Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/3NL0_43JO4ViZMUt6FOGd4wRJes.roa
File: 3NL0_43JO4ViZMUt6FOGd4wRJes.roa (raw, json)
Hash identifier: iMUE0vTHXLYCmLZqj0qdPBpz5FgK9qmOUf7yFoe48OI=
Subject key identifier: DC:D2:F4:FF:8D:C9:3B:85:62:64:C5:2D:E8:53:86:77:8C:11:25:EB
Certificate issuer: /CN=4e0f39e2caae8e2cf14bcc41b23f3c86e1a720f8
Certificate serial: 0194221F67DC6CF30AD8F58B95C44E7BDC51
Authority key identifier: 4E:0F:39:E2:CA:AE:8E:2C:F1:4B:CC:41:B2:3F:3C:86:E1:A7:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tg854squjizxS8xBsj88huGnIPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/3NL0_43JO4ViZMUt6FOGd4wRJes.roa
Signing time: Wed 01 Jan 2025 13:47:51 +0000
ROA not before: Wed 01 Jan 2025 13:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198203
IP address blocks: 185.157.208.0/24 maxlen: 24
185.157.209.0/24 maxlen: 24
185.157.210.0/24 maxlen: 24
185.157.211.0/24 maxlen: 24
2a03:afe1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:67:dc:6c:f3:0a:d8:f5:8b:95:c4:4e:7b:dc:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e0f39e2caae8e2cf14bcc41b23f3c86e1a720f8
Validity
Not Before: Jan 1 13:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcd2f4ff8dc93b856264c52de85386778c1125eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c4:17:79:60:9c:b2:54:bf:1f:82:fc:bb:d2:
8c:8b:f3:ac:3a:11:69:ca:a1:f4:06:6e:0e:59:df:
e2:c8:a3:7f:6b:ec:5b:39:58:98:54:61:35:6f:35:
cc:4b:dc:60:cb:48:60:d3:34:a2:d2:96:e1:f0:4a:
fa:50:60:0a:5b:0d:58:ac:b3:47:9b:90:5e:4a:cc:
d1:aa:49:5c:da:9b:3e:60:1d:85:a9:84:62:ac:17:
64:8b:65:02:71:84:8b:61:e1:3a:47:d7:56:06:94:
44:87:89:01:78:ee:2a:bb:8a:7c:74:80:6b:0b:07:
35:96:b9:3e:f5:52:1c:59:0a:51:c6:5a:f4:bd:8f:
60:ad:ef:3a:62:b3:d9:b7:dd:af:e3:69:ff:f1:86:
b8:26:fa:8b:0e:9e:24:65:3f:b5:8e:0b:76:94:46:
c7:1f:18:30:3d:5c:88:94:6f:e2:82:56:b5:54:70:
d4:e1:a9:aa:12:4d:3e:2f:bd:9d:41:96:72:d2:8c:
34:d8:49:a7:f7:d7:94:c7:76:c0:60:9a:24:9b:49:
54:e9:c8:dc:4f:15:3d:97:6b:46:ea:8c:3d:42:04:
1e:14:ec:10:6f:1e:a8:fd:60:17:3b:61:b3:44:fc:
96:83:0a:36:12:18:03:06:49:3d:2f:90:d2:35:0b:
a6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D2:F4:FF:8D:C9:3B:85:62:64:C5:2D:E8:53:86:77:8C:11:25:EB
X509v3 Authority Key Identifier:
keyid:4E:0F:39:E2:CA:AE:8E:2C:F1:4B:CC:41:B2:3F:3C:86:E1:A7:20:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tg854squjizxS8xBsj88huGnIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/3NL0_43JO4ViZMUt6FOGd4wRJes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/d5e3cc-c1cd-4d68-bec3-1b08f7f5015d/1/Tg854squjizxS8xBsj88huGnIPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.208.0/22
IPv6:
2a03:afe1::/32
Signature Algorithm: sha256WithRSAEncryption
ac:0b:1b:8e:f0:07:20:0a:9c:8a:70:a4:b3:71:05:64:70:18:
6f:3f:38:72:93:87:f8:8a:66:8c:6d:40:74:ab:03:44:15:7d:
5d:63:23:86:1d:1e:e4:df:9e:2c:bc:6e:50:c2:2a:12:8c:0e:
4c:21:23:2f:c6:d4:db:64:02:42:65:bf:d6:30:76:39:0d:11:
96:bb:84:0a:04:d2:87:f5:d0:22:36:4f:1e:7e:21:ee:0f:0b:
da:dc:d9:ad:24:b1:dc:72:f6:a5:97:77:42:5f:9b:61:81:0a:
cc:7c:fc:e8:89:ab:1f:1e:98:f3:87:07:50:32:11:b8:a7:9b:
70:0c:16:1f:c8:e7:c1:de:ee:03:ab:a1:cf:27:93:fc:94:db:
43:a5:9d:d2:9c:da:e9:f1:9a:25:aa:4d:20:db:15:87:70:c9:
e7:9e:c8:30:32:76:44:08:57:26:40:92:96:a8:7e:3f:65:c9:
05:2d:94:2e:dc:db:58:ce:2b:c6:f3:99:f0:55:3b:cc:a2:93:
50:93:6e:ef:b0:ce:88:14:dd:ba:54:b8:17:f0:4c:6c:53:34:
c1:8b:3c:cd:e4:53:ef:c2:77:7f:e9:58:f3:a4:70:68:ad:b0:
d8:0c:40:7c:4d:b2:66:5b:31:15:ff:1c:24:6c:7b:94:b0:5d:
b4:34:8b:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH2fcbPMK2PWLlcROe9xRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMGYzOWUyY2FhZThlMmNmMTRiY2M0MWIyM2YzYzg2ZTFh
NzIwZjgwHhcNMjUwMTAxMTM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2QyZjRmZjhkYzkzYjg1NjI2NGM1MmRlODUzODY3NzhjMTEyNWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMQXeWCcslS/H4L8u9KMi/OsOhFp
yqH0Bm4OWd/iyKN/a+xbOViYVGE1bzXMS9xgy0hg0zSi0pbh8Er6UGAKWw1YrLNH
m5BeSszRqklc2ps+YB2FqYRirBdki2UCcYSLYeE6R9dWBpREh4kBeO4qu4p8dIBr
Cwc1lrk+9VIcWQpRxlr0vY9gre86YrPZt92v42n/8Ya4JvqLDp4kZT+1jgt2lEbH
HxgwPVyIlG/igla1VHDU4amqEk0+L72dQZZy0ow02Emn99eUx3bAYJokm0lU6cjc
TxU9l2tG6ow9QgQeFOwQbx6o/WAXO2GzRPyWgwo2EhgDBkk9L5DSNQumawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNzS9P+NyTuFYmTFLehThneMESXrMB8GA1UdIwQY
MBaAFE4POeLKro4s8UvMQbI/PIbhpyD4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGc4NTRzcXVqaXp4Uzh4QnNqODhodUduSVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9kNWUzY2MtYzFjZC00ZDY4LWJlYzMt
MWIwOGY3ZjUwMTVkLzEvM05MMF80M0pPNFZpWk1VdDZGT0dkNHdSSmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9kNWUzY2MtYzFjZC00ZDY4LWJlYzMtMWIwOGY3ZjUwMTVk
LzEvVGc4NTRzcXVqaXp4Uzh4QnNqODhodUduSVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ3QMA0E
AgACMAcDBQAqA6/hMA0GCSqGSIb3DQEBCwUAA4IBAQCsCxuO8AcgCpyKcKSzcQVk
cBhvPzhyk4f4imaMbUB0qwNEFX1dYyOGHR7k354svG5QwioSjA5MISMvxtTbZAJC
Zb/WMHY5DRGWu4QKBNKH9dAiNk8efiHuDwva3NmtJLHccvall3dCX5thgQrMfPzo
iasfHpjzhwdQMhG4p5twDBYfyOfB3u4Dq6HPJ5P8lNtDpZ3SnNrp8Zolqk0g2xWH
cMnnnsgwMnZECFcmQJKWqH4/ZckFLZQu3NtYzivG85nwVTvMopNQk27vsM6IFN26
VLgX8ExsUzTBizzN5FPvwnd/6VjzpHBorbDYDEB8TbJmWzEV/xwkbHuUsF20NItG
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:37:30 2025 by rpki-client