Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/PGilG24LJ1aIW4iYrexXne39fZc.roa
File: PGilG24LJ1aIW4iYrexXne39fZc.roa (raw, json)
Hash identifier: zpizXc80T/XaXZkqvmHQb71SR6qyedS1a/hK7K4Wvvo=
Subject key identifier: 3C:68:A5:1B:6E:0B:27:56:88:5B:88:98:AD:EC:57:9D:ED:FD:7D:97
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 0190CB2D4099535D06D6F35EA1421A6B71D6
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/PGilG24LJ1aIW4iYrexXne39fZc.roa
Signing time: Fri 19 Jul 2024 13:27:38 +0000
ROA not before: Fri 19 Jul 2024 13:27:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138968
IP address blocks: 103.76.85.0/24 maxlen: 24
103.76.87.0/24 maxlen: 24
116.206.92.0/22 maxlen: 24
203.189.232.0/23 maxlen: 24
2a0f:6700::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cb:2d:40:99:53:5d:06:d6:f3:5e:a1:42:1a:6b:71:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Jul 19 13:27:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c68a51b6e0b2756885b8898adec579dedfd7d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:88:32:11:fc:fa:aa:e8:99:34:d6:d6:35:33:
c0:48:86:cd:82:aa:8a:fc:70:4d:40:b0:64:45:62:
89:6e:72:30:54:2d:07:b0:02:d5:14:62:38:84:a5:
e3:7c:9d:35:40:d8:f5:4e:9b:42:29:25:b0:72:fb:
60:a5:cc:3e:35:ca:38:4e:ff:1e:bb:d6:83:df:43:
db:ec:96:13:5c:3e:21:f6:3c:17:c3:9c:98:b2:03:
63:78:67:c6:7c:47:1a:50:28:a3:00:ef:78:42:98:
a7:19:fb:8d:3f:02:51:53:ff:58:56:22:99:64:18:
dc:3b:61:a9:07:60:95:65:f1:9d:e8:c8:7a:60:5b:
31:d9:4d:15:2d:c9:1f:a2:37:94:7f:44:32:bf:46:
91:07:1c:c8:73:6e:92:6b:42:36:41:04:61:b6:99:
0e:a7:9b:cd:a5:50:ac:ec:eb:09:de:fb:2f:8d:a8:
58:4f:61:4a:8c:0b:c3:ed:7e:70:80:81:1c:9f:ec:
3d:b4:fd:31:00:bd:84:14:39:58:d9:17:b1:39:d8:
06:4a:2f:2e:12:4b:9f:ac:7f:b6:6d:bd:f2:c2:72:
92:38:65:c3:70:fa:9e:23:b7:d5:e8:ca:62:02:68:
d1:3c:61:c6:fa:3f:5c:05:1a:2b:11:74:53:b7:4f:
72:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:68:A5:1B:6E:0B:27:56:88:5B:88:98:AD:EC:57:9D:ED:FD:7D:97
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/PGilG24LJ1aIW4iYrexXne39fZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.76.85.0/24
103.76.87.0/24
116.206.92.0/22
203.189.232.0/23
IPv6:
2a0f:6700::/29
Signature Algorithm: sha256WithRSAEncryption
3f:b7:ba:bd:55:b4:32:d0:7f:55:ad:a0:c4:e3:e9:77:e8:b5:
c7:08:4f:b4:f3:3b:16:b1:a7:24:4e:aa:2c:43:75:fa:5b:fb:
01:b5:e5:96:6e:dc:e0:3f:08:6c:ae:b5:cd:94:04:86:51:88:
4d:0c:69:6f:a7:2c:6e:8c:92:cb:c0:60:d8:7a:fb:a9:4d:1f:
34:20:ce:bb:7e:e7:0c:aa:74:de:99:65:c4:cb:27:15:08:4d:
24:d6:64:01:04:a4:1f:b9:5e:36:1f:43:62:ab:1e:77:78:af:
26:f3:08:f9:7a:69:76:ad:6a:a1:59:2b:38:c5:2f:de:2a:2d:
72:9b:f1:6c:da:ab:d2:d2:65:74:96:fc:27:07:7a:68:cb:16:
d5:f6:2a:46:38:71:f8:26:90:a9:08:34:af:7a:fb:d0:7c:af:
b5:ba:09:3e:1d:aa:8e:10:09:09:20:91:c2:d0:98:ec:7d:cc:
dd:c6:28:5e:f4:28:a6:f5:43:c0:86:80:81:13:23:e8:8e:13:
39:90:9b:de:ee:c8:cc:46:9d:98:c8:75:a7:6f:73:46:fc:29:
ce:51:5d:87:9c:53:7e:65:f5:42:13:c1:37:2f:0e:3b:f0:e9:
76:6a:a4:91:e7:ad:19:b0:2f:95:12:c1:23:42:05:2f:d9:54:
6e:b1:2a:b5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZDLLUCZU10G1vNeoUIaa3HWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjQwNzE5MTMyNzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzY4YTUxYjZlMGIyNzU2ODg1Yjg4OThhZGVjNTc5ZGVkZmQ3ZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIgyEfz6quiZNNbWNTPASIbNgqqK
/HBNQLBkRWKJbnIwVC0HsALVFGI4hKXjfJ01QNj1TptCKSWwcvtgpcw+Nco4Tv8e
u9aD30Pb7JYTXD4h9jwXw5yYsgNjeGfGfEcaUCijAO94QpinGfuNPwJRU/9YViKZ
ZBjcO2GpB2CVZfGd6Mh6YFsx2U0VLckfojeUf0Qyv0aRBxzIc26Sa0I2QQRhtpkO
p5vNpVCs7OsJ3vsvjahYT2FKjAvD7X5wgIEcn+w9tP0xAL2EFDlY2RexOdgGSi8u
EkufrH+2bb3ywnKSOGXDcPqeI7fV6MpiAmjRPGHG+j9cBRorEXRTt09y9QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDxopRtuCydWiFuImK3sV53t/X2XMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvUEdpbEcyNExKMWFJVzRpWXJleFhuZTM5ZlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAZ0xVAwQA
Z0xXAwQCdM5cAwQBy73oMA0EAgACMAcDBQMqD2cAMA0GCSqGSIb3DQEBCwUAA4IB
AQA/t7q9VbQy0H9VraDE4+l36LXHCE+08zsWsackTqosQ3X6W/sBteWWbtzgPwhs
rrXNlASGUYhNDGlvpyxujJLLwGDYevupTR80IM67fucMqnTemWXEyycVCE0k1mQB
BKQfuV42H0Niqx53eK8m8wj5eml2rWqhWSs4xS/eKi1ym/Fs2qvS0mV0lvwnB3po
yxbV9ipGOHH4JpCpCDSvevvQfK+1ugk+HaqOEAkJIJHC0Jjsfczdxihe9Cim9UPA
hoCBEyPojhM5kJve7sjMRp2YyHWnb3NG/CnOUV2HnFN+ZfVCE8E3Lw478Ol2aqSR
560ZsC+VEsEjQgUv2VRusSq1
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:52:57 2025 by rpki-client