Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/pWIKnRXhXV8hENfOni5q8YT7gHA.roa
File: pWIKnRXhXV8hENfOni5q8YT7gHA.roa (raw, json)
Hash identifier: h+rpmQBy3Mws8mUX/T60DF+LsBKw3FUs+FSiatKgIck=
Subject key identifier: A5:62:0A:9D:15:E1:5D:5F:21:10:D7:CE:9E:2E:6A:F1:84:FB:80:70
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018A6AC7335B82EDAB26B56C0C96E3E3CF04
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/pWIKnRXhXV8hENfOni5q8YT7gHA.roa
Signing time: Wed 06 Sep 2023 13:55:54 +0000
ROA not before: Wed 06 Sep 2023 13:55:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.21.252.0/24 maxlen: 24
185.21.253.0/24 maxlen: 24
185.21.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:c7:33:5b:82:ed:ab:26:b5:6c:0c:96:e3:e3:cf:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Sep 6 13:55:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5620a9d15e15d5f2110d7ce9e2e6af184fb8070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:26:01:cd:d3:f9:f6:cc:44:c3:3d:3f:ab:3e:
c3:6d:a4:44:50:f3:28:69:37:a6:03:0f:26:a8:10:
b8:99:64:05:14:11:9d:c2:ea:2c:0a:03:71:ef:57:
75:75:3f:db:24:31:07:ab:d5:7d:78:2b:90:82:71:
43:df:39:55:53:a3:58:db:b3:21:10:45:69:77:bc:
ed:fe:08:ef:6e:4d:b5:00:91:1b:38:70:cf:e8:f6:
2a:0a:99:ab:c6:82:83:bc:7b:2b:ce:b5:66:3a:04:
14:07:9d:2b:7c:41:17:9c:2f:2c:c4:9d:14:6c:a9:
69:3e:e0:6a:74:84:27:07:2d:dc:3f:b9:c1:9a:56:
96:f2:ee:f9:88:99:f0:27:47:58:1d:78:36:da:ad:
cb:28:c8:b9:b4:7b:0f:e1:52:3e:6b:c9:9b:95:04:
d6:1f:f7:2b:71:51:56:84:4f:78:20:52:3f:2e:10:
48:6d:c0:b2:24:9c:c1:b9:46:77:a4:f2:c5:a3:aa:
23:2e:d3:20:1b:72:d6:5e:5c:5f:e8:f0:78:c7:3a:
db:8d:99:db:5e:15:d3:e6:0f:d0:38:7c:31:84:9c:
8a:15:f6:9b:95:93:db:9f:4c:bb:ab:fe:e7:90:10:
f7:4a:b0:4f:5a:e9:51:e2:e1:65:be:ff:63:c0:57:
d1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:62:0A:9D:15:E1:5D:5F:21:10:D7:CE:9E:2E:6A:F1:84:FB:80:70
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/pWIKnRXhXV8hENfOni5q8YT7gHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.252.0-185.21.254.255
Signature Algorithm: sha256WithRSAEncryption
b5:49:14:af:e5:46:8d:df:68:6f:d4:e5:cc:35:4f:12:a4:f5:
59:af:93:4e:f9:78:a8:fd:8e:92:cc:4e:83:6b:34:29:a3:2a:
86:e1:30:db:f6:ed:b6:3f:47:dd:79:ee:1d:5a:dd:2e:14:83:
04:82:e6:93:9a:1c:0d:21:84:f6:0c:a8:c7:a1:0d:39:82:66:
88:20:c2:ce:74:10:60:ed:3e:87:d6:4a:56:03:2a:80:75:41:
7b:58:56:a2:18:31:93:7d:d0:48:07:3c:be:d5:96:b8:e4:ab:
1a:a5:a8:56:73:81:b1:6e:b4:a8:7c:52:ab:f2:21:59:79:c3:
a6:a0:87:42:ed:67:cb:22:b4:ef:88:36:71:8c:59:30:0a:24:
76:6f:49:46:44:32:48:94:d7:7b:44:85:3e:3c:93:a8:65:a1:
9a:1b:9d:1e:91:c9:81:97:5e:7a:c2:ae:ac:33:21:3c:78:26:
58:85:a4:fc:ef:57:b7:ee:fe:02:6c:33:48:59:2d:d5:19:8e:
c4:ae:00:82:73:f2:31:65:b9:01:89:6c:68:43:31:81:e7:8a:
d6:9e:bb:a5:a0:b3:7c:b6:8a:24:8f:80:93:46:8a:f8:45:1a:
49:99:d8:01:10:25:e6:c8:ee:58:19:a2:3e:37:40:28:af:5e:
23:83:25:49
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYpqxzNbgu2rJrVsDJbj488EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMwOTA2MTM1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTYyMGE5ZDE1ZTE1ZDVmMjExMGQ3Y2U5ZTJlNmFmMTg0ZmI4MDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CYBzdP59sxEwz0/qz7DbaREUPMo
aTemAw8mqBC4mWQFFBGdwuosCgNx71d1dT/bJDEHq9V9eCuQgnFD3zlVU6NY27Mh
EEVpd7zt/gjvbk21AJEbOHDP6PYqCpmrxoKDvHsrzrVmOgQUB50rfEEXnC8sxJ0U
bKlpPuBqdIQnBy3cP7nBmlaW8u75iJnwJ0dYHXg22q3LKMi5tHsP4VI+a8mblQTW
H/crcVFWhE94IFI/LhBIbcCyJJzBuUZ3pPLFo6ojLtMgG3LWXlxf6PB4xzrbjZnb
XhXT5g/QOHwxhJyKFfablZPbn0y7q/7nkBD3SrBPWulR4uFlvv9jwFfRWQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKViCp0V4V1fIRDXzp4uavGE+4BwMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvcFdJS25SWGhYVjhoRU5mT25pNXE4WVQ3Z0hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5FfwD
BAC5Ff4wDQYJKoZIhvcNAQELBQADggEBALVJFK/lRo3faG/U5cw1TxKk9Vmvk075
eKj9jpLMToNrNCmjKobhMNv27bY/R9157h1a3S4UgwSC5pOaHA0hhPYMqMehDTmC
Zoggws50EGDtPofWSlYDKoB1QXtYVqIYMZN90EgHPL7VlrjkqxqlqFZzgbFutKh8
UqvyIVl5w6agh0LtZ8sitO+INnGMWTAKJHZvSUZEMkiU13tEhT48k6hloZobnR6R
yYGXXnrCrqwzITx4JliFpPzvV7fu/gJsM0hZLdUZjsSuAIJz8jFluQGJbGhDMYHn
itaeu6Wgs3y2iiSPgJNGivhFGkmZ2AEQJebI7lgZoj43QCivXiODJUk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:01 2025 by rpki-client