Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/eaf43a-1f11-48c8-9c80-18be5f464ed6/1/3JUWGQsOPBFoC4I-OGs1qaLU-CQ.roa
File: 3JUWGQsOPBFoC4I-OGs1qaLU-CQ.roa (raw, json)
Hash identifier: HAn/ErTzS/Zebt/yY2233fhmAXGMbizcG23F8CM++/Q=
Subject key identifier: DC:95:16:19:0B:0E:3C:11:68:0B:82:3E:38:6B:35:A9:A2:D4:F8:24
Certificate issuer: /CN=a9a83ad43c88b4ce44e820e115de9c537e2a54a6
Certificate serial: 01942747AD5B98A79311A618D5C51F2A2975
Authority key identifier: A9:A8:3A:D4:3C:88:B4:CE:44:E8:20:E1:15:DE:9C:53:7E:2A:54:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qag61DyItM5E6CDhFd6cU34qVKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/eaf43a-1f11-48c8-9c80-18be5f464ed6/1/3JUWGQsOPBFoC4I-OGs1qaLU-CQ.roa
Signing time: Thu 02 Jan 2025 13:49:56 +0000
ROA not before: Thu 02 Jan 2025 13:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41191
IP address blocks: 193.203.32.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ad:5b:98:a7:93:11:a6:18:d5:c5:1f:2a:29:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a83ad43c88b4ce44e820e115de9c537e2a54a6
Validity
Not Before: Jan 2 13:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc9516190b0e3c11680b823e386b35a9a2d4f824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6c:e6:db:74:4a:a4:3a:25:a5:8e:f5:63:e8:
53:31:d5:e2:4b:e0:e7:60:f3:e1:11:74:c0:17:cd:
05:93:b0:05:3a:ad:2b:b9:4a:10:de:ac:60:0b:96:
08:b2:42:e8:8c:83:fc:07:a8:e3:d8:58:e1:40:e0:
f3:d0:e8:8a:4b:63:b0:e9:82:c6:86:6e:9f:73:83:
0d:fc:8c:99:09:66:ec:76:1c:0c:83:cd:8f:1e:7b:
03:f9:ea:0d:79:d9:b7:5d:04:2e:cb:3a:8e:84:fc:
fe:43:c3:d6:4a:e0:54:a8:bc:a4:d6:c9:2e:66:94:
e4:9d:36:94:eb:cc:92:50:db:e9:5c:ff:ca:ad:a5:
6f:71:11:db:5d:54:08:b9:13:b9:34:78:44:cb:a2:
d9:1a:c6:65:51:64:0e:2a:52:25:61:89:45:34:44:
b2:02:05:57:89:33:8f:21:d5:3f:c9:6f:e7:dd:05:
a5:af:19:98:09:1f:48:fe:3b:b3:9c:4f:22:0a:05:
f0:e8:c7:21:15:c2:0f:77:15:f2:33:8f:e2:21:1a:
76:35:6d:66:8b:b6:44:6c:34:18:cd:a1:e2:22:fa:
97:82:bb:65:0e:36:ac:90:15:cb:ad:d2:ad:7d:f3:
83:35:a5:d2:5c:a9:5f:9c:15:28:34:ca:a8:f4:cb:
64:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:95:16:19:0B:0E:3C:11:68:0B:82:3E:38:6B:35:A9:A2:D4:F8:24
X509v3 Authority Key Identifier:
keyid:A9:A8:3A:D4:3C:88:B4:CE:44:E8:20:E1:15:DE:9C:53:7E:2A:54:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qag61DyItM5E6CDhFd6cU34qVKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/eaf43a-1f11-48c8-9c80-18be5f464ed6/1/3JUWGQsOPBFoC4I-OGs1qaLU-CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/eaf43a-1f11-48c8-9c80-18be5f464ed6/1/qag61DyItM5E6CDhFd6cU34qVKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.32.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:31:a1:6f:f3:e8:b0:28:83:57:9e:b8:fd:17:1d:f1:33:65:
19:bb:8a:67:e0:2b:4b:82:da:3e:3f:b9:96:58:a0:2d:ca:2c:
d6:0f:fd:bb:8c:c1:80:c9:f7:6b:df:e0:49:3d:06:e1:75:ae:
66:84:64:98:b5:1e:e3:ea:07:2b:7f:b1:8e:59:22:96:d9:35:
78:79:a8:84:54:8c:66:76:12:77:5d:e8:22:64:95:f9:86:4f:
1b:e0:a1:12:cf:60:d7:9e:e3:3e:3d:b1:63:8a:99:61:1e:01:
c6:a6:69:ad:a3:17:e3:a5:79:05:a8:28:27:d0:ed:79:ff:f1:
40:57:9a:99:0f:19:72:bc:54:01:09:23:7b:24:6f:78:4d:94:
d6:28:ce:db:24:25:fc:cf:d7:59:89:e7:da:fe:8a:5b:99:db:
4c:3b:b8:7f:c4:fb:fa:a9:47:9f:a7:ac:b5:13:84:17:52:7f:
45:05:a3:50:84:87:2f:cc:bf:38:a6:f9:2c:20:28:89:47:25:
fc:bd:ae:a2:51:63:91:19:24:1a:7a:8f:88:f5:ad:4a:fb:46:
8e:ef:16:1c:9d:06:64:4a:20:00:cf:1a:49:c6:dd:98:1b:1d:
93:e4:94:b3:69:6d:21:52:84:d0:db:f2:ec:02:a8:55:1c:8e:
a0:46:15:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR61bmKeTEaYY1cUfKil1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YTgzYWQ0M2M4OGI0Y2U0NGU4MjBlMTE1ZGU5YzUzN2Uy
YTU0YTYwHhcNMjUwMTAyMTM0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzk1MTYxOTBiMGUzYzExNjgwYjgyM2UzODZiMzVhOWEyZDRmODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmzm23RKpDolpY71Y+hTMdXiS+Dn
YPPhEXTAF80Fk7AFOq0ruUoQ3qxgC5YIskLojIP8B6jj2FjhQODz0OiKS2Ow6YLG
hm6fc4MN/IyZCWbsdhwMg82PHnsD+eoNedm3XQQuyzqOhPz+Q8PWSuBUqLyk1sku
ZpTknTaU68ySUNvpXP/KraVvcRHbXVQIuRO5NHhEy6LZGsZlUWQOKlIlYYlFNESy
AgVXiTOPIdU/yW/n3QWlrxmYCR9I/juznE8iCgXw6MchFcIPdxXyM4/iIRp2NW1m
i7ZEbDQYzaHiIvqXgrtlDjaskBXLrdKtffODNaXSXKlfnBUoNMqo9MtkGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyVFhkLDjwRaAuCPjhrNami1PgkMB8GA1UdIwQY
MBaAFKmoOtQ8iLTOROgg4RXenFN+KlSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWFnNjFEeUl0TTVFNkNEaEZkNmNVMzRxVktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9lYWY0M2EtMWYxMS00OGM4LTljODAt
MThiZTVmNDY0ZWQ2LzEvM0pVV0dRc09QQkZvQzRJLU9HczFxYUxVLUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9lYWY0M2EtMWYxMS00OGM4LTljODAtMThiZTVmNDY0ZWQ2
LzEvcWFnNjFEeUl0TTVFNkNEaEZkNmNVMzRxVktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwcsgMA0G
CSqGSIb3DQEBCwUAA4IBAQAdMaFv8+iwKINXnrj9Fx3xM2UZu4pn4CtLgto+P7mW
WKAtyizWD/27jMGAyfdr3+BJPQbhda5mhGSYtR7j6gcrf7GOWSKW2TV4eaiEVIxm
dhJ3XegiZJX5hk8b4KESz2DXnuM+PbFjiplhHgHGpmmtoxfjpXkFqCgn0O15//FA
V5qZDxlyvFQBCSN7JG94TZTWKM7bJCX8z9dZiefa/opbmdtMO7h/xPv6qUefp6y1
E4QXUn9FBaNQhIcvzL84pvksICiJRyX8va6iUWORGSQaeo+I9a1K+0aO7xYcnQZk
SiAAzxpJxt2YGx2T5JSzaW0hUoTQ2/LsAqhVHI6gRhUv
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:30:32 2025 by rpki-client