Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/3KUh8-hYuauka8jZQaDHKHAvPEE.roa
File: 3KUh8-hYuauka8jZQaDHKHAvPEE.roa (raw, json)
Hash identifier: +Qd1QnNThlMfYeG0RT/Lwm1rGPeX/Dbt9BOhFW3NK7w=
Subject key identifier: DC:A5:21:F3:E8:58:B9:AB:A4:6B:C8:D9:41:A0:C7:28:70:2F:3C:41
Certificate issuer: /CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Certificate serial: 0194BB6BB8C813F2B3406D99F6A77577F41A
Authority key identifier: 99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/3KUh8-hYuauka8jZQaDHKHAvPEE.roa
Signing time: Fri 31 Jan 2025 08:13:06 +0000
ROA not before: Fri 31 Jan 2025 08:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.95.114.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bb:6b:b8:c8:13:f2:b3:40:6d:99:f6:a7:75:77:f4:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99fee7cbd8e78d1f14a453a04b916f7c1581d204
Validity
Not Before: Jan 31 08:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dca521f3e858b9aba46bc8d941a0c728702f3c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:18:dc:13:72:cc:10:f7:57:00:6f:5e:0c:bb:
8c:91:0e:fe:65:26:55:c7:44:73:d9:c2:97:a5:10:
93:cd:24:6c:f2:d7:8a:99:00:41:ef:af:69:0a:b2:
e0:ae:49:56:70:40:0e:ef:a3:f0:22:dc:ae:0c:25:
49:1e:90:2a:6d:42:a1:6b:90:03:d0:44:86:02:1d:
fa:d8:13:2c:ae:f7:47:e4:bf:d3:0a:ab:41:bc:ea:
a2:f3:d8:c1:04:0b:fd:cd:cd:4a:eb:71:72:1d:bd:
8b:30:c0:5b:74:4d:39:ed:27:34:29:10:24:f9:ec:
0e:29:44:2f:1f:9d:09:ae:fc:2d:4d:63:87:4f:8c:
e6:b0:b2:88:6f:88:1c:f9:c6:01:10:39:0f:1a:84:
43:5c:13:08:ac:00:c9:15:63:00:c6:03:25:53:06:
3f:04:c8:6e:2a:68:f5:95:71:e0:27:c5:59:a5:ca:
e0:db:14:e7:fa:17:dc:f7:d2:0a:6c:52:3e:7f:9a:
ea:2b:c6:11:1b:98:53:33:81:1d:42:23:7d:62:70:
e5:e7:40:54:74:56:d0:07:e7:51:c1:10:c3:b0:4a:
34:90:00:14:06:f1:27:43:86:f3:72:b4:a1:94:12:
5b:b3:f1:3c:2f:39:21:03:00:6d:3c:37:09:b0:d6:
a9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A5:21:F3:E8:58:B9:AB:A4:6B:C8:D9:41:A0:C7:28:70:2F:3C:41
X509v3 Authority Key Identifier:
keyid:99:FE:E7:CB:D8:E7:8D:1F:14:A4:53:A0:4B:91:6F:7C:15:81:D2:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/3KUh8-hYuauka8jZQaDHKHAvPEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/0dd4cb-1f72-40ed-a657-1c22eff72818/1/mf7ny9jnjR8UpFOgS5FvfBWB0gQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.114.0/24
Signature Algorithm: sha256WithRSAEncryption
26:47:78:7d:fc:8a:a1:bf:8e:3f:30:43:38:6a:3e:8a:c6:17:
43:d6:6d:ec:18:0a:ef:fc:47:2e:52:23:cf:d4:00:b1:c7:8b:
07:ff:6e:2c:38:ab:5c:0f:06:24:b2:b6:d5:3d:ca:b5:56:d3:
94:bc:7e:be:ac:f7:8f:2c:7c:99:5e:53:99:cc:81:f4:f3:f4:
b8:33:a4:e7:dd:ff:38:51:46:b5:ba:a3:5c:78:d4:3d:dc:a2:
23:08:0b:30:51:85:69:62:4a:d6:45:b5:29:8c:71:39:95:45:
4f:87:b1:b9:6e:30:82:70:e4:65:53:d7:e0:1c:90:b7:82:df:
aa:c8:6c:5a:9c:39:a2:1d:2b:b3:b9:99:61:7f:c8:91:74:55:
99:a5:67:63:40:71:7d:73:b8:2e:bc:b7:c6:5e:da:b7:e7:c5:
46:80:f8:75:c4:61:51:08:be:7e:ed:4f:b8:23:b3:96:4e:fd:
19:ca:37:5a:58:b2:d6:56:02:ba:df:93:e3:aa:af:59:2e:38:
54:90:03:b3:23:1c:3f:97:cd:fe:91:c7:8d:06:f4:49:fa:32:
21:74:27:ed:9f:84:c2:80:28:22:d4:9b:85:d6:62:ac:bc:85:
8f:36:55:96:2e:ce:dd:54:a0:e9:b7:cb:c7:3e:6f:c6:da:0e:
26:7b:8d:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZS7a7jIE/KzQG2Z9qd1d/QaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmVlN2NiZDhlNzhkMWYxNGE0NTNhMDRiOTE2ZjdjMTU4
MWQyMDQwHhcNMjUwMTMxMDgxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2E1MjFmM2U4NThiOWFiYTQ2YmM4ZDk0MWEwYzcyODcwMmYzYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBjcE3LMEPdXAG9eDLuMkQ7+ZSZV
x0Rz2cKXpRCTzSRs8teKmQBB769pCrLgrklWcEAO76PwItyuDCVJHpAqbUKha5AD
0ESGAh362BMsrvdH5L/TCqtBvOqi89jBBAv9zc1K63FyHb2LMMBbdE057Sc0KRAk
+ewOKUQvH50JrvwtTWOHT4zmsLKIb4gc+cYBEDkPGoRDXBMIrADJFWMAxgMlUwY/
BMhuKmj1lXHgJ8VZpcrg2xTn+hfc99IKbFI+f5rqK8YRG5hTM4EdQiN9YnDl50BU
dFbQB+dRwRDDsEo0kAAUBvEnQ4bzcrShlBJbs/E8LzkhAwBtPDcJsNap+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNylIfPoWLmrpGvI2UGgxyhwLzxBMB8GA1UdIwQY
MBaAFJn+58vY540fFKRToEuRb3wVgdIEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTct
MWMyMmVmZjcyODE4LzEvM0tVaDgtaFl1YXVrYThqWlFhREhLSEF2UEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wZGQ0Y2ItMWY3Mi00MGVkLWE2NTctMWMyMmVmZjcyODE4
LzEvbWY3bnk5am5qUjhVcEZPZ1M1RnZmQldCMGdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV9yMA0G
CSqGSIb3DQEBCwUAA4IBAQAmR3h9/Iqhv44/MEM4aj6KxhdD1m3sGArv/EcuUiPP
1ACxx4sH/24sOKtcDwYksrbVPcq1VtOUvH6+rPePLHyZXlOZzIH08/S4M6Tn3f84
UUa1uqNceNQ93KIjCAswUYVpYkrWRbUpjHE5lUVPh7G5bjCCcORlU9fgHJC3gt+q
yGxanDmiHSuzuZlhf8iRdFWZpWdjQHF9c7guvLfGXtq358VGgPh1xGFRCL5+7U+4
I7OWTv0ZyjdaWLLWVgK635Pjqq9ZLjhUkAOzIxw/l83+kceNBvRJ+jIhdCftn4TC
gCgi1JuF1mKsvIWPNlWWLs7dVKDpt8vHPm/G2g4me409
-----END CERTIFICATE-----
Generated at Sat Apr 26 05:28:22 2025 by rpki-client