Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PJ_033-sBjkY0H_2-J_9CDTOVIU.roa
File: PJ_033-sBjkY0H_2-J_9CDTOVIU.roa (raw, json)
Hash identifier: 98bWoKjorN5m0ukEszIY3PVnw2q55UKwiCUgYUvkhL0=
Subject key identifier: 3C:9F:F4:DF:7F:AC:06:39:18:D0:7F:F6:F8:9F:FD:08:34:CE:54:85
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01942143F63EC98D88E129B55931368636C1
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PJ_033-sBjkY0H_2-J_9CDTOVIU.roa
Signing time: Wed 01 Jan 2025 09:48:09 +0000
ROA not before: Wed 01 Jan 2025 09:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 27176
IP address blocks: 37.16.76.0/24 maxlen: 24
37.16.79.0/24 maxlen: 24
91.188.236.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f6:3e:c9:8d:88:e1:29:b5:59:31:36:86:36:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jan 1 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c9ff4df7fac063918d07ff6f89ffd0834ce5485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f3:f7:a0:ff:f0:aa:aa:79:fc:ed:e3:3a:70:
b5:2e:b5:f8:59:0d:41:68:7d:94:7d:dd:63:dc:fc:
92:d8:71:cd:68:0a:98:b3:83:ec:6f:99:87:09:18:
06:25:e2:6e:21:a1:a8:51:f9:6e:92:2e:79:30:08:
76:19:44:25:00:85:e3:b7:6f:e8:b7:f5:ed:2e:20:
d4:77:12:8e:e0:b8:85:eb:0f:67:d7:2d:7e:a6:b9:
5d:4c:1f:d3:be:a6:b0:73:17:82:40:a7:3a:80:f9:
77:8b:b6:78:71:e7:e2:31:fa:8b:99:af:89:33:52:
64:42:55:b3:45:d7:3e:61:a4:88:f9:23:27:41:09:
3d:59:82:e8:36:5f:ac:0c:44:37:5a:0a:7b:6a:1d:
13:cb:6d:3f:6b:8d:cc:d8:c3:b1:41:d9:a7:07:1c:
27:c1:bb:fa:f0:51:18:83:e1:95:71:b4:f3:63:90:
1d:44:58:16:8b:4f:7c:88:14:43:73:a0:65:ff:d9:
0a:72:b0:eb:75:c0:06:50:55:71:c3:98:40:ae:15:
dc:21:86:75:ad:73:ca:fb:8a:af:cd:a9:fb:4e:07:
74:84:b8:5a:19:b9:08:1b:a0:8a:d5:73:5d:d1:76:
c4:8f:35:24:84:d9:48:2b:a2:f3:34:49:ce:b2:86:
d5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9F:F4:DF:7F:AC:06:39:18:D0:7F:F6:F8:9F:FD:08:34:CE:54:85
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/PJ_033-sBjkY0H_2-J_9CDTOVIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.76.0/24
37.16.79.0/24
91.188.236.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:08:9d:8e:e7:c3:ba:87:98:d7:88:ab:2a:ff:e6:9c:37:d3:
e4:c5:7c:c8:09:e4:bc:9d:42:ec:6b:e1:5a:b5:66:b1:eb:a3:
a4:60:32:a0:ad:58:a3:43:ea:5b:58:60:6d:2f:58:72:d2:cf:
ef:ae:e5:da:79:84:9b:8b:95:58:dd:0e:00:37:17:86:b5:8b:
96:cb:52:ac:e6:31:3b:17:e9:1a:4c:39:01:b9:34:0e:dc:fb:
5e:f5:16:fe:13:ec:2c:46:7e:7e:99:6a:0b:15:c6:de:4b:27:
33:75:bd:2f:35:e9:13:6f:d8:59:b7:e5:b6:0e:a6:b6:e5:a4:
c9:f7:a0:54:8f:e4:bc:a8:69:95:1c:e4:63:4d:2a:2d:c8:bd:
65:70:26:b5:a8:e8:2e:11:b7:b3:2b:98:28:2b:66:56:f7:7d:
7b:7d:0c:67:7e:b9:7a:3d:16:d1:46:8b:2f:7f:a3:c8:8a:11:
29:eb:a4:b0:f3:79:cd:28:ef:5b:22:71:e4:46:2f:18:dd:b8:
39:62:18:60:a1:67:b2:4f:ee:73:93:f2:9a:5c:05:7e:8a:cc:
1a:53:8d:cc:5c:7a:be:f2:ab:10:15:93:86:13:37:01:c0:0e:
44:83:67:3e:f7:b6:32:54:9c:b0:e0:e4:55:5d:68:fd:d2:26:
1b:f0:e6:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhQ/Y+yY2I4Sm1WTE2hjbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwMTAxMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzlmZjRkZjdmYWMwNjM5MThkMDdmZjZmODlmZmQwODM0Y2U1NDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/P3oP/wqqp5/O3jOnC1LrX4WQ1B
aH2Ufd1j3PyS2HHNaAqYs4Psb5mHCRgGJeJuIaGoUfluki55MAh2GUQlAIXjt2/o
t/XtLiDUdxKO4LiF6w9n1y1+prldTB/TvqawcxeCQKc6gPl3i7Z4cefiMfqLma+J
M1JkQlWzRdc+YaSI+SMnQQk9WYLoNl+sDEQ3Wgp7ah0Ty20/a43M2MOxQdmnBxwn
wbv68FEYg+GVcbTzY5AdRFgWi098iBRDc6Bl/9kKcrDrdcAGUFVxw5hArhXcIYZ1
rXPK+4qvzan7Tgd0hLhaGbkIG6CK1XNd0XbEjzUkhNlIK6LzNEnOsobV4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDyf9N9/rAY5GNB/9vif/Qg0zlSFMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvUEpfMDMzLXNCamtZMEhfMi1KXzlDRFRPVklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJRBMAwQA
JRBPAwQCW7zsMA0GCSqGSIb3DQEBCwUAA4IBAQBrCJ2O58O6h5jXiKsq/+acN9Pk
xXzICeS8nULsa+FatWax66OkYDKgrVijQ+pbWGBtL1hy0s/vruXaeYSbi5VY3Q4A
NxeGtYuWy1Ks5jE7F+kaTDkBuTQO3Pte9Rb+E+wsRn5+mWoLFcbeSyczdb0vNekT
b9hZt+W2Dqa25aTJ96BUj+S8qGmVHORjTSotyL1lcCa1qOguEbezK5goK2ZW9317
fQxnfrl6PRbRRosvf6PIihEp66Sw83nNKO9bInHkRi8Y3bg5YhhgoWeyT+5zk/Ka
XAV+iswaU43MXHq+8qsQFZOGEzcBwA5Eg2c+97YyVJyw4ORVXWj90iYb8OYA
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:56:42 2025 by rpki-client