Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/c7fdc8-caeb-4741-be4e-28e44f2ee90a/1/3R3CMh1y4wsFDSZM0M3C1xZygbQ.roa
File: 3R3CMh1y4wsFDSZM0M3C1xZygbQ.roa (raw, json)
Hash identifier: XMT6KzECLufc9ZTbE5ZuXejsU3/rr0tksv09pEK0Cjw=
Subject key identifier: DD:1D:C2:32:1D:72:E3:0B:05:0D:26:4C:D0:CD:C2:D7:16:72:81:B4
Certificate issuer: /CN=df3b796c3fc559bfaf4b76550894cff4d30b9b7e
Certificate serial: 019421441319082A21038A6CD7353FE8F7A3
Authority key identifier: DF:3B:79:6C:3F:C5:59:BF:AF:4B:76:55:08:94:CF:F4:D3:0B:9B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3zt5bD_FWb-vS3ZVCJTP9NMLm34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/c7fdc8-caeb-4741-be4e-28e44f2ee90a/1/3R3CMh1y4wsFDSZM0M3C1xZygbQ.roa
Signing time: Wed 01 Jan 2025 09:48:16 +0000
ROA not before: Wed 01 Jan 2025 09:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24603
IP address blocks: 195.42.100.0/23 maxlen: 24
2001:67c:12e8::/47 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:13:19:08:2a:21:03:8a:6c:d7:35:3f:e8:f7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3b796c3fc559bfaf4b76550894cff4d30b9b7e
Validity
Not Before: Jan 1 09:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd1dc2321d72e30b050d264cd0cdc2d7167281b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:97:9b:21:9a:ca:e1:86:08:f6:01:ab:f8:31:
ec:93:bd:9c:17:6e:e7:13:67:b1:bc:f2:e1:7c:83:
fa:bf:37:6b:64:28:73:e2:c0:4c:85:9c:2e:fd:ef:
4f:0b:ee:57:46:b6:4c:6c:37:51:d3:a7:75:99:59:
0e:82:ee:18:a6:09:67:59:30:eb:fe:c3:b3:fc:32:
3a:68:17:a9:50:4f:3e:a3:62:4d:84:bb:f6:e4:2e:
19:1c:37:32:61:da:ae:10:84:31:38:f6:af:d6:47:
29:3e:bf:8f:52:f0:ca:63:b4:c1:86:60:3d:b5:22:
cc:95:a6:df:e9:75:4c:93:1b:37:72:77:fc:44:a2:
6d:04:22:69:7a:c0:d7:41:cb:c5:6e:48:9a:e4:ee:
67:f0:d3:5a:8c:16:cb:f4:e2:53:ca:0a:e1:ff:b7:
fd:60:cb:e2:43:3a:5a:4a:84:51:e0:d5:c5:15:a0:
cb:3e:4e:22:41:fd:55:f9:47:a5:b0:36:bf:25:79:
91:99:de:4b:10:91:fb:e6:bf:04:59:da:14:fe:c7:
8c:21:99:27:51:bb:b3:92:5f:ad:c7:9c:5f:1b:82:
e3:10:80:63:98:14:a2:33:25:7c:1e:02:3f:04:98:
91:c7:f7:6c:45:cd:e2:a9:94:87:e9:b5:2e:ac:80:
c7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:1D:C2:32:1D:72:E3:0B:05:0D:26:4C:D0:CD:C2:D7:16:72:81:B4
X509v3 Authority Key Identifier:
keyid:DF:3B:79:6C:3F:C5:59:BF:AF:4B:76:55:08:94:CF:F4:D3:0B:9B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3zt5bD_FWb-vS3ZVCJTP9NMLm34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c7fdc8-caeb-4741-be4e-28e44f2ee90a/1/3R3CMh1y4wsFDSZM0M3C1xZygbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c7fdc8-caeb-4741-be4e-28e44f2ee90a/1/3zt5bD_FWb-vS3ZVCJTP9NMLm34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.100.0/23
IPv6:
2001:67c:12e8::/47
Signature Algorithm: sha256WithRSAEncryption
55:55:97:38:bf:c3:02:56:0d:30:60:61:f4:40:e9:4c:0b:a5:
9e:a8:13:1a:ce:df:97:7b:fc:7f:89:1f:85:ee:fd:69:7c:df:
5b:40:f6:f8:fe:5c:fc:5e:f0:cc:c5:d1:c6:7e:6b:a4:80:75:
70:9a:04:85:a1:eb:63:8d:f5:d9:28:9f:4f:6d:ae:e4:e9:76:
ea:70:b7:d5:a3:43:ee:f2:58:23:18:8a:2a:31:30:6a:0b:ee:
b5:82:23:93:0a:dd:29:05:e5:04:64:36:c6:c7:7e:6d:24:d9:
96:15:00:94:f2:be:a0:ee:d4:98:fe:f4:41:60:ef:f0:d5:60:
a6:3f:69:50:08:b9:96:22:2b:d6:06:69:2d:c2:43:79:4a:62:
c1:8b:8d:0e:97:c6:ed:f7:88:4a:9a:9b:72:78:d3:13:5e:51:
95:f0:48:98:e2:1d:5e:10:32:f2:31:27:a5:bf:71:00:fa:d9:
9f:52:12:16:26:a4:ee:3f:cc:f5:65:de:62:e5:78:88:c3:86:
a2:24:67:59:39:77:ce:70:9a:ad:1b:c8:ee:7a:a0:d0:43:6f:
00:ae:e3:71:b6:8e:fd:bd:3a:3c:01:c4:9d:47:5b:e1:3f:2d:
e7:99:11:18:92:53:02:68:09:67:82:2b:c3:96:ca:8e:cd:94:
24:07:47:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQhRBMZCCohA4ps1zU/6PejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2I3OTZjM2ZjNTU5YmZhZjRiNzY1NTA4OTRjZmY0ZDMw
YjliN2UwHhcNMjUwMTAxMDk0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDFkYzIzMjFkNzJlMzBiMDUwZDI2NGNkMGNkYzJkNzE2NzI4MWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZebIZrK4YYI9gGr+DHsk72cF27n
E2exvPLhfIP6vzdrZChz4sBMhZwu/e9PC+5XRrZMbDdR06d1mVkOgu4YpglnWTDr
/sOz/DI6aBepUE8+o2JNhLv25C4ZHDcyYdquEIQxOPav1kcpPr+PUvDKY7TBhmA9
tSLMlabf6XVMkxs3cnf8RKJtBCJpesDXQcvFbkia5O5n8NNajBbL9OJTygrh/7f9
YMviQzpaSoRR4NXFFaDLPk4iQf1V+UelsDa/JXmRmd5LEJH75r8EWdoU/seMIZkn
Ubuzkl+tx5xfG4LjEIBjmBSiMyV8HgI/BJiRx/dsRc3iqZSH6bUurIDH4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN0dwjIdcuMLBQ0mTNDNwtcWcoG0MB8GA1UdIwQY
MBaAFN87eWw/xVm/r0t2VQiUz/TTC5t+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3p0NWJEX0ZXYi12UzNaVkNKVFA5Tk1MbTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jN2ZkYzgtY2FlYi00NzQxLWJlNGUt
MjhlNDRmMmVlOTBhLzEvM1IzQ01oMXk0d3NGRFNaTTBNM0MxeFp5Z2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jN2ZkYzgtY2FlYi00NzQxLWJlNGUtMjhlNDRmMmVlOTBh
LzEvM3p0NWJEX0ZXYi12UzNaVkNKVFA5Tk1MbTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwypkMA8E
AgACMAkDBwEgAQZ8EugwDQYJKoZIhvcNAQELBQADggEBAFVVlzi/wwJWDTBgYfRA
6UwLpZ6oExrO35d7/H+JH4Xu/Wl831tA9vj+XPxe8MzF0cZ+a6SAdXCaBIWh62ON
9dkon09truTpdupwt9WjQ+7yWCMYiioxMGoL7rWCI5MK3SkF5QRkNsbHfm0k2ZYV
AJTyvqDu1Jj+9EFg7/DVYKY/aVAIuZYiK9YGaS3CQ3lKYsGLjQ6Xxu33iEqam3J4
0xNeUZXwSJjiHV4QMvIxJ6W/cQD62Z9SEhYmpO4/zPVl3mLleIjDhqIkZ1k5d85w
mq0byO56oNBDbwCu43G2jv29OjwBxJ1HW+E/LeeZERiSUwJoCWeCK8OWyo7NlCQH
R5w=
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:45:01 2025 by rpki-client