Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/PGYW1obt-STvrBQJALPbGr48Xtg.roa
File: PGYW1obt-STvrBQJALPbGr48Xtg.roa (raw, json)
Hash identifier: 6tnAgG9h+x9ijYoiB+/z2CMMC7XA2eLRCN2PcJiMkv4=
Subject key identifier: 3C:66:16:D6:86:ED:F9:24:EF:AC:14:09:00:B3:DB:1A:BE:3C:5E:D8
Certificate issuer: /CN=0e64f81b9e36b849917787678d014db4bfcef311
Certificate serial: 018CC500375375E3E1866B040F0205169B14
Authority key identifier: 0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/PGYW1obt-STvrBQJALPbGr48Xtg.roa
Signing time: Mon 01 Jan 2024 12:29:34 +0000
ROA not before: Mon 01 Jan 2024 12:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4785
IP address blocks: 2a14:1f80::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:37:53:75:e3:e1:86:6b:04:0f:02:05:16:9b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e64f81b9e36b849917787678d014db4bfcef311
Validity
Not Before: Jan 1 12:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c6616d686edf924efac140900b3db1abe3c5ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:75:2f:5d:5c:fb:eb:6a:8e:ba:40:f3:aa:e7:
02:df:fd:92:a3:64:29:29:4e:d0:31:6f:5c:80:ab:
61:9a:4d:6b:9c:04:d0:45:41:7b:c2:94:be:62:c5:
cb:83:20:85:b8:65:0e:8a:35:56:02:0e:fe:d2:ff:
72:28:b1:72:ba:c9:ea:b3:76:9a:5d:54:6f:24:76:
32:30:48:1c:b6:5b:08:f7:e7:0f:09:76:c4:e8:91:
79:1e:90:5f:b1:75:87:70:bd:ac:10:c7:fc:bc:df:
eb:02:0d:0a:36:03:40:39:ec:ae:91:1c:ea:01:17:
3e:9c:48:09:8b:38:c8:97:d7:99:a2:f6:50:b6:d6:
e4:0e:e8:e6:21:db:74:74:a7:2e:0e:8e:df:82:e5:
64:61:89:df:10:57:01:29:ba:1c:34:be:b2:bc:d7:
03:99:4c:7a:51:19:5c:3a:a0:75:79:d5:fe:6a:b8:
4d:b0:a9:85:ed:b2:a7:d3:b9:97:95:b7:07:47:f0:
4b:a2:ad:7f:4a:f8:e1:11:19:04:cf:74:62:30:39:
40:3c:27:91:be:04:a2:fd:55:a6:bf:2e:13:94:fa:
f1:62:52:d5:fc:68:89:a3:10:b4:9f:5e:12:01:47:
24:d6:84:2b:b6:8a:e9:d5:64:fc:7c:ba:ad:1e:5c:
92:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:66:16:D6:86:ED:F9:24:EF:AC:14:09:00:B3:DB:1A:BE:3C:5E:D8
X509v3 Authority Key Identifier:
keyid:0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/PGYW1obt-STvrBQJALPbGr48Xtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1f80::/29
Signature Algorithm: sha256WithRSAEncryption
71:7f:c0:b0:d2:69:dd:78:dd:95:d5:f6:b9:f6:60:9a:a5:2c:
8c:a2:eb:2d:da:ae:f7:4a:77:d7:08:c2:4d:1a:de:42:7c:5f:
3e:6a:38:f4:0b:eb:12:8e:65:f9:39:9a:58:50:b3:c6:ec:15:
31:dc:a0:90:01:90:ad:70:84:39:df:71:26:85:33:ad:37:f3:
4f:fa:31:89:70:db:06:75:23:59:d8:e9:aa:da:99:38:26:79:
f5:9d:ba:be:82:fa:a6:d7:e1:bb:0f:41:69:b9:85:84:28:08:
47:b2:af:ac:43:ab:d3:f8:e1:a9:c1:64:f0:d3:6e:8a:d7:e8:
3b:d9:07:7b:e0:2a:d8:8d:23:56:8f:d6:92:02:7c:24:91:56:
50:a6:b8:45:ed:bd:27:ce:c6:b6:7c:2d:9b:08:9f:c7:8e:32:
0d:4b:22:2e:2d:1d:20:6f:fa:8e:dc:18:47:dc:71:4a:af:b1:
4f:7a:d6:ad:66:9a:ea:7a:f7:dc:0e:19:43:54:9b:45:bc:0b:
e3:77:20:64:fd:1e:e9:d6:d1:c8:cc:fe:32:86:80:d2:33:cd:
19:1b:79:9c:f9:bb:31:d6:c6:d3:b7:9e:32:cd:ed:ce:98:dd:
7e:c8:3f:ec:7f:08:20:93:48:31:4d:dd:09:42:8a:fa:1e:28:
66:03:33:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFADdTdePhhmsEDwIFFpsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNjRmODFiOWUzNmI4NDk5MTc3ODc2NzhkMDE0ZGI0YmZj
ZWYzMTEwHhcNMjQwMTAxMTIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzY2MTZkNjg2ZWRmOTI0ZWZhYzE0MDkwMGIzZGIxYWJlM2M1ZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3UvXVz762qOukDzqucC3/2So2Qp
KU7QMW9cgKthmk1rnATQRUF7wpS+YsXLgyCFuGUOijVWAg7+0v9yKLFyusnqs3aa
XVRvJHYyMEgctlsI9+cPCXbE6JF5HpBfsXWHcL2sEMf8vN/rAg0KNgNAOeyukRzq
ARc+nEgJizjIl9eZovZQttbkDujmIdt0dKcuDo7fguVkYYnfEFcBKbocNL6yvNcD
mUx6URlcOqB1edX+arhNsKmF7bKn07mXlbcHR/BLoq1/SvjhERkEz3RiMDlAPCeR
vgSi/VWmvy4TlPrxYlLV/GiJoxC0n14SAUck1oQrtorp1WT8fLqtHlyScwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDxmFtaG7fkk76wUCQCz2xq+PF7YMB8GA1UdIwQY
MBaAFA5k+BueNrhJkXeHZ40BTbS/zvMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTct
YzhmMTgyZTk1ZWE1LzEvUEdZVzFvYnQtU1R2ckJRSkFMUGJHcjQ4WHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTctYzhmMTgyZTk1ZWE1
LzEvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQfgDAN
BgkqhkiG9w0BAQsFAAOCAQEAcX/AsNJp3XjdldX2ufZgmqUsjKLrLdqu90p31wjC
TRreQnxfPmo49AvrEo5l+TmaWFCzxuwVMdygkAGQrXCEOd9xJoUzrTfzT/oxiXDb
BnUjWdjpqtqZOCZ59Z26voL6ptfhuw9BabmFhCgIR7KvrEOr0/jhqcFk8NNuitfo
O9kHe+Aq2I0jVo/WkgJ8JJFWUKa4Re29J87Gtnwtmwifx44yDUsiLi0dIG/6jtwY
R9xxSq+xT3rWrWaa6nr33A4ZQ1SbRbwL43cgZP0e6dbRyMz+MoaA0jPNGRt5nPm7
MdbG07eeMs3tzpjdfsg/7H8IIJNIMU3dCUKK+h4oZgMzGg==
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:11:33 2025 by rpki-client