Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/3LgD2pWeokaJnu7AtKvUjtGF1K4.roa
File: 3LgD2pWeokaJnu7AtKvUjtGF1K4.roa (raw, json)
Hash identifier: EUbwmkUwuSMcYd+jHYxrR2mUP8puunpDHahZx+0W+pc=
Subject key identifier: DC:B8:03:DA:95:9E:A2:46:89:9E:EE:C0:B4:AB:D4:8E:D1:85:D4:AE
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 01942143C1A8F7E6C34F2FB321C26B61CF58
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/3LgD2pWeokaJnu7AtKvUjtGF1K4.roa
Signing time: Wed 01 Jan 2025 09:47:56 +0000
ROA not before: Wed 01 Jan 2025 09:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208491
IP address blocks: 195.187.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c1:a8:f7:e6:c3:4f:2f:b3:21:c2:6b:61:cf:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 1 09:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcb803da959ea246899eeec0b4abd48ed185d4ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8f:29:db:22:d2:f3:23:1c:d9:22:8d:81:1f:
8b:ea:da:c8:86:8b:65:fc:b5:1c:e6:a1:2d:9a:73:
98:8c:d7:70:26:56:b9:9d:69:b5:53:ab:66:9f:03:
6e:f8:14:e6:f1:2c:1a:5a:92:73:a3:79:50:16:27:
78:7e:e5:d8:27:f4:56:e5:d0:61:d3:b0:d7:ae:9f:
51:8b:7c:93:2b:2d:1e:b0:00:34:4f:3b:d0:96:b3:
96:23:b7:fe:4e:11:fa:92:8d:72:e8:ee:68:c6:d7:
05:12:03:17:9b:18:5d:8d:98:20:95:74:67:96:63:
5c:b2:18:dd:09:47:06:7b:31:9e:00:7e:78:de:78:
30:46:7b:34:2a:50:08:9c:ff:7a:4f:27:cc:a5:b7:
75:c2:13:e3:70:70:a3:0b:f8:d3:76:ad:e1:5e:e0:
b2:40:b2:de:c2:0c:25:80:3b:a9:7a:34:70:09:26:
ba:6a:07:33:26:df:49:fc:1d:d6:e4:14:84:9c:4b:
7b:cf:7e:0d:3b:90:ed:27:29:49:4b:71:1f:9c:10:
df:1d:7a:f5:48:44:4b:6e:6f:2e:87:88:3b:21:03:
1c:7e:9a:5f:4b:cb:31:98:52:a0:d4:4d:41:b0:03:
3a:82:b8:ca:99:e1:0f:c1:9e:45:07:c7:00:2a:49:
15:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B8:03:DA:95:9E:A2:46:89:9E:EE:C0:B4:AB:D4:8E:D1:85:D4:AE
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/3LgD2pWeokaJnu7AtKvUjtGF1K4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.187.32.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:11:81:41:47:45:8b:08:90:7d:e1:5a:a6:42:51:2c:bb:44:
f4:a0:21:7e:8f:d2:03:b1:0c:8f:d3:7e:c1:7a:90:0a:c1:b0:
0f:c0:9a:92:d0:c3:d3:cc:43:91:35:e4:7c:03:6a:1d:12:fc:
34:bd:df:14:bd:ec:d2:60:85:ea:85:00:19:95:28:6d:3d:61:
80:e8:5f:65:28:9d:9d:99:85:3e:d9:df:f4:ae:51:81:99:24:
0b:72:bf:a0:57:3c:67:ee:bc:52:10:38:85:2a:46:37:ee:ff:
82:b7:45:73:b2:4e:1a:d3:4a:d3:3b:21:5b:14:53:d5:5d:64:
11:2f:c3:a0:10:5e:91:0d:0f:93:61:09:6f:eb:9d:17:6e:c3:
40:9f:48:81:94:80:09:9a:9a:aa:f4:04:e4:5d:b2:8c:0a:c2:
29:3a:ab:48:5b:79:57:64:ff:ad:d8:c8:67:08:dd:cf:f3:35:
4c:44:39:85:df:20:be:7f:35:75:ca:52:28:b8:a8:0c:6c:90:
3a:e4:87:02:e2:18:9b:1a:a2:f0:d1:e0:75:57:c1:5d:30:66:
ac:f8:c3:e0:87:61:4e:86:34:15:3f:74:c7:41:e3:04:a8:5a:
e5:39:50:a9:cc:97:d5:a5:ca:46:dc:4b:fd:ca:78:ad:a2:03:
88:38:b9:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ8Go9+bDTy+zIcJrYc9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjUwMTAxMDk0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2I4MDNkYTk1OWVhMjQ2ODk5ZWVlYzBiNGFiZDQ4ZWQxODVkNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA548p2yLS8yMc2SKNgR+L6trIhotl
/LUc5qEtmnOYjNdwJla5nWm1U6tmnwNu+BTm8SwaWpJzo3lQFid4fuXYJ/RW5dBh
07DXrp9Ri3yTKy0esAA0TzvQlrOWI7f+ThH6ko1y6O5oxtcFEgMXmxhdjZgglXRn
lmNcshjdCUcGezGeAH543ngwRns0KlAInP96TyfMpbd1whPjcHCjC/jTdq3hXuCy
QLLewgwlgDupejRwCSa6agczJt9J/B3W5BSEnEt7z34NO5DtJylJS3EfnBDfHXr1
SERLbm8uh4g7IQMcfppfS8sxmFKg1E1BsAM6grjKmeEPwZ5FB8cAKkkV8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNy4A9qVnqJGiZ7uwLSr1I7RhdSuMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvM0xnRDJwV2Vva2FKbnU3QXRLdlVqdEdGMUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7sgMA0G
CSqGSIb3DQEBCwUAA4IBAQAtEYFBR0WLCJB94VqmQlEsu0T0oCF+j9IDsQyP037B
epAKwbAPwJqS0MPTzEORNeR8A2odEvw0vd8UvezSYIXqhQAZlShtPWGA6F9lKJ2d
mYU+2d/0rlGBmSQLcr+gVzxn7rxSEDiFKkY37v+Ct0Vzsk4a00rTOyFbFFPVXWQR
L8OgEF6RDQ+TYQlv650XbsNAn0iBlIAJmpqq9ATkXbKMCsIpOqtIW3lXZP+t2Mhn
CN3P8zVMRDmF3yC+fzV1ylIouKgMbJA65IcC4hibGqLw0eB1V8FdMGas+MPgh2FO
hjQVP3THQeMEqFrlOVCpzJfVpcpG3Ev9ynitogOIOLmT
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:56:37 2025 by rpki-client