Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/3ZXn6MjYYZA6TwrdRA6v_Uq6ib0.roa
File: 3ZXn6MjYYZA6TwrdRA6v_Uq6ib0.roa (raw, json)
Hash identifier: DnTbuFGSboxx+C4KWZfRhHAp40FfsIs0xcf1K2+lK1Y=
Subject key identifier: DD:95:E7:E8:C8:D8:61:90:3A:4F:0A:DD:44:0E:AF:FD:4A:BA:89:BD
Certificate issuer: /CN=fb5d3e114fbce2cf0f920431c56a7c73dfda5a7e
Certificate serial: 0194221FEE930FF0870BB299BB17C40E77B2
Authority key identifier: FB:5D:3E:11:4F:BC:E2:CF:0F:92:04:31:C5:6A:7C:73:DF:DA:5A:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-10-EU-84s8PkgQxxWp8c9_aWn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/3ZXn6MjYYZA6TwrdRA6v_Uq6ib0.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57032
IP address blocks: 2.57.239.0/24 maxlen: 24
2a12:9bc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ee:93:0f:f0:87:0b:b2:99:bb:17:c4:0e:77:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb5d3e114fbce2cf0f920431c56a7c73dfda5a7e
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd95e7e8c8d861903a4f0add440eaffd4aba89bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7a:c9:42:f7:e6:b8:ea:b5:9e:9a:1c:63:f4:
d2:d7:dc:2a:81:40:3f:55:69:e4:13:c6:7a:c1:09:
9b:ae:6c:91:3a:b6:44:99:8a:a9:27:cd:b7:69:fa:
fa:f3:8a:45:99:8f:44:2d:c8:97:a4:46:84:88:44:
55:31:d5:2c:7b:a6:fa:8d:1e:1c:a2:3c:8a:7b:a2:
c8:c2:cd:55:bc:a4:7b:8a:1b:88:ec:52:10:9c:c4:
df:8d:70:f6:d0:98:b2:11:3e:0f:71:d2:07:97:4a:
bb:ae:ae:11:4c:a2:29:22:d8:de:32:b4:3b:9d:a1:
b6:67:bf:c5:e9:e7:bc:bf:6b:ee:aa:02:fa:4a:ca:
22:19:1d:63:b9:18:b6:20:b9:5c:fa:f0:aa:92:df:
47:79:56:90:29:76:60:ca:30:92:d6:08:20:97:b3:
1b:19:3e:ec:01:7e:9c:44:bd:1d:83:f1:14:f0:ee:
83:f1:ec:99:15:95:68:64:44:7b:7d:70:da:f7:2f:
d3:73:9c:ae:45:10:c8:04:41:14:9b:74:e9:ba:6e:
f3:7c:e2:e2:ed:84:3f:55:d0:11:eb:98:b8:56:a4:
f8:22:de:ee:13:63:df:19:2c:3c:f7:f0:73:0c:f5:
d8:55:bb:36:30:5a:8e:fe:9b:a2:0a:6f:c4:a6:38:
78:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:95:E7:E8:C8:D8:61:90:3A:4F:0A:DD:44:0E:AF:FD:4A:BA:89:BD
X509v3 Authority Key Identifier:
keyid:FB:5D:3E:11:4F:BC:E2:CF:0F:92:04:31:C5:6A:7C:73:DF:DA:5A:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-10-EU-84s8PkgQxxWp8c9_aWn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/3ZXn6MjYYZA6TwrdRA6v_Uq6ib0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/1-10-EU-84s8PkgQxxWp8c9_aWn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.239.0/24
IPv6:
2a12:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:c2:d4:88:83:14:45:c1:c7:e1:c8:46:ba:55:5e:16:ca:9c:
5d:e4:d2:28:86:2f:8f:f0:18:2a:0b:b1:e0:12:f9:cc:c7:ed:
5c:16:3b:25:4d:d8:56:19:d4:90:28:39:c5:ed:da:36:64:06:
fe:03:21:65:3f:fb:f7:4d:5a:e8:da:f4:24:cd:cb:45:52:6b:
c2:b3:3e:f7:0e:8f:fe:b3:a5:b3:61:02:fc:c3:69:89:db:59:
96:ce:11:5e:69:6f:4b:07:25:70:fc:b9:db:c9:3b:22:b0:7f:
41:b5:64:e3:cb:82:84:c6:57:68:7d:ce:97:1a:d8:a6:48:a3:
51:97:a2:16:7b:06:00:9f:66:6a:b8:44:65:88:0e:e7:6f:6f:
e8:19:f0:08:94:67:9c:de:a4:6f:d9:fb:2d:41:40:1c:aa:13:
c7:13:2f:76:9b:fd:8e:ea:fa:ba:15:e5:97:94:98:87:98:5c:
9f:9a:c6:81:9e:92:e1:d1:79:3e:ea:5c:14:e3:0c:e1:33:c8:
52:18:0c:b0:2a:8f:97:40:98:45:2f:f4:a3:cd:bd:5f:53:3e:
ea:ca:9a:de:ad:d1:e6:6a:9a:32:0a:69:70:fa:99:2d:8a:13:
25:c5:1e:fd:32:1f:ef:26:04:5e:71:9a:16:06:64:71:9f:10:
62:ca:39:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQiH+6TD/CHC7KZuxfEDneyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNWQzZTExNGZiY2UyY2YwZjkyMDQzMWM1NmE3YzczZGZk
YTVhN2UwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDk1ZTdlOGM4ZDg2MTkwM2E0ZjBhZGQ0NDBlYWZmZDRhYmE4OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3rJQvfmuOq1npocY/TS19wqgUA/
VWnkE8Z6wQmbrmyROrZEmYqpJ823afr684pFmY9ELciXpEaEiERVMdUse6b6jR4c
ojyKe6LIws1VvKR7ihuI7FIQnMTfjXD20JiyET4PcdIHl0q7rq4RTKIpItjeMrQ7
naG2Z7/F6ee8v2vuqgL6SsoiGR1juRi2ILlc+vCqkt9HeVaQKXZgyjCS1gggl7Mb
GT7sAX6cRL0dg/EU8O6D8eyZFZVoZER7fXDa9y/Tc5yuRRDIBEEUm3Tpum7zfOLi
7YQ/VdAR65i4VqT4It7uE2PfGSw89/BzDPXYVbs2MFqO/puiCm/Epjh4RwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN2V5+jI2GGQOk8K3UQOr/1Kuom9MB8GA1UdIwQY
MBaAFPtdPhFPvOLPD5IEMcVqfHPf2lp+MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0xMC1FVS04NHM4UGtnUXh4V3A4YzlfYVduNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIvZTcwZDk4LTQyNmUtNDZmZS1hZmFm
LTgyMTM5ZjNiNDMzYy8xLzNaWG42TWpZWVpBNlR3cmRSQTZ2X1VxNmliMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjIvZTcwZDk4LTQyNmUtNDZmZS1hZmFmLTgyMTM5ZjNiNDMz
Yy8xLzEtMTAtRVUtODRzOFBrZ1F4eFdwOGM5X2FXbjQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAACOe8w
DQQCAAIwBwMFAyoSm8AwDQYJKoZIhvcNAQELBQADggEBAGzC1IiDFEXBx+HIRrpV
XhbKnF3k0iiGL4/wGCoLseAS+czH7VwWOyVN2FYZ1JAoOcXt2jZkBv4DIWU/+/dN
Wuja9CTNy0VSa8KzPvcOj/6zpbNhAvzDaYnbWZbOEV5pb0sHJXD8udvJOyKwf0G1
ZOPLgoTGV2h9zpca2KZIo1GXohZ7BgCfZmq4RGWIDudvb+gZ8AiUZ5zepG/Z+y1B
QByqE8cTL3ab/Y7q+roV5ZeUmIeYXJ+axoGekuHReT7qXBTjDOEzyFIYDLAqj5dA
mEUv9KPNvV9TPurKmt6t0eZqmjIKaXD6mS2KEyXFHv0yH+8mBF5xmhYGZHGfEGLK
OeM=
-----END CERTIFICATE-----
Generated at Thu Jan 23 16:47:52 2025 by rpki-client on console.sobornost.net