Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/e3d5fa-5331-4b23-8aff-bf4dbe7f9acb/1/3P3vpuMJJELegYelm4mefv2aHpo.roa
File: 3P3vpuMJJELegYelm4mefv2aHpo.roa (raw, json)
Hash identifier: av41iQdDgeFPdqum+nf8HuHnyTRLGLapZA2L5XjNntk=
Subject key identifier: DC:FD:EF:A6:E3:09:24:42:DE:81:87:A5:9B:89:9E:7E:FD:9A:1E:9A
Certificate issuer: /CN=1fa5cb503b369e3cba844522d06d35a8acf5c733
Certificate serial: 01833542BE7EE7113666850C3ECBB5353E68
Authority key identifier: 1F:A5:CB:50:3B:36:9E:3C:BA:84:45:22:D0:6D:35:A8:AC:F5:C7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6XLUDs2njy6hEUi0G01qKz1xzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/e3d5fa-5331-4b23-8aff-bf4dbe7f9acb/1/3P3vpuMJJELegYelm4mefv2aHpo.roa
Signing time: Tue 13 Sep 2022 05:11:50 +0000
ROA not before: Tue 13 Sep 2022 05:11:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207990
IP address blocks: 45.159.8.0/22 maxlen: 32
45.148.104.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:35:42:be:7e:e7:11:36:66:85:0c:3e:cb:b5:35:3e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fa5cb503b369e3cba844522d06d35a8acf5c733
Validity
Not Before: Sep 13 05:11:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcfdefa6e3092442de8187a59b899e7efd9a1e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2b:d4:86:59:9c:95:19:25:a7:7c:66:50:b1:
8d:a0:e3:d7:b7:63:75:89:3f:82:13:75:af:05:85:
1e:9d:54:85:d8:e6:1a:8c:01:28:46:84:26:e4:ff:
93:97:95:40:26:1a:98:94:c2:76:7f:0a:06:8b:84:
75:8d:b2:41:62:f9:bd:e9:68:5e:30:16:b3:df:7d:
18:c1:a4:ba:0b:d8:32:d2:65:3b:06:b5:07:29:82:
01:a3:74:86:5e:4d:72:61:a7:18:a8:ad:84:b3:ff:
42:57:bf:6b:f8:6e:a0:c1:b0:88:0e:db:ad:79:49:
34:8e:c6:6f:08:7c:33:ce:66:fd:2b:f4:0e:91:5c:
db:53:8f:39:ac:b6:2f:91:0a:d9:04:3f:20:50:3d:
3f:e9:76:6e:7d:78:72:a1:49:46:b0:f7:62:87:26:
39:e6:24:fe:5b:7d:8c:c5:32:c3:21:45:fe:39:6d:
4a:77:50:4b:58:04:30:5f:0f:e7:4e:d9:c9:60:f3:
51:93:37:ca:12:e1:b6:aa:ec:07:52:38:1d:52:b0:
62:d0:a5:c8:d8:44:61:95:b2:f5:2f:ef:03:8a:45:
9a:86:8c:d6:7c:40:a2:64:e4:d8:01:ca:86:c0:8c:
84:70:dc:05:01:ef:0b:3e:ed:6b:b0:d3:ff:a4:6d:
0c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:FD:EF:A6:E3:09:24:42:DE:81:87:A5:9B:89:9E:7E:FD:9A:1E:9A
X509v3 Authority Key Identifier:
keyid:1F:A5:CB:50:3B:36:9E:3C:BA:84:45:22:D0:6D:35:A8:AC:F5:C7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6XLUDs2njy6hEUi0G01qKz1xzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e3d5fa-5331-4b23-8aff-bf4dbe7f9acb/1/3P3vpuMJJELegYelm4mefv2aHpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e3d5fa-5331-4b23-8aff-bf4dbe7f9acb/1/H6XLUDs2njy6hEUi0G01qKz1xzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.104.0/22
45.159.8.0/22
Signature Algorithm: sha256WithRSAEncryption
77:1a:c6:fd:58:27:e9:38:db:d7:bf:e5:a0:ad:03:93:20:14:
a4:83:8d:f7:c3:bd:44:53:83:18:93:00:e6:b6:c9:1d:b2:17:
3a:93:ca:d3:35:97:73:86:60:14:1f:e6:0f:3c:b3:64:ea:71:
a0:11:64:37:ed:98:c7:77:c1:68:26:52:44:a7:90:12:3e:1d:
20:c7:3c:19:35:8b:06:29:61:fd:e3:8c:b0:c3:ce:bc:e1:89:
c4:f8:65:fc:c8:d7:2b:6e:41:cf:33:01:20:fb:cd:8f:3e:53:
f5:35:5a:84:14:ef:4d:00:14:b6:c4:de:75:70:69:8c:a7:72:
80:ba:05:2f:80:da:00:41:28:2b:2d:60:3d:99:72:dc:33:b1:
3b:8a:a5:61:12:b5:05:04:fb:13:96:09:fc:e9:00:19:ea:f0:
72:be:8c:b6:46:f3:d3:ec:0c:49:44:65:07:fc:6d:fe:7b:e2:
6a:37:d9:23:b9:11:ea:5a:e1:55:ef:c9:00:2b:d6:61:2c:d9:
95:c0:37:4a:b1:d3:21:1e:6b:c7:d3:f5:cb:22:fb:b8:a1:8b:
10:14:dd:09:e7:69:71:7a:1f:e7:73:33:8a:b7:37:45:7f:5d:
29:c2:91:71:f2:cb:74:bb:b1:fb:8b:0e:51:05:ef:97:0a:a8:
ab:8b:29:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYM1Qr5+5xE2ZoUMPsu1NT5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYTVjYjUwM2IzNjllM2NiYTg0NDUyMmQwNmQzNWE4YWNm
NWM3MzMwHhcNMjIwOTEzMDUxMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2ZkZWZhNmUzMDkyNDQyZGU4MTg3YTU5Yjg5OWU3ZWZkOWExZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryvUhlmclRklp3xmULGNoOPXt2N1
iT+CE3WvBYUenVSF2OYajAEoRoQm5P+Tl5VAJhqYlMJ2fwoGi4R1jbJBYvm96Whe
MBaz330YwaS6C9gy0mU7BrUHKYIBo3SGXk1yYacYqK2Es/9CV79r+G6gwbCIDtut
eUk0jsZvCHwzzmb9K/QOkVzbU485rLYvkQrZBD8gUD0/6XZufXhyoUlGsPdihyY5
5iT+W32MxTLDIUX+OW1Kd1BLWAQwXw/nTtnJYPNRkzfKEuG2quwHUjgdUrBi0KXI
2ERhlbL1L+8DikWahozWfECiZOTYAcqGwIyEcNwFAe8LPu1rsNP/pG0MYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNz976bjCSRC3oGHpZuJnn79mh6aMB8GA1UdIwQY
MBaAFB+ly1A7Np48uoRFItBtNais9cczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDZYTFVEczJuank2aEVVaTBHMDFxS3oxeHpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9lM2Q1ZmEtNTMzMS00YjIzLThhZmYt
YmY0ZGJlN2Y5YWNiLzEvM1AzdnB1TUpKRUxlZ1llbG00bWVmdjJhSHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9lM2Q1ZmEtNTMzMS00YjIzLThhZmYtYmY0ZGJlN2Y5YWNi
LzEvSDZYTFVEczJuank2aEVVaTBHMDFxS3oxeHpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZRoAwQC
LZ8IMA0GCSqGSIb3DQEBCwUAA4IBAQB3Gsb9WCfpONvXv+WgrQOTIBSkg433w71E
U4MYkwDmtskdshc6k8rTNZdzhmAUH+YPPLNk6nGgEWQ37ZjHd8FoJlJEp5ASPh0g
xzwZNYsGKWH944yww8684YnE+GX8yNcrbkHPMwEg+82PPlP1NVqEFO9NABS2xN51
cGmMp3KAugUvgNoAQSgrLWA9mXLcM7E7iqVhErUFBPsTlgn86QAZ6vByvoy2RvPT
7AxJRGUH/G3+e+JqN9kjuRHqWuFV78kAK9ZhLNmVwDdKsdMhHmvH0/XLIvu4oYsQ
FN0J52lxeh/nczOKtzdFf10pwpFx8st0u7H7iw5RBe+XCqiriyms
-----END CERTIFICATE-----
Generated at Thu May 8 19:59:01 2025 by rpki-client