Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/3n_Nd4cUj6teASapK4pWavXgfU0.roa
File: 3n_Nd4cUj6teASapK4pWavXgfU0.roa (raw, json)
Hash identifier: KngeXtbNNWR05hMf2WkynvKsVClU9oGlPMx0Mk7lMOM=
Subject key identifier: DE:7F:CD:77:87:14:8F:AB:5E:01:26:A9:2B:8A:56:6A:F5:E0:7D:4D
Certificate issuer: /CN=1a17809270470d7c2567112fb40a9ef712600516
Certificate serial: 019425FC37B624C94F14D3B81BDC16B1333B
Authority key identifier: 1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/3n_Nd4cUj6teASapK4pWavXgfU0.roa
Signing time: Thu 02 Jan 2025 07:47:53 +0000
ROA not before: Thu 02 Jan 2025 07:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34019
IP address blocks: 193.17.192.0/24 maxlen: 24
193.106.116.0/22 maxlen: 22
193.164.153.0/24 maxlen: 24
193.200.42.0/23 maxlen: 23
2001:67c:1740::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:37:b6:24:c9:4f:14:d3:b8:1b:dc:16:b1:33:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a17809270470d7c2567112fb40a9ef712600516
Validity
Not Before: Jan 2 07:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de7fcd7787148fab5e0126a92b8a566af5e07d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:38:22:26:96:40:94:92:bb:f3:c0:4f:6d:6f:
1e:66:4a:91:8f:bd:c5:0f:07:f5:09:1a:b8:a4:0b:
c3:f0:96:1a:ec:a7:d4:9f:53:bb:bf:ad:c9:01:f3:
75:25:e2:57:8d:b1:bf:c9:fa:62:ed:b3:80:e0:53:
d7:4b:8c:52:0a:61:ad:06:3f:3d:5b:b6:4e:f1:8b:
0a:ae:fc:d4:f9:db:18:39:13:de:08:6f:05:95:e9:
c8:e4:14:16:92:eb:2d:c2:49:80:bb:42:4b:4a:0a:
78:01:bb:81:59:65:5f:5c:92:fe:f5:48:fd:f2:30:
63:d9:08:5c:be:18:7c:86:84:49:05:68:86:85:cd:
20:1d:27:01:6a:ba:68:63:43:69:b0:cb:7a:52:05:
85:a6:49:3f:6d:9b:e9:1e:86:e9:70:72:f0:e6:31:
e6:25:32:a2:45:34:c3:fd:4a:09:ab:af:08:c9:46:
b3:c5:cb:85:89:37:5f:c0:a0:aa:9c:c1:b3:f4:ae:
be:b1:41:10:4f:5f:b4:13:41:5f:ea:ed:af:04:27:
9b:fd:11:65:b9:2a:2f:cb:54:a9:81:79:72:c8:d0:
92:a7:92:97:85:26:fe:6c:84:a0:66:18:f2:5d:d0:
8b:64:dc:ec:79:15:15:6b:f1:52:20:f1:1f:b3:d4:
4a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7F:CD:77:87:14:8F:AB:5E:01:26:A9:2B:8A:56:6A:F5:E0:7D:4D
X509v3 Authority Key Identifier:
keyid:1A:17:80:92:70:47:0D:7C:25:67:11:2F:B4:0A:9E:F7:12:60:05:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GheAknBHDXwlZxEvtAqe9xJgBRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/3n_Nd4cUj6teASapK4pWavXgfU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f47710-4a23-4bdc-9541-8afa74d8769f/1/GheAknBHDXwlZxEvtAqe9xJgBRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.192.0/24
193.106.116.0/22
193.164.153.0/24
193.200.42.0/23
IPv6:
2001:67c:1740::/48
Signature Algorithm: sha256WithRSAEncryption
5a:01:4e:ef:ed:d3:f0:98:8f:ba:92:45:88:49:93:75:d8:b3:
ff:be:23:aa:c4:44:e7:b9:a2:b2:b0:e5:fa:2e:99:fc:36:9a:
b4:d0:6a:42:89:a2:fe:cb:de:13:93:bf:84:c9:a8:45:a9:45:
37:81:8c:bc:dc:4a:79:08:91:b5:46:8e:60:a4:16:5a:e5:e8:
58:cb:63:c8:00:d4:39:e3:ef:89:4a:d6:36:a9:e0:12:bc:cc:
8c:30:2d:6c:07:de:45:a3:c0:26:52:62:81:6f:6c:0b:c2:08:
26:42:87:9b:35:30:94:5b:72:de:df:9e:9b:90:2d:bc:9f:74:
e3:26:b5:a9:84:b0:46:f4:47:9b:cf:ad:8e:d7:38:40:c1:45:
27:ee:94:81:e4:ff:fb:ba:f3:99:9f:14:e1:2a:c8:23:58:d9:
d7:7e:b8:5b:85:90:8a:8e:fa:94:0f:bf:64:0f:1e:1c:18:62:
27:ba:2a:7a:1c:c7:86:9c:53:5c:85:80:0f:d6:9e:4c:34:74:
c2:3a:7e:ea:8d:4d:39:a7:a3:a7:5d:c7:e4:d0:a8:d8:08:0d:
5d:79:82:48:db:dc:03:af:1f:d4:d3:bb:08:05:4e:d1:f5:a6:
5f:df:b4:17:cd:86:8e:f5:5b:9d:52:9d:39:61:82:d9:a7:fb:
a3:c0:fd:c3
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQl/De2JMlPFNO4G9wWsTM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTc4MDkyNzA0NzBkN2MyNTY3MTEyZmI0MGE5ZWY3MTI2
MDA1MTYwHhcNMjUwMTAyMDc0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTdmY2Q3Nzg3MTQ4ZmFiNWUwMTI2YTkyYjhhNTY2YWY1ZTA3ZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7DgiJpZAlJK788BPbW8eZkqRj73F
Dwf1CRq4pAvD8JYa7KfUn1O7v63JAfN1JeJXjbG/yfpi7bOA4FPXS4xSCmGtBj89
W7ZO8YsKrvzU+dsYORPeCG8FlenI5BQWkustwkmAu0JLSgp4AbuBWWVfXJL+9Uj9
8jBj2Qhcvhh8hoRJBWiGhc0gHScBarpoY0NpsMt6UgWFpkk/bZvpHobpcHLw5jHm
JTKiRTTD/UoJq68IyUazxcuFiTdfwKCqnMGz9K6+sUEQT1+0E0Ff6u2vBCeb/RFl
uSovy1SpgXlyyNCSp5KXhSb+bISgZhjyXdCLZNzseRUVa/FSIPEfs9RKiwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFN5/zXeHFI+rXgEmqSuKVmr14H1NMB8GA1UdIwQY
MBaAFBoXgJJwRw18JWcRL7QKnvcSYAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEt
OGFmYTc0ZDg3NjlmLzEvM25fTmQ0Y1VqNnRlQVNhcEs0cFdhdlhnZlUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mNDc3MTAtNGEyMy00YmRjLTk1NDEtOGFmYTc0ZDg3Njlm
LzEvR2hlQWtuQkhEWHdsWnhFdnRBcWU5eEpnQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAwRHAAwQC
wWp0AwQAwaSZAwQBwcgqMA8EAgACMAkDBwAgAQZ8F0AwDQYJKoZIhvcNAQELBQAD
ggEBAFoBTu/t0/CYj7qSRYhJk3XYs/++I6rEROe5orKw5foumfw2mrTQakKJov7L
3hOTv4TJqEWpRTeBjLzcSnkIkbVGjmCkFlrl6FjLY8gA1Dnj74lK1jap4BK8zIww
LWwH3kWjwCZSYoFvbAvCCCZCh5s1MJRbct7fnpuQLbyfdOMmtamEsEb0R5vPrY7X
OEDBRSfulIHk//u685mfFOEqyCNY2dd+uFuFkIqO+pQPv2QPHhwYYie6Knocx4ac
U1yFgA/Wnkw0dMI6fuqNTTmno6ddx+TQqNgIDV15gkjb3AOvH9TTuwgFTtH1pl/f
tBfNho71W51SnTlhgtmn+6PA/cM=
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:30:01 2025 by rpki-client