Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Pw2W57bRKtpr6e3TtcgPvABGyss.roa
File: Pw2W57bRKtpr6e3TtcgPvABGyss.roa (raw, json)
Hash identifier: 2TlsN7ntPO1PF7cmge1XvFxwn9chpHu2qUTmKO15QyE=
Subject key identifier: 3F:0D:96:E7:B6:D1:2A:DA:6B:E9:ED:D3:B5:C8:0F:BC:00:46:CA:CB
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018ACD1FA432F2917A2C44647D0BCA20A92F
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Pw2W57bRKtpr6e3TtcgPvABGyss.roa
Signing time: Mon 25 Sep 2023 16:15:17 +0000
ROA not before: Mon 25 Sep 2023 16:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202992
IP address blocks: 185.21.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:1f:a4:32:f2:91:7a:2c:44:64:7d:0b:ca:20:a9:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Sep 25 16:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f0d96e7b6d12ada6be9edd3b5c80fbc0046cacb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:78:d9:f5:26:16:ea:fd:97:f9:6c:67:7e:9a:
5c:b6:da:2d:d9:14:82:87:0b:6c:f7:21:f4:9e:73:
5b:36:33:15:35:49:46:2e:4b:20:03:45:62:dd:ca:
8f:6c:36:45:c8:58:c2:b9:f9:c3:24:9c:ad:32:d4:
17:7d:d4:fb:9c:10:81:81:fd:77:c1:1f:2b:22:c6:
1b:54:22:4c:92:98:3d:f4:14:69:3a:89:3a:ca:f8:
1b:2f:b7:18:a8:70:10:c5:03:64:dd:18:99:32:54:
bd:98:d3:5c:11:56:ac:51:cb:fc:b8:cc:04:68:1a:
54:92:a2:8a:ab:68:0d:92:5b:16:0f:d6:70:3e:06:
f0:97:f7:db:26:14:13:3a:2f:68:21:b8:bc:1d:81:
0f:5f:7c:9d:66:ad:4a:24:f4:7a:87:ef:8f:2a:4c:
0b:62:40:f0:8c:fe:e3:32:e9:cc:91:b5:36:9f:23:
37:31:75:5e:f5:c1:39:ce:1f:45:22:81:cc:ca:9f:
fe:69:09:db:e8:3b:67:13:3c:36:5c:5d:c8:7b:5f:
c5:cd:10:d9:2b:35:58:fc:c3:c4:84:be:58:4b:05:
6f:0d:19:9e:93:e1:ad:b1:96:69:0d:f3:f2:b0:9b:
e8:95:f7:20:92:a9:ed:b7:c6:2f:34:7d:61:e5:ac:
73:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:0D:96:E7:B6:D1:2A:DA:6B:E9:ED:D3:B5:C8:0F:BC:00:46:CA:CB
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Pw2W57bRKtpr6e3TtcgPvABGyss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.252.0/24
Signature Algorithm: sha256WithRSAEncryption
50:83:43:1d:96:1e:65:2e:f9:a4:a3:47:b7:9c:28:15:9e:53:
99:72:70:02:54:56:49:aa:9c:73:51:44:c1:a7:39:a0:5d:57:
52:8b:98:01:a8:91:f6:27:00:70:23:2f:2e:bc:e5:a0:92:7e:
65:91:50:ff:26:ca:b7:38:6e:44:fc:94:1d:0d:61:1e:ba:2f:
e5:c1:0c:1c:bd:97:ae:3f:b2:0e:3a:72:2c:95:54:77:fa:90:
00:6a:95:57:cc:ae:29:f6:e1:a7:f6:ff:03:8d:14:f8:1e:7c:
9e:7c:7b:d9:8d:ef:65:cd:62:82:f2:33:27:1b:eb:af:82:99:
dc:b7:ad:1d:cd:e9:df:da:24:65:6b:a5:cd:a5:9b:64:8a:73:
5a:8d:f6:d3:e9:2a:11:0f:86:b3:22:94:23:ee:0c:f2:d9:bb:
bc:fd:69:b9:5a:b5:08:98:26:6b:e7:f2:af:bf:83:e7:14:28:
22:55:9f:5a:5c:76:66:d2:49:59:81:70:ab:ca:cf:a5:0c:78:
14:7b:ae:a1:a4:20:ec:b0:0e:17:e7:1b:7f:ea:b8:07:44:1d:
f3:37:72:02:99:f6:0c:7a:cb:44:97:61:ef:9b:d7:96:87:5d:
ad:4e:0b:05:3a:ef:60:0a:d4:e9:37:02:74:b9:1e:d1:fe:af:
b7:ed:ab:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrNH6Qy8pF6LERkfQvKIKkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMwOTI1MTYxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBkOTZlN2I2ZDEyYWRhNmJlOWVkZDNiNWM4MGZiYzAwNDZjYWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHjZ9SYW6v2X+Wxnfppcttot2RSC
hwts9yH0nnNbNjMVNUlGLksgA0Vi3cqPbDZFyFjCufnDJJytMtQXfdT7nBCBgf13
wR8rIsYbVCJMkpg99BRpOok6yvgbL7cYqHAQxQNk3RiZMlS9mNNcEVasUcv8uMwE
aBpUkqKKq2gNklsWD9ZwPgbwl/fbJhQTOi9oIbi8HYEPX3ydZq1KJPR6h++PKkwL
YkDwjP7jMunMkbU2nyM3MXVe9cE5zh9FIoHMyp/+aQnb6DtnEzw2XF3Ie1/FzRDZ
KzVY/MPEhL5YSwVvDRmek+GtsZZpDfPysJvolfcgkqntt8YvNH1h5axzNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8Nlue20Sraa+nt07XID7wARsrLMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvUHcyVzU3YlJLdHByNmUzVHRjZ1B2QUJHeXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX8MA0G
CSqGSIb3DQEBCwUAA4IBAQBQg0Mdlh5lLvmko0e3nCgVnlOZcnACVFZJqpxzUUTB
pzmgXVdSi5gBqJH2JwBwIy8uvOWgkn5lkVD/Jsq3OG5E/JQdDWEeui/lwQwcvZeu
P7IOOnIslVR3+pAAapVXzK4p9uGn9v8DjRT4HnyefHvZje9lzWKC8jMnG+uvgpnc
t60dzenf2iRla6XNpZtkinNajfbT6SoRD4azIpQj7gzy2bu8/Wm5WrUImCZr5/Kv
v4PnFCgiVZ9aXHZm0klZgXCrys+lDHgUe66hpCDssA4X5xt/6rgHRB3zN3ICmfYM
estEl2Hvm9eWh12tTgsFOu9gCtTpNwJ0uR7R/q+37atL
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:19 2025 by rpki-client