Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/PDBHDT9Ey-CIRopcCcPeOfP7QbI.roa
File: PDBHDT9Ey-CIRopcCcPeOfP7QbI.roa (raw, json)
Hash identifier: 1gg+4WTpUXa0NgAzEHoxsAIp0J0VDHvIAbex8ZeH+o4=
Subject key identifier: 3C:30:47:0D:3F:44:CB:E0:88:46:8A:5C:09:C3:DE:39:F3:FB:41:B2
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 018DB7EFCAD7F05CEB8F325F8CC240AF5BA4
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/PDBHDT9Ey-CIRopcCcPeOfP7QbI.roa
Signing time: Sat 17 Feb 2024 16:39:21 +0000
ROA not before: Sat 17 Feb 2024 16:39:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 185.121.26.0/23 maxlen: 24
2a05:b0c4:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b7:ef:ca:d7:f0:5c:eb:8f:32:5f:8c:c2:40:af:5b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Feb 17 16:39:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c30470d3f44cbe088468a5c09c3de39f3fb41b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cc:b1:76:88:bd:07:10:44:d5:c5:47:f7:0c:
8c:4c:c0:51:08:a5:5a:92:03:f9:d0:54:f7:d6:e1:
07:98:04:b2:0c:e9:30:cb:7e:b1:10:2e:49:1c:ba:
ba:9b:b7:87:47:85:aa:b7:fa:1c:8d:31:5f:11:9d:
81:ea:f2:70:5b:1e:95:d4:c7:ca:c8:0d:97:d7:7b:
b1:44:2c:cb:4a:d9:e3:bd:ba:53:59:e2:09:c1:c7:
55:1a:61:96:e9:8f:23:e2:da:ef:11:41:01:09:f0:
5e:9b:da:dd:8f:3d:5e:8e:de:2d:d7:a5:12:67:e6:
08:fe:c8:1f:08:6f:57:f7:7f:37:ed:4c:8e:95:4b:
69:16:d9:f0:c6:61:5c:c1:84:c9:9c:0b:23:25:78:
97:c5:08:88:24:d0:12:08:fd:2b:b2:ad:83:79:06:
77:63:a7:a4:c3:a2:51:f3:3f:63:ba:f8:64:86:b8:
25:58:22:05:11:ab:f9:13:4e:98:54:f2:4c:07:c2:
cf:2c:84:e8:d7:35:88:49:cc:1e:09:a4:f3:07:86:
eb:ab:66:42:c3:02:e6:49:92:4c:00:19:58:62:bc:
01:82:b2:0c:f3:d4:f1:85:30:82:2b:09:b5:e3:51:
28:94:40:d3:b0:e5:da:8a:1c:7b:2a:15:50:33:1d:
a3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:30:47:0D:3F:44:CB:E0:88:46:8A:5C:09:C3:DE:39:F3:FB:41:B2
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/PDBHDT9Ey-CIRopcCcPeOfP7QbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.26.0/23
IPv6:
2a05:b0c4:2::/48
Signature Algorithm: sha256WithRSAEncryption
17:72:44:f2:b9:2a:f5:79:ee:b3:74:f4:3a:49:1e:c8:1a:72:
a2:b5:3e:1a:d5:16:96:79:1d:ff:20:93:4f:7a:73:5e:35:f0:
89:09:67:48:a3:d5:1c:ed:02:40:80:a2:bd:9d:c3:55:97:b6:
cf:27:95:f5:5f:82:51:c4:58:e0:f8:71:f6:3a:26:90:1d:1d:
b3:ba:88:ac:c0:23:60:d5:56:03:05:4a:21:77:25:f1:db:e6:
a3:6b:08:ec:37:0b:77:7c:b3:7b:6f:88:98:ab:c0:d2:c2:3a:
e8:37:a9:9b:8d:da:d6:57:8f:f2:c9:e6:b4:e8:ff:0c:2e:ee:
f6:c4:9d:5b:a7:e6:eb:93:61:9b:16:82:57:57:e4:6f:b4:ae:
15:36:47:3f:59:32:0e:db:f9:c7:5b:5c:b1:68:4d:23:a8:64:
7a:60:74:d3:79:80:2b:86:a9:f2:62:55:39:1f:22:2f:2f:22:
ff:34:d7:2f:89:33:b2:59:e4:92:06:f7:5a:97:29:fa:bc:a4:
35:a3:a9:c3:3e:02:dd:fb:52:84:3c:d0:39:04:4c:a0:ef:0d:
81:df:db:35:8a:8d:c3:d3:45:c6:ad:6f:95:f0:94:23:9e:2c:
0b:2b:03:c3:aa:57:ae:47:bc:37:01:82:5c:76:a4:1a:5a:73:
17:33:8e:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2378rX8FzrjzJfjMJAr1ukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjQwMjE3MTYzOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzMwNDcwZDNmNDRjYmUwODg0NjhhNWMwOWMzZGUzOWYzZmI0MWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcyxdoi9BxBE1cVH9wyMTMBRCKVa
kgP50FT31uEHmASyDOkwy36xEC5JHLq6m7eHR4Wqt/ocjTFfEZ2B6vJwWx6V1MfK
yA2X13uxRCzLStnjvbpTWeIJwcdVGmGW6Y8j4trvEUEBCfBem9rdjz1ejt4t16US
Z+YI/sgfCG9X93837UyOlUtpFtnwxmFcwYTJnAsjJXiXxQiIJNASCP0rsq2DeQZ3
Y6ekw6JR8z9juvhkhrglWCIFEav5E06YVPJMB8LPLITo1zWIScweCaTzB4brq2ZC
wwLmSZJMABlYYrwBgrIM89TxhTCCKwm141EolEDTsOXaihx7KhVQMx2jkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDwwRw0/RMvgiEaKXAnD3jnz+0GyMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvUERCSERUOUV5LUNJUm9wY0NjUGVPZlA3UWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuXkaMA8E
AgACMAkDBwAqBbDEAAIwDQYJKoZIhvcNAQELBQADggEBABdyRPK5KvV57rN09DpJ
HsgacqK1PhrVFpZ5Hf8gk096c1418IkJZ0ij1RztAkCAor2dw1WXts8nlfVfglHE
WOD4cfY6JpAdHbO6iKzAI2DVVgMFSiF3JfHb5qNrCOw3C3d8s3tviJirwNLCOug3
qZuN2tZXj/LJ5rTo/wwu7vbEnVun5uuTYZsWgldX5G+0rhU2Rz9ZMg7b+cdbXLFo
TSOoZHpgdNN5gCuGqfJiVTkfIi8vIv801y+JM7JZ5JIG91qXKfq8pDWjqcM+At37
UoQ80DkETKDvDYHf2zWKjcPTRcatb5XwlCOeLAsrA8OqV65HvDcBglx2pBpacxcz
jkY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:27:45 2025 by rpki-client