Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/PNUti3X7fTE0OHEkRLQFQxtKCuk.roa
File: PNUti3X7fTE0OHEkRLQFQxtKCuk.roa (raw, json)
Hash identifier: aliXDs58/kIRits7ot3W71lRxlaREa6XrlyMb3I4GP0=
Subject key identifier: 3C:D5:2D:8B:75:FB:7D:31:34:38:71:24:44:B4:05:43:1B:4A:0A:E9
Certificate issuer: /CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Certificate serial: 01941FFA4D3F693A377EC0F50BEE44387419
Authority key identifier: 1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/PNUti3X7fTE0OHEkRLQFQxtKCuk.roa
Signing time: Wed 01 Jan 2025 03:48:04 +0000
ROA not before: Wed 01 Jan 2025 03:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59769
IP address blocks: 84.207.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:4d:3f:69:3a:37:7e:c0:f5:0b:ee:44:38:74:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe90fde9784a91d93a7a2af59d4d043f1171fba
Validity
Not Before: Jan 1 03:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3cd52d8b75fb7d313438712444b405431b4a0ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ef:a7:1c:4c:7e:d6:72:83:af:d1:bc:4a:df:
ee:13:09:c4:3b:8f:d7:7f:f8:3a:95:5f:ed:fc:d4:
9c:46:21:77:7b:fa:fc:61:f1:e2:e1:16:88:32:ff:
61:54:6f:20:02:8d:0a:fc:c8:95:44:97:48:38:06:
d0:36:c7:75:80:ca:2a:ed:da:99:b1:72:24:77:2e:
61:eb:23:5d:82:f2:5d:b7:3b:a4:f1:d4:44:b1:65:
1c:56:64:38:74:47:32:67:5a:23:5f:72:69:2c:79:
d9:60:b4:03:32:3d:4c:88:b1:72:96:96:71:86:bc:
f5:3e:d9:3c:42:14:ad:41:a8:0a:f1:be:d5:1e:6d:
0f:42:81:46:f8:82:ff:0f:78:a6:01:cd:56:16:df:
7c:6b:6f:31:aa:9c:eb:33:f4:1c:4b:e8:02:21:c8:
a2:78:fe:c9:aa:3f:96:f8:bd:00:64:60:48:44:cf:
fa:a9:82:f3:5c:35:6f:2d:58:d9:22:fa:fb:a9:f2:
bc:f8:e5:63:a2:91:a2:fa:f8:51:82:48:a3:6c:ca:
6d:1d:3d:86:7d:2f:21:56:89:04:ca:d9:02:6c:36:
70:88:88:aa:84:81:18:55:9f:d6:36:a6:20:cf:53:
e0:25:df:ce:84:1f:26:6e:df:0b:93:7d:19:92:25:
5c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D5:2D:8B:75:FB:7D:31:34:38:71:24:44:B4:05:43:1B:4A:0A:E9
X509v3 Authority Key Identifier:
keyid:1F:E9:0F:DE:97:84:A9:1D:93:A7:A2:AF:59:D4:D0:43:F1:17:1F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/PNUti3X7fTE0OHEkRLQFQxtKCuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a945f7-53b3-4db5-ae04-23772e7f92e3/1/H-kP3peEqR2Tp6KvWdTQQ_EXH7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.207.242.0/24
Signature Algorithm: sha256WithRSAEncryption
94:22:d8:0e:a3:17:3c:9c:0d:87:d8:6d:c3:f0:c2:e8:e5:0a:
f1:fd:ab:95:66:f8:dd:f7:e0:e8:bd:01:57:7b:79:81:c1:47:
01:3c:6a:27:09:56:52:9b:ed:7e:95:aa:19:f3:00:2c:b9:d3:
dc:b2:f2:c0:2b:ed:62:5b:48:7b:f8:ee:f5:5c:26:a7:22:1d:
90:98:98:48:a1:e3:f0:d0:bc:69:b5:32:69:28:35:e5:c4:9d:
c4:e4:dd:73:22:6f:15:32:f7:61:e1:56:13:b8:2d:52:77:64:
e5:18:c3:04:83:bd:41:b8:d4:52:cb:9f:b6:ed:25:c6:13:04:
fe:f7:d5:cd:8a:b6:93:e9:c4:28:f3:95:8a:70:b6:26:5b:a2:
90:cb:d4:c7:84:a4:ca:d7:06:6d:88:49:08:37:6e:ec:15:ed:
c4:df:a5:51:97:83:7a:c2:95:82:46:ef:6a:12:89:60:04:31:
2a:02:7e:bd:52:bc:17:98:7e:f1:52:c8:21:32:32:77:61:6e:
4c:96:5f:c3:99:7e:f7:5d:4f:83:82:8e:8b:19:5c:b4:8a:08:
13:13:88:9b:84:ae:62:a9:81:16:c3:3b:56:5c:77:9e:a3:7f:
f8:cb:50:c6:c1:7d:55:aa:26:be:ea:91:1f:d6:aa:66:0e:79:
b5:e8:d5:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+k0/aTo3fsD1C+5EOHQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZTkwZmRlOTc4NGE5MWQ5M2E3YTJhZjU5ZDRkMDQzZjEx
NzFmYmEwHhcNMjUwMTAxMDM0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Q1MmQ4Yjc1ZmI3ZDMxMzQzODcxMjQ0NGI0MDU0MzFiNGEwYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu+nHEx+1nKDr9G8St/uEwnEO4/X
f/g6lV/t/NScRiF3e/r8YfHi4RaIMv9hVG8gAo0K/MiVRJdIOAbQNsd1gMoq7dqZ
sXIkdy5h6yNdgvJdtzuk8dREsWUcVmQ4dEcyZ1ojX3JpLHnZYLQDMj1MiLFylpZx
hrz1Ptk8QhStQagK8b7VHm0PQoFG+IL/D3imAc1WFt98a28xqpzrM/QcS+gCIcii
eP7Jqj+W+L0AZGBIRM/6qYLzXDVvLVjZIvr7qfK8+OVjopGi+vhRgkijbMptHT2G
fS8hVokEytkCbDZwiIiqhIEYVZ/WNqYgz1PgJd/OhB8mbt8Lk30ZkiVcyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzVLYt1+30xNDhxJES0BUMbSgrpMB8GA1UdIwQY
MBaAFB/pD96XhKkdk6eir1nU0EPxFx+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQt
MjM3NzJlN2Y5MmUzLzEvUE5VdGkzWDdmVEUwT0hFa1JMUUZReHRLQ3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hOTQ1ZjctNTNiMy00ZGI1LWFlMDQtMjM3NzJlN2Y5MmUz
LzEvSC1rUDNwZUVxUjJUcDZLdldkVFFRX0VYSDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVM/yMA0G
CSqGSIb3DQEBCwUAA4IBAQCUItgOoxc8nA2H2G3D8MLo5Qrx/auVZvjd9+DovQFX
e3mBwUcBPGonCVZSm+1+laoZ8wAsudPcsvLAK+1iW0h7+O71XCanIh2QmJhIoePw
0LxptTJpKDXlxJ3E5N1zIm8VMvdh4VYTuC1Sd2TlGMMEg71BuNRSy5+27SXGEwT+
99XNiraT6cQo85WKcLYmW6KQy9THhKTK1wZtiEkIN27sFe3E36VRl4N6wpWCRu9q
EolgBDEqAn69UrwXmH7xUsghMjJ3YW5Mll/DmX73XU+Dgo6LGVy0iggTE4ibhK5i
qYEWwztWXHeeo3/4y1DGwX1Vqia+6pEf1qpmDnm16NUd
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:00:15 2025 by rpki-client