Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/6728ad-9070-4b11-aa98-c2e5fdb925f3/1/PFFyeCJC6cLDRzBunSTx6XClwOU.roa
File: PFFyeCJC6cLDRzBunSTx6XClwOU.roa (raw, json)
Hash identifier: yBKE0hL/zml+eRdLgranPk5Ybg2LGLmS7p0ASbA+S9o=
Subject key identifier: 3C:51:72:78:22:42:E9:C2:C3:47:30:6E:9D:24:F1:E9:70:A5:C0:E5
Certificate issuer: /CN=453639642f9d2b4672343af8d82fc75547cd9851
Certificate serial: 018570028359441C11F4C5BA0A87BF0A5A67
Authority key identifier: 45:36:39:64:2F:9D:2B:46:72:34:3A:F8:D8:2F:C7:55:47:CD:98:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RTY5ZC-dK0ZyNDr42C_HVUfNmFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/6728ad-9070-4b11-aa98-c2e5fdb925f3/1/PFFyeCJC6cLDRzBunSTx6XClwOU.roa
Signing time: Mon 02 Jan 2023 01:04:50 +0000
ROA not before: Mon 02 Jan 2023 01:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43872
IP address blocks: 217.198.183.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:83:59:44:1c:11:f4:c5:ba:0a:87:bf:0a:5a:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453639642f9d2b4672343af8d82fc75547cd9851
Validity
Not Before: Jan 2 01:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c5172782242e9c2c347306e9d24f1e970a5c0e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:92:a4:b7:e6:51:9b:a2:c9:b1:2c:a2:b2:da:
6f:d4:99:1f:e4:11:0c:b8:f3:16:4e:e7:f5:e8:8c:
42:43:b1:fc:62:90:4b:03:9f:6d:82:62:be:67:cd:
3c:4b:d2:f0:26:d6:7c:43:25:4e:45:f4:04:b6:47:
6d:87:d9:7d:d2:0c:70:76:5f:11:77:07:d4:66:ef:
a7:2e:8c:9f:ca:b3:40:74:a8:c1:84:c5:50:4f:7d:
2a:28:ce:76:a9:bf:35:23:b8:e5:bb:3e:ae:37:a8:
d7:69:64:60:1a:f1:74:42:fd:77:3a:ba:67:fc:96:
f9:a6:7e:c5:13:42:e4:8e:50:81:f0:03:79:e2:27:
1d:a4:7d:b3:0a:71:df:53:0d:b2:ec:d4:a7:21:80:
d4:69:bd:43:55:0a:eb:2e:16:ea:7f:35:cd:b7:be:
ca:93:38:c4:f3:fd:c4:39:30:e5:63:ae:b3:97:25:
71:d2:92:06:29:19:d0:c4:50:b2:5f:30:05:1b:4c:
d3:30:16:20:2a:7a:1a:45:94:60:bd:14:b7:99:46:
3f:8f:ee:52:a1:fa:4a:1c:8b:b3:72:f6:a4:c5:f4:
f1:0c:fe:10:3f:6b:17:0d:6c:53:66:ff:ce:24:c3:
c5:b6:08:77:80:07:64:a0:d0:9b:18:a9:eb:c1:65:
1c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:51:72:78:22:42:E9:C2:C3:47:30:6E:9D:24:F1:E9:70:A5:C0:E5
X509v3 Authority Key Identifier:
keyid:45:36:39:64:2F:9D:2B:46:72:34:3A:F8:D8:2F:C7:55:47:CD:98:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RTY5ZC-dK0ZyNDr42C_HVUfNmFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/6728ad-9070-4b11-aa98-c2e5fdb925f3/1/PFFyeCJC6cLDRzBunSTx6XClwOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/6728ad-9070-4b11-aa98-c2e5fdb925f3/1/RTY5ZC-dK0ZyNDr42C_HVUfNmFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.198.183.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:80:3a:6b:70:e2:59:f5:03:6a:eb:73:d4:df:2e:51:43:e6:
d2:1c:ce:f4:b9:c8:8f:e9:ba:a6:b8:a2:6f:6b:8e:4b:10:73:
d8:9c:77:19:b6:27:d1:c8:5a:68:d4:b8:94:14:ed:c1:27:72:
98:2c:4b:44:95:93:e1:60:6c:c3:70:e8:56:4b:dd:c9:6b:6e:
b4:54:25:f1:29:a3:28:81:04:35:d2:9d:73:01:5e:86:85:69:
87:13:42:85:cb:d9:da:37:25:e4:54:29:d5:d8:00:6c:d7:b1:
f0:49:44:cd:0a:a4:05:a5:2d:1e:bb:d0:b3:64:e6:4b:9e:a9:
a7:dd:1c:27:b7:89:36:02:85:94:35:0c:ee:09:c9:ab:cd:54:
57:8e:b6:37:85:35:35:c2:8b:63:4f:73:47:58:99:83:4d:fe:
58:96:ed:e7:e5:2d:7f:10:6d:08:63:56:df:b8:cc:4b:49:82:
36:6e:77:ca:79:35:14:78:c3:54:e7:90:29:7c:06:0a:82:ee:
ec:a3:a7:2f:8e:fa:51:b2:6e:0b:d5:df:28:08:a6:28:ab:ca:
55:59:94:51:5b:95:81:f1:90:d1:1b:18:b0:fa:ae:3e:b2:bd:
c5:3e:29:9a:43:a4:a1:ad:88:99:d9:2c:51:08:8e:04:95:52:
08:84:51:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAoNZRBwR9MW6Coe/ClpnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MzYzOTY0MmY5ZDJiNDY3MjM0M2FmOGQ4MmZjNzU1NDdj
ZDk4NTEwHhcNMjMwMTAyMDEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzUxNzI3ODIyNDJlOWMyYzM0NzMwNmU5ZDI0ZjFlOTcwYTVjMGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJKkt+ZRm6LJsSyistpv1Jkf5BEM
uPMWTuf16IxCQ7H8YpBLA59tgmK+Z808S9LwJtZ8QyVORfQEtkdth9l90gxwdl8R
dwfUZu+nLoyfyrNAdKjBhMVQT30qKM52qb81I7jluz6uN6jXaWRgGvF0Qv13Orpn
/Jb5pn7FE0LkjlCB8AN54icdpH2zCnHfUw2y7NSnIYDUab1DVQrrLhbqfzXNt77K
kzjE8/3EOTDlY66zlyVx0pIGKRnQxFCyXzAFG0zTMBYgKnoaRZRgvRS3mUY/j+5S
ofpKHIuzcvakxfTxDP4QP2sXDWxTZv/OJMPFtgh3gAdkoNCbGKnrwWUcewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxRcngiQunCw0cwbp0k8elwpcDlMB8GA1UdIwQY
MBaAFEU2OWQvnStGcjQ6+Ngvx1VHzZhRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlRZNVpDLWRLMFp5TkRyNDJDX0hWVWZObUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC82NzI4YWQtOTA3MC00YjExLWFhOTgt
YzJlNWZkYjkyNWYzLzEvUEZGeWVDSkM2Y0xEUnpCdW5TVHg2WENsd09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC82NzI4YWQtOTA3MC00YjExLWFhOTgtYzJlNWZkYjkyNWYz
LzEvUlRZNVpDLWRLMFp5TkRyNDJDX0hWVWZObUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ca3MA0G
CSqGSIb3DQEBCwUAA4IBAQCpgDprcOJZ9QNq63PU3y5RQ+bSHM70uciP6bqmuKJv
a45LEHPYnHcZtifRyFpo1LiUFO3BJ3KYLEtElZPhYGzDcOhWS93Ja260VCXxKaMo
gQQ10p1zAV6GhWmHE0KFy9naNyXkVCnV2ABs17HwSUTNCqQFpS0eu9CzZOZLnqmn
3Rwnt4k2AoWUNQzuCcmrzVRXjrY3hTU1wotjT3NHWJmDTf5Ylu3n5S1/EG0IY1bf
uMxLSYI2bnfKeTUUeMNU55ApfAYKgu7so6cvjvpRsm4L1d8oCKYoq8pVWZRRW5WB
8ZDRGxiw+q4+sr3FPimaQ6ShrYiZ2SxRCI4ElVIIhFES
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:39:51 2025 by rpki-client