:0c:5e:ed:
64:1f:00:70:74:a6:af:f4:c7:e7:70:2c:b8:c0:97:6f:a3:6f:
50:6c:9d:54:54:f9:86:9e:a5:bf:f9:93:61:6f:24:dd:d0:30:
f1:6e:35:5a:8b:fc:aa:8d:21:5f:7b:96:87:93:bf:67:5a:8d:
21:cc:01:c8:d1:3c:4b:2a:d1:34:6e:9b:d5:f1:82:b4:e9:0f:
bc:0b:d7:99:3d:0f:55:5e:7f:c3:ce:68:d1:76:87:8f:74:51:
57:ac:d2:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj3mN+vbFiyEbmDJUF5hiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MDc4NGZkODFkNDllYzQ0NWEwOWIyZDA2ZjhlNTYwY2Rh
YTA2YTYwHhcNMjUwMTAyMDU0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQ3ZThlYzFhNTI1YmYwNjY3ODQwODcyMDZmMDkwZWM2MWJmMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7lHcumb/DfGKmDFoZWOH6d04BnNI
3tjET5zzjBcdHfIVxIJNJG2R12UfASp78LIhLbbs/tqz4bD8nMZlbt8uxdUzTM/Z
u8z9NIqAb5GQTmoDEHhk70FI/baKKduxYZNSbYPX0EQns0Pc3JIc3GKha8zIp2X3
dLtpIfjHx0xKt8C2wdjycWuVP6dbBMJZeA+1d9Sjn0Bbo39Rn6w2/SsFT+4RebWS
XQr5vzUVjJTESVxc24XpPBjOyNSl0d9TX42TrpiinUEHo5m9uNEeWsm+gg3Nu4tN
iNhCN9EioVEYVxE+oSkS6T4oAMyi2vBM4hNk8FoeAg1acqO8RG4+no9jCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN3X6OwaUlvwZnhAhyBvCQ7GG/LvMB8GA1UdIwQY
MBaAFNkHhP2B1J7ERaCbLQb45WDNqgamMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFlRV9ZSFVuc1JGb0pzdEJ2amxZTTJxQnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mOTA5N2MtMTBjMi00YWU2LTk0ZGQt
MTYxMGEwYzk5M2I0LzEvM2RmbzdCcFNXX0JtZUVDSElHOEpEc1liOHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mOTA5N2MtMTBjMi00YWU2LTk0ZGQtMTYxMGEwYzk5M2I0
LzEvMlFlRV9ZSFVuc1JGb0pzdEJ2amxZTTJxQnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjFkMA0G
CSqGSIb3DQEBCwUAA4IBAQBYKNHDp1HUMJvC03yopEx32EN8FossYKqszGQ/nyXS
DR/D0rRf86A2Dr3XnI9uShnMAcHrG42ujSd7o7OSMZn/gBuXFn+nESkGAYwxm87u
aXxBlVeYquJc1bkmUOZgrn2N0sR7APwrZMX8UDkY/J6qEimoxCmsee6DkutSKnuC
7LTMEjEeY7nHur0thQWUUhg4JE9D5NOs0tZu7aVLyioMXu1kHwBwdKav9MfncCy4
wJdvo29QbJ1UVPmGnqW/+ZNhbyTd0DDxbjVai/yqjSFfe5aHk79nWo0hzAHI0TxL
KtE0bpvV8YK06Q+8C9eZPQ9VXn/DzmjRdoePdFFXrNI5
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:43 2025 by rpki-client on console.sobornost.net