Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/3hDwjWOwvT-n54X55-qfjElxDc4.roa
File: 3hDwjWOwvT-n54X55-qfjElxDc4.roa (raw, json)
Hash identifier: 5Is+8f+3Jlq6bflT8j8nB04pVSsOZRDd0BjqYshDusM=
Subject key identifier: DE:10:F0:8D:63:B0:BD:3F:A7:E7:85:F9:E7:EA:9F:8C:49:71:0D:CE
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 018A70E3D62A30BAB7EB2BED74391C8361D0
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/3hDwjWOwvT-n54X55-qfjElxDc4.roa
Signing time: Thu 07 Sep 2023 18:24:54 +0000
ROA not before: Thu 07 Sep 2023 18:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212144
IP address blocks: 2a10:3f80::/30 maxlen: 30
2a05:9a40::/29 maxlen: 30
2a05:9a40::/30 maxlen: 30
2a10:3c80::/29 maxlen: 29
2a06:5fc0::/29 maxlen: 29
2a05:9a44::/30 maxlen: 30
2a10:b40::/29 maxlen: 29
2a0d:6f80::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a10:77c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:e3:d6:2a:30:ba:b7:eb:2b:ed:74:39:1c:83:61:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Sep 7 18:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de10f08d63b0bd3fa7e785f9e7ea9f8c49710dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9f:fc:09:c7:d0:34:9b:e2:50:77:5c:35:2d:
ff:d7:a1:d5:73:c2:6e:49:af:8f:d0:25:ef:e2:9f:
fb:be:64:5b:66:68:56:f2:24:e5:96:a5:e4:ff:37:
61:79:da:73:73:04:6f:37:51:32:5d:0f:f9:f5:50:
3f:22:f1:e9:4a:3b:f8:3e:4c:01:78:03:0b:55:19:
00:3a:b5:2b:78:0f:1a:a1:bc:61:42:d5:74:e8:51:
2d:6b:a1:72:44:22:62:1a:c6:44:f4:24:9e:92:f3:
9d:c7:e8:e2:00:08:83:64:75:10:42:89:6c:fa:6f:
6e:bd:7d:da:49:5b:bd:9c:9f:66:52:de:40:20:35:
3d:b7:5b:67:4a:f3:c4:c5:0d:47:84:2d:6e:e9:52:
67:52:dd:b6:28:1b:03:4a:e2:f3:29:0b:8b:88:83:
37:34:aa:3b:81:2b:c4:e2:41:03:a3:0a:76:02:bb:
51:74:bc:8f:86:55:a7:7a:30:ba:21:55:26:3d:d5:
83:9f:1a:f4:37:89:dc:7f:c2:c8:24:90:ac:00:6d:
9a:be:f4:fb:6c:78:77:35:e4:d9:ad:eb:0a:df:81:
f3:14:c0:10:86:27:50:1f:63:6c:7c:29:b2:94:fb:
96:aa:03:16:a1:f4:9e:84:e0:b6:83:85:12:4d:7f:
fa:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:10:F0:8D:63:B0:BD:3F:A7:E7:85:F9:E7:EA:9F:8C:49:71:0D:CE
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/3hDwjWOwvT-n54X55-qfjElxDc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a06:5fc0::/29
2a0d:6f80::/29
2a0f:9b40::/29
2a10:b40::/29
2a10:3c80::/29
2a10:3f80::/30
2a10:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:3c:b8:9e:59:6e:2b:61:5b:d0:ab:79:96:d6:a1:c0:7f:c4:
86:0d:96:81:3d:cc:f6:e4:f5:96:2f:ca:91:18:34:cc:99:71:
1d:30:26:da:41:9a:61:3f:a3:5a:4d:43:a1:b9:ee:71:62:b9:
84:a5:3f:dd:bb:ac:63:d8:c4:f6:94:c8:62:fe:dd:0b:a7:80:
fa:32:4b:ea:d5:db:60:87:3b:1c:69:29:af:55:d8:e3:93:8c:
9e:14:ab:bc:83:c7:bf:b9:72:92:91:e7:8a:05:2f:3b:6d:a0:
63:50:9e:07:79:a2:fb:a5:51:e2:ff:57:e6:6b:06:68:24:56:
21:13:be:c4:09:4e:db:02:fc:c1:95:c1:e8:42:23:7c:a5:79:
f6:d2:82:5e:ba:a7:a1:9a:26:0d:05:b2:60:5a:d8:19:22:a9:
1c:57:a4:f8:8d:81:51:40:78:6b:3e:a6:1c:ef:9b:66:35:7a:
6b:71:ec:33:86:5b:81:9a:44:ac:3c:7c:47:ab:6f:ce:e4:55:
e5:db:d5:ca:23:ef:e0:97:16:14:0e:9f:00:44:d8:a0:fa:15:
29:a3:62:01:89:82:a3:2a:b7:3a:4f:45:c2:7a:6f:f8:1f:43:
35:ed:cd:55:25:f7:40:74:c5:34:98:e1:c8:5a:0d:1c:74:b7:
7e:f9:b2:10
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYpw49YqMLq36yvtdDkcg2HQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjMwOTA3MTgyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEwZjA4ZDYzYjBiZDNmYTdlNzg1ZjllN2VhOWY4YzQ5NzEwZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZ/8CcfQNJviUHdcNS3/16HVc8Ju
Sa+P0CXv4p/7vmRbZmhW8iTllqXk/zdhedpzcwRvN1EyXQ/59VA/IvHpSjv4PkwB
eAMLVRkAOrUreA8aobxhQtV06FEta6FyRCJiGsZE9CSekvOdx+jiAAiDZHUQQols
+m9uvX3aSVu9nJ9mUt5AIDU9t1tnSvPExQ1HhC1u6VJnUt22KBsDSuLzKQuLiIM3
NKo7gSvE4kEDowp2ArtRdLyPhlWnejC6IVUmPdWDnxr0N4ncf8LIJJCsAG2avvT7
bHh3NeTZresK34HzFMAQhidQH2NsfCmylPuWqgMWofSehOC2g4USTX/6qQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFN4Q8I1jsL0/p+eF+efqn4xJcQ3OMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvM2hEd2pXT3d2VC1uNTRYNTUtcWZqRWx4RGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgWaQAMF
AyoGX8ADBQMqDW+AAwUDKg+bQAMFAyoQC0ADBQMqEDyAAwUCKhA/gAMFAyoQd8Aw
DQYJKoZIhvcNAQELBQADggEBACk8uJ5ZbithW9CreZbWocB/xIYNloE9zPbk9ZYv
ypEYNMyZcR0wJtpBmmE/o1pNQ6G57nFiuYSlP927rGPYxPaUyGL+3QungPoyS+rV
22CHOxxpKa9V2OOTjJ4Uq7yDx7+5cpKR54oFLzttoGNQngd5ovulUeL/V+ZrBmgk
ViETvsQJTtsC/MGVwehCI3ylefbSgl66p6GaJg0FsmBa2BkiqRxXpPiNgVFAeGs+
phzvm2Y1emtx7DOGW4GaRKw8fEerb87kVeXb1coj7+CXFhQOnwBE2KD6FSmjYgGJ
gqMqtzpPRcJ6b/gfQzXtzVUl90B0xTSY4chaDRx0t375shA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 10:48:14 2025 by rpki-client