Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/3GD3_GpZRQ0ja9y6iojgVOcn50I.roa
File: 3GD3_GpZRQ0ja9y6iojgVOcn50I.roa (raw, json)
Hash identifier: KOMqWsI8wHPmoj6WCWRIQCBh59Jt25czpnsgpDqGIOc=
Subject key identifier: DC:60:F7:FC:6A:59:45:0D:23:6B:DC:BA:8A:88:E0:54:E7:27:E7:42
Certificate issuer: /CN=46eb3b3b579c90b4b996a7fe40f20503913a25cf
Certificate serial: 01856C53CD094E5B5A89FAE232D594F5EAD3
Authority key identifier: 46:EB:3B:3B:57:9C:90:B4:B9:96:A7:FE:40:F2:05:03:91:3A:25:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rus7O1eckLS5lqf-QPIFA5E6Jc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/3GD3_GpZRQ0ja9y6iojgVOcn50I.roa
Signing time: Sun 01 Jan 2023 07:55:09 +0000
ROA not before: Sun 01 Jan 2023 07:55:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41219
IP address blocks: 185.88.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:cd:09:4e:5b:5a:89:fa:e2:32:d5:94:f5:ea:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46eb3b3b579c90b4b996a7fe40f20503913a25cf
Validity
Not Before: Jan 1 07:55:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc60f7fc6a59450d236bdcba8a88e054e727e742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:89:ab:d1:e6:c2:da:09:44:2b:a9:bc:45:52:
8f:98:9d:09:47:56:85:7f:ea:ea:79:20:36:75:49:
13:41:75:1a:08:90:3c:01:d9:e2:d9:39:fc:d8:0f:
c3:a9:71:b8:ce:23:a4:ae:93:ac:fb:c9:d5:7b:15:
2c:e1:f9:1a:4c:4f:3c:5c:41:83:04:e2:83:a6:00:
62:60:60:91:27:a1:b1:04:e9:ee:04:3f:cf:a2:0c:
95:21:3b:b5:45:ea:e4:7d:93:87:ed:e8:53:d9:c3:
70:1c:16:73:ac:e5:9d:b2:e2:12:6c:e9:f8:b2:47:
07:b9:3a:7b:6a:ba:90:66:be:9a:6f:92:ee:8a:7d:
d7:ed:d4:92:81:bb:97:19:a6:25:90:d2:93:5d:b0:
ba:9e:f8:d7:db:d4:d4:8c:5e:30:28:36:e0:71:3f:
c7:47:45:9b:28:ba:f2:81:a7:e4:ae:a7:bf:6b:15:
9d:d9:66:36:96:e9:eb:b3:ce:b8:e2:46:f2:14:12:
39:99:64:6a:42:cf:ac:e1:f0:78:7d:88:b9:2f:11:
25:d8:b1:32:62:e1:d0:ec:b3:70:3c:b7:f6:bf:bd:
32:51:db:ad:f3:0d:c3:f9:85:22:4a:8d:ce:61:e5:
f7:4a:a9:32:9d:40:47:dc:df:68:e5:ad:f5:48:03:
7b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:60:F7:FC:6A:59:45:0D:23:6B:DC:BA:8A:88:E0:54:E7:27:E7:42
X509v3 Authority Key Identifier:
keyid:46:EB:3B:3B:57:9C:90:B4:B9:96:A7:FE:40:F2:05:03:91:3A:25:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rus7O1eckLS5lqf-QPIFA5E6Jc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/3GD3_GpZRQ0ja9y6iojgVOcn50I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a6ad9f-8d69-46ea-bd7c-32b150f8e61f/1/Rus7O1eckLS5lqf-QPIFA5E6Jc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.128.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:75:11:9f:a2:da:d0:da:58:ca:37:bb:cc:22:cd:e9:4f:2b:
bf:5d:79:3e:21:38:67:72:74:84:b0:38:36:38:d4:49:38:90:
7a:67:ec:a7:2e:07:29:be:dd:10:81:ff:73:8b:f2:e0:50:11:
3a:db:ea:ab:b3:1e:5b:d0:80:c1:c2:ba:7d:9c:e3:c7:4e:94:
48:db:fb:07:1b:ee:2b:3f:a3:cb:8e:fa:0b:ad:0c:6a:46:fa:
fc:1a:33:cb:f1:57:09:2f:76:cd:28:46:9b:40:d7:bd:99:9c:
59:ff:7c:fd:c1:d7:ae:a2:de:13:fb:17:be:98:c9:1c:de:67:
3b:2a:78:a6:97:87:5f:54:f3:30:48:0a:b3:99:26:8b:81:09:
71:56:43:03:9d:d8:70:2c:ef:88:7e:51:0c:7f:92:f2:39:8d:
99:aa:9b:99:6b:d3:cd:4d:6f:00:9b:97:ed:1e:2c:4c:14:66:
a6:9f:3d:7f:c0:8b:33:28:ed:56:1d:16:59:a8:17:50:00:b7:
bd:21:0e:c7:a6:88:02:41:ff:2c:83:94:be:80:a9:d4:5d:73:
80:d7:80:5e:30:d4:96:0f:74:70:80:4a:d9:6d:38:db:40:3d:
4b:97:6c:d4:54:96:d9:62:70:9f:ea:8e:02:ad:fa:ad:0f:a2:
63:96:7c:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU80JTltaifriMtWU9erTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWIzYjNiNTc5YzkwYjRiOTk2YTdmZTQwZjIwNTAzOTEz
YTI1Y2YwHhcNMjMwMTAxMDc1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzYwZjdmYzZhNTk0NTBkMjM2YmRjYmE4YTg4ZTA1NGU3MjdlNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4mr0ebC2glEK6m8RVKPmJ0JR1aF
f+rqeSA2dUkTQXUaCJA8Adni2Tn82A/DqXG4ziOkrpOs+8nVexUs4fkaTE88XEGD
BOKDpgBiYGCRJ6GxBOnuBD/PogyVITu1RerkfZOH7ehT2cNwHBZzrOWdsuISbOn4
skcHuTp7arqQZr6ab5Luin3X7dSSgbuXGaYlkNKTXbC6nvjX29TUjF4wKDbgcT/H
R0WbKLrygafkrqe/axWd2WY2lunrs8644kbyFBI5mWRqQs+s4fB4fYi5LxEl2LEy
YuHQ7LNwPLf2v70yUdut8w3D+YUiSo3OYeX3SqkynUBH3N9o5a31SAN7UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNxg9/xqWUUNI2vcuoqI4FTnJ+dCMB8GA1UdIwQY
MBaAFEbrOztXnJC0uZan/kDyBQOROiXPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnVzN08xZWNrTFM1bHFmLVFQSUZBNUU2SmM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNmFkOWYtOGQ2OS00NmVhLWJkN2Mt
MzJiMTUwZjhlNjFmLzEvM0dEM19HcFpSUTBqYTl5NmlvamdWT2NuNTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNmFkOWYtOGQ2OS00NmVhLWJkN2MtMzJiMTUwZjhlNjFm
LzEvUnVzN08xZWNrTFM1bHFmLVFQSUZBNUU2SmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuViAMA0G
CSqGSIb3DQEBCwUAA4IBAQA/dRGfotrQ2ljKN7vMIs3pTyu/XXk+IThncnSEsDg2
ONRJOJB6Z+ynLgcpvt0Qgf9zi/LgUBE62+qrsx5b0IDBwrp9nOPHTpRI2/sHG+4r
P6PLjvoLrQxqRvr8GjPL8VcJL3bNKEabQNe9mZxZ/3z9wdeuot4T+xe+mMkc3mc7
Kniml4dfVPMwSAqzmSaLgQlxVkMDndhwLO+IflEMf5LyOY2ZqpuZa9PNTW8Am5ft
HixMFGamnz1/wIszKO1WHRZZqBdQALe9IQ7HpogCQf8sg5S+gKnUXXOA14BeMNSW
D3RwgErZbTjbQD1Ll2zUVJbZYnCf6o4CrfqtD6Jjlnzy
-----END CERTIFICATE-----
Generated at Mon Jun 16 21:07:46 2025 by rpki-client