Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/PFP2_Ey5DGmkdKifFos2noWGR3c.roa
File: PFP2_Ey5DGmkdKifFos2noWGR3c.roa (raw, json)
Hash identifier: NHvMdxlhbRJ+AiCsPrNcH+zHMrgK0xKEh1LELFeePxE=
Subject key identifier: 3C:53:F6:FC:4C:B9:0C:69:A4:74:A8:9F:16:8B:36:9E:85:86:47:77
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 019425FCB140D4C4422BCC8236E995E6D05A
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/PFP2_Ey5DGmkdKifFos2noWGR3c.roa
Signing time: Thu 02 Jan 2025 07:48:24 +0000
ROA not before: Thu 02 Jan 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57966
IP address blocks: 206.252.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:b1:40:d4:c4:42:2b:cc:82:36:e9:95:e6:d0:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c53f6fc4cb90c69a474a89f168b369e85864777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dd:e1:35:c7:8c:e9:5d:56:9d:42:29:f9:f0:
12:6c:2d:2d:da:fc:49:d2:9c:a8:21:db:e5:ce:3e:
3a:83:f5:ea:b9:97:33:dd:a2:e8:ca:1d:85:92:d2:
a0:26:84:99:89:f8:b8:a9:b6:1d:2c:34:84:ba:87:
64:de:aa:7d:1e:8e:46:d4:4b:b0:75:a1:08:50:b8:
53:2c:67:06:47:58:c8:8a:e6:db:a4:bc:b8:3d:c7:
05:21:92:af:7f:d7:2a:dd:18:93:65:a7:45:b5:04:
27:34:84:c9:73:94:30:8b:96:e1:f9:bb:99:9a:c0:
5b:a4:63:6f:f9:8a:50:f5:85:76:e0:b3:55:52:56:
10:59:01:e2:b5:16:34:5c:e8:c2:62:19:02:6b:f7:
53:e8:39:e7:c7:d0:70:61:08:3b:99:07:1a:72:b3:
ac:41:66:53:eb:07:22:ba:c9:54:f7:7f:51:1a:fc:
6c:eb:45:82:65:e1:35:9b:84:c8:3f:af:86:dc:b9:
ee:8a:cf:97:e4:c9:fa:69:ac:12:15:2a:e8:9c:3f:
52:f7:52:4c:a0:c2:d4:5a:46:c3:1a:32:68:80:fe:
f8:06:bd:a0:5e:e5:27:73:20:b0:37:0f:ac:7f:83:
3b:32:63:2b:86:f7:64:39:c3:86:01:ff:9b:f2:99:
22:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:53:F6:FC:4C:B9:0C:69:A4:74:A8:9F:16:8B:36:9E:85:86:47:77
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/PFP2_Ey5DGmkdKifFos2noWGR3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
206.252.231.0/24
Signature Algorithm: sha256WithRSAEncryption
77:cb:b8:a0:a1:88:0a:48:d8:c0:37:0a:a0:66:74:1d:fe:1d:
67:e1:81:75:13:b9:c0:86:6a:6d:e9:fd:88:bd:fc:f7:a5:14:
68:61:02:60:03:6d:1e:2a:a2:a7:22:69:69:a4:15:64:5a:d0:
4b:d7:bc:32:53:27:93:5f:2c:b6:44:14:ae:c8:8f:74:88:39:
79:b8:66:0e:88:68:39:8f:31:57:ca:92:bd:b8:9e:db:f5:7a:
a3:61:78:81:cd:66:86:e3:e3:8e:d5:d6:4c:ba:3c:79:2b:60:
d1:3f:1a:bf:86:28:b1:dd:cb:c8:9c:1b:5a:8b:63:d1:18:39:
5a:48:1b:1e:93:7a:80:a8:24:90:0f:18:44:e3:af:b6:45:3e:
48:76:e7:ec:d2:19:f3:15:c5:09:77:80:86:a6:b5:35:f5:fa:
e8:a1:79:49:e1:da:94:a1:60:67:14:44:ce:a9:80:44:4c:ba:
a0:ea:9f:37:07:f9:7b:86:47:10:43:f7:95:ba:08:a6:d3:18:
ad:11:7c:42:d6:1b:5f:c6:40:2e:95:37:25:4d:dd:cc:99:53:
e6:bc:d8:f7:68:41:dd:92:02:f4:5e:d2:44:e3:32:fa:2b:00:
3a:0b:7e:06:0e:62:8e:11:5d:0d:c0:d1:66:b5:04:97:48:24:
4c:16:27:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/LFA1MRCK8yCNumV5tBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjUwMTAyMDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzUzZjZmYzRjYjkwYzY5YTQ3NGE4OWYxNjhiMzY5ZTg1ODY0Nzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwd3hNceM6V1WnUIp+fASbC0t2vxJ
0pyoIdvlzj46g/XquZcz3aLoyh2FktKgJoSZifi4qbYdLDSEuodk3qp9Ho5G1Euw
daEIULhTLGcGR1jIiubbpLy4PccFIZKvf9cq3RiTZadFtQQnNITJc5Qwi5bh+buZ
msBbpGNv+YpQ9YV24LNVUlYQWQHitRY0XOjCYhkCa/dT6Dnnx9BwYQg7mQcacrOs
QWZT6wciuslU939RGvxs60WCZeE1m4TIP6+G3Lnuis+X5Mn6aawSFSronD9S91JM
oMLUWkbDGjJogP74Br2gXuUncyCwNw+sf4M7MmMrhvdkOcOGAf+b8pkigwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxT9vxMuQxppHSonxaLNp6Fhkd3MB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvUEZQMl9FeTVER21rZEtpZkZvczJub1dHUjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAzvznMA0G
CSqGSIb3DQEBCwUAA4IBAQB3y7igoYgKSNjANwqgZnQd/h1n4YF1E7nAhmpt6f2I
vfz3pRRoYQJgA20eKqKnImlppBVkWtBL17wyUyeTXyy2RBSuyI90iDl5uGYOiGg5
jzFXypK9uJ7b9XqjYXiBzWaG4+OO1dZMujx5K2DRPxq/hiix3cvInBtai2PRGDla
SBsek3qAqCSQDxhE46+2RT5Idufs0hnzFcUJd4CGprU19frooXlJ4dqUoWBnFETO
qYBETLqg6p83B/l7hkcQQ/eVugim0xitEXxC1htfxkAulTclTd3MmVPmvNj3aEHd
kgL0XtJE4zL6KwA6C34GDmKOEV0NwNFmtQSXSCRMFifW
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:52 2025 by rpki-client