Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/65f8e2-f4ed-424d-9b91-47dd0c04b550/1/3csahPS_wbV_Cdmexl1nUcqXKCs.roa
File: 3csahPS_wbV_Cdmexl1nUcqXKCs.roa (raw, json)
Hash identifier: bIzOWikibOXI8uzov3zH1ZZ4OwuzNl9gaDQiq7HSE2A=
Subject key identifier: DD:CB:1A:84:F4:BF:C1:B5:7F:09:D9:9E:C6:5D:67:51:CA:97:28:2B
Certificate issuer: /CN=2b3d5db900e081b213ea1f071ec5c00347a6fd95
Certificate serial: 01942067E94A6A054BC5E4ED77ABE3D207EB
Authority key identifier: 2B:3D:5D:B9:00:E0:81:B2:13:EA:1F:07:1E:C5:C0:03:47:A6:FD:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kz1duQDggbIT6h8HHsXAA0em_ZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/65f8e2-f4ed-424d-9b91-47dd0c04b550/1/3csahPS_wbV_Cdmexl1nUcqXKCs.roa
Signing time: Wed 01 Jan 2025 05:47:48 +0000
ROA not before: Wed 01 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 91.198.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e9:4a:6a:05:4b:c5:e4:ed:77:ab:e3:d2:07:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b3d5db900e081b213ea1f071ec5c00347a6fd95
Validity
Not Before: Jan 1 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddcb1a84f4bfc1b57f09d99ec65d6751ca97282b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bf:2e:76:e2:e4:93:42:8d:3d:ed:c0:cc:81:
47:25:e9:c1:59:e0:df:07:90:f3:8a:67:05:de:70:
98:5b:ee:9b:67:ba:ea:f2:ce:f5:92:62:fe:25:9d:
ee:01:66:7b:4b:e7:ad:44:34:4c:46:76:20:f8:1d:
d4:97:62:2d:e8:b8:36:4e:6c:50:da:42:65:b8:9a:
01:d6:c9:07:95:d4:a5:65:b4:c8:b7:87:7f:49:8f:
5c:b0:aa:8c:ce:44:5e:4c:ce:46:c2:b3:2e:54:79:
8b:0b:42:a7:9a:4a:34:ca:4d:a8:3e:f9:1c:7b:d2:
f7:a3:5d:78:10:22:1d:61:92:3b:74:37:a7:4a:14:
c0:b8:4c:77:a4:45:2d:07:b5:e4:9e:aa:94:d0:97:
47:b8:c3:ab:c4:9f:ba:82:65:06:cb:85:ca:ca:73:
13:36:72:10:a7:e1:6c:b4:00:14:bd:c2:40:3c:8f:
25:ed:73:e2:76:5d:ac:3a:2d:33:25:12:01:3e:9d:
d6:d0:20:b2:27:51:47:b2:a0:83:0a:42:ca:df:1e:
f7:20:3c:5d:31:9d:f9:5a:65:2d:75:9b:ed:fa:31:
d0:79:a8:d9:0b:1b:eb:92:a6:0a:f6:28:2e:79:ee:
1f:60:fb:c9:f4:03:4d:91:ed:9e:56:5e:37:6f:a1:
e3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:CB:1A:84:F4:BF:C1:B5:7F:09:D9:9E:C6:5D:67:51:CA:97:28:2B
X509v3 Authority Key Identifier:
keyid:2B:3D:5D:B9:00:E0:81:B2:13:EA:1F:07:1E:C5:C0:03:47:A6:FD:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kz1duQDggbIT6h8HHsXAA0em_ZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/65f8e2-f4ed-424d-9b91-47dd0c04b550/1/3csahPS_wbV_Cdmexl1nUcqXKCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/65f8e2-f4ed-424d-9b91-47dd0c04b550/1/Kz1duQDggbIT6h8HHsXAA0em_ZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.173.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:8e:84:ba:4d:86:d0:cc:59:55:3a:fc:6a:df:3e:e9:ad:09:
39:86:df:37:90:0e:e9:b7:6f:02:9f:2e:ba:9a:de:d4:7c:9c:
0f:a7:f7:f3:db:a7:8f:da:5c:50:fa:c4:e7:2e:d5:c0:d9:f3:
69:1e:b6:93:00:af:1f:cf:77:3d:6a:bd:99:64:9f:c4:f9:6c:
8b:cd:b0:0e:d8:55:79:b0:df:0c:7d:e3:63:98:37:9c:3e:15:
c1:bf:b1:e5:60:f8:65:22:a6:e3:01:42:ec:35:6d:e2:4c:77:
ed:52:f3:f2:21:77:a0:e0:31:d7:7c:9c:0f:b7:5c:a9:39:fb:
8e:a6:df:f8:9a:80:c3:31:24:84:91:2e:bb:41:49:88:82:f5:
6a:21:88:bd:00:4b:0c:f0:cf:2d:64:3a:72:5c:4e:27:69:61:
2d:d8:e2:2d:6a:82:93:42:2a:8f:ff:4b:53:ca:90:98:e5:37:
62:83:f5:eb:4f:41:84:a6:61:bb:25:d7:e5:e3:8d:17:33:5e:
b9:e7:f3:82:a6:ee:34:49:45:48:a3:f9:73:7e:93:83:92:04:
60:fd:49:19:a5:bd:5f:4d:42:fb:54:ff:ce:b4:0a:d1:d4:dc:
34:23:2c:ae:0b:92:c5:a7:f2:f3:01:4c:fa:b5:6f:4d:fb:77:
5f:5d:fb:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ+lKagVLxeTtd6vj0gfrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiM2Q1ZGI5MDBlMDgxYjIxM2VhMWYwNzFlYzVjMDAzNDdh
NmZkOTUwHhcNMjUwMTAxMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGNiMWE4NGY0YmZjMWI1N2YwOWQ5OWVjNjVkNjc1MWNhOTcyODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlb8uduLkk0KNPe3AzIFHJenBWeDf
B5DzimcF3nCYW+6bZ7rq8s71kmL+JZ3uAWZ7S+etRDRMRnYg+B3Ul2It6Lg2TmxQ
2kJluJoB1skHldSlZbTIt4d/SY9csKqMzkReTM5GwrMuVHmLC0Knmko0yk2oPvkc
e9L3o114ECIdYZI7dDenShTAuEx3pEUtB7XknqqU0JdHuMOrxJ+6gmUGy4XKynMT
NnIQp+FstAAUvcJAPI8l7XPidl2sOi0zJRIBPp3W0CCyJ1FHsqCDCkLK3x73IDxd
MZ35WmUtdZvt+jHQeajZCxvrkqYK9iguee4fYPvJ9ANNke2eVl43b6HjwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN3LGoT0v8G1fwnZnsZdZ1HKlygrMB8GA1UdIwQY
MBaAFCs9XbkA4IGyE+ofBx7FwANHpv2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3oxZHVRRGdnYklUNmg4SEhzWEFBMGVtX1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS82NWY4ZTItZjRlZC00MjRkLTliOTEt
NDdkZDBjMDRiNTUwLzEvM2NzYWhQU193YlZfQ2RtZXhsMW5VY3FYS0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS82NWY4ZTItZjRlZC00MjRkLTliOTEtNDdkZDBjMDRiNTUw
LzEvS3oxZHVRRGdnYklUNmg4SEhzWEFBMGVtX1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8atMA0G
CSqGSIb3DQEBCwUAA4IBAQA+joS6TYbQzFlVOvxq3z7prQk5ht83kA7pt28Cny66
mt7UfJwPp/fz26eP2lxQ+sTnLtXA2fNpHraTAK8fz3c9ar2ZZJ/E+WyLzbAO2FV5
sN8MfeNjmDecPhXBv7HlYPhlIqbjAULsNW3iTHftUvPyIXeg4DHXfJwPt1ypOfuO
pt/4moDDMSSEkS67QUmIgvVqIYi9AEsM8M8tZDpyXE4naWEt2OItaoKTQiqP/0tT
ypCY5Tdig/XrT0GEpmG7Jdfl440XM1655/OCpu40SUVIo/lzfpODkgRg/UkZpb1f
TUL7VP/OtArR1Nw0IyyuC5LFp/LzAUz6tW9N+3dfXfuz
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:42:55 2025 by rpki-client