Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/3K-ochPFznfa1R58KADoobpI-vU.roa
File: 3K-ochPFznfa1R58KADoobpI-vU.roa (raw, json)
Hash identifier: E6kgHgglfZ2aDwdeJ1gi09PFBDh7xrY6BBweccfhYH4=
Subject key identifier: DC:AF:A8:72:13:C5:CE:77:DA:D5:1E:7C:28:00:E8:A1:BA:48:FA:F5
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0194266B9334AFF03DF3FD609F1DABDC8DEA
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/3K-ochPFznfa1R58KADoobpI-vU.roa
Signing time: Thu 02 Jan 2025 09:49:31 +0000
ROA not before: Thu 02 Jan 2025 09:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60807
IP address blocks: 84.236.180.0/24 maxlen: 24
84.236.250.0/24 maxlen: 24
88.148.96.0/23 maxlen: 23
178.156.47.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:93:34:af:f0:3d:f3:fd:60:9f:1d:ab:dc:8d:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 09:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcafa87213c5ce77dad51e7c2800e8a1ba48faf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:aa:50:43:51:75:5a:f7:e1:51:5b:29:9e:c4:
18:c1:35:b7:d8:84:c6:eb:67:d5:d7:9c:06:d2:f5:
02:29:0f:bd:02:be:98:71:67:de:db:a6:4d:06:33:
14:72:81:b6:7f:50:31:f3:6e:9d:d2:d9:32:a7:12:
69:43:a4:94:7c:bf:79:1a:4c:cb:44:2f:0d:e1:28:
99:b6:a4:b9:46:63:32:9f:16:83:17:d4:2a:ca:26:
23:d4:99:6f:b7:bc:4f:b4:8d:61:55:15:a0:16:22:
29:d1:5c:5b:66:1f:e5:10:64:95:50:1f:cc:53:bc:
f7:5b:09:8e:77:49:e1:eb:b3:5f:3b:a5:7b:18:f3:
cb:42:93:93:64:1a:a2:b6:fa:e2:54:83:9a:fc:ba:
ff:7d:ce:3f:4e:4c:9d:5b:6d:23:76:c3:6c:ba:ce:
c5:c0:31:27:15:68:4a:7a:9d:34:0f:a0:c5:78:77:
d2:6c:dd:4b:93:cc:fb:3b:1c:bb:52:51:4d:dd:16:
60:d0:dc:49:95:f5:4b:19:8e:46:12:77:66:69:91:
b0:15:ef:29:05:1b:2b:22:c8:8b:9e:6b:1e:da:c1:
64:bb:a1:a7:74:c0:01:7c:2c:79:32:79:7a:33:08:
5a:b5:ad:0a:ff:aa:36:6e:33:84:2d:19:a4:bf:f0:
ca:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:AF:A8:72:13:C5:CE:77:DA:D5:1E:7C:28:00:E8:A1:BA:48:FA:F5
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/3K-ochPFznfa1R58KADoobpI-vU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.180.0/24
84.236.250.0/24
88.148.96.0/23
178.156.47.0/24
Signature Algorithm: sha256WithRSAEncryption
90:05:8c:6c:1d:8f:82:3b:01:0d:44:66:1c:85:20:74:d9:38:
9f:af:8a:e8:6d:41:8d:27:77:a7:27:ea:89:a4:7a:05:64:94:
66:3d:f2:53:9f:2f:d3:00:57:7e:f0:ad:50:41:b4:5a:bf:d3:
5a:57:33:af:97:92:69:d0:95:e7:b9:8f:9a:82:13:e7:35:24:
02:c8:7a:31:42:28:3e:55:ef:a6:81:d4:18:f6:68:3d:1c:75:
1b:87:f1:20:48:ee:9b:cb:56:f2:06:44:df:9a:ef:59:68:c7:
9f:75:33:04:2d:f0:5b:a4:5d:bb:61:e6:92:9b:25:fd:d0:33:
64:f4:bc:29:65:e3:e5:28:2f:d3:f0:38:98:bd:fb:75:2d:24:
dd:bc:88:69:9a:41:90:c4:e1:32:9b:34:93:3e:00:76:de:28:
bb:e8:69:19:3c:1d:1b:0d:fe:6c:5e:68:74:dc:7a:6c:97:8b:
d6:ff:20:29:86:99:e8:c0:9a:66:74:d9:ac:c9:3d:43:89:c0:
1d:a9:4a:e2:00:42:ba:34:18:f5:4e:c5:2a:03:9e:ac:ba:0b:
d2:fd:39:04:7f:f8:5c:c0:2b:b4:f4:13:79:ae:c3:4d:3b:10:
fe:ab:d2:87:5c:2f:80:49:87:43:99:39:42:17:f1:98:91:11:
96:8c:d6:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQma5M0r/A98/1gnx2r3I3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwMTAyMDk0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2FmYTg3MjEzYzVjZTc3ZGFkNTFlN2MyODAwZThhMWJhNDhmYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqpQQ1F1WvfhUVspnsQYwTW32ITG
62fV15wG0vUCKQ+9Ar6YcWfe26ZNBjMUcoG2f1Ax826d0tkypxJpQ6SUfL95GkzL
RC8N4SiZtqS5RmMynxaDF9QqyiYj1Jlvt7xPtI1hVRWgFiIp0VxbZh/lEGSVUB/M
U7z3WwmOd0nh67NfO6V7GPPLQpOTZBqitvriVIOa/Lr/fc4/TkydW20jdsNsus7F
wDEnFWhKep00D6DFeHfSbN1Lk8z7Oxy7UlFN3RZg0NxJlfVLGY5GEndmaZGwFe8p
BRsrIsiLnmse2sFku6GndMABfCx5Mnl6Mwhata0K/6o2bjOELRmkv/DKNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNyvqHITxc532tUefCgA6KG6SPr1MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvM0stb2NoUEZ6bmZhMVI1OEtBRG9vYnBJLXZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVOy0AwQA
VOz6AwQBWJRgAwQAspwvMA0GCSqGSIb3DQEBCwUAA4IBAQCQBYxsHY+COwENRGYc
hSB02Tifr4robUGNJ3enJ+qJpHoFZJRmPfJTny/TAFd+8K1QQbRav9NaVzOvl5Jp
0JXnuY+aghPnNSQCyHoxQig+Ve+mgdQY9mg9HHUbh/EgSO6by1byBkTfmu9ZaMef
dTMELfBbpF27YeaSmyX90DNk9LwpZePlKC/T8DiYvft1LSTdvIhpmkGQxOEymzST
PgB23ii76GkZPB0bDf5sXmh03Hpsl4vW/yAphpnowJpmdNmsyT1DicAdqUriAEK6
NBj1TsUqA56sugvS/TkEf/hcwCu09BN5rsNNOxD+q9KHXC+ASYdDmTlCF/GYkRGW
jNYi
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:40:13 2025 by rpki-client