Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/pFZVBmgqiU0csf9W43g6FIWRCTM.roa
File: pFZVBmgqiU0csf9W43g6FIWRCTM.roa (raw, json)
Hash identifier: eUwZvrYwb50UrEhmGEwgTxwUKEPb4F3y0cFhI/MdzLc=
Subject key identifier: A4:56:55:06:68:2A:89:4D:1C:B1:FF:56:E3:78:3A:14:85:91:09:33
Certificate issuer: /CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Certificate serial: 019423D80857B8C2301A2D50D460EE182A19
Authority key identifier: 34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/pFZVBmgqiU0csf9W43g6FIWRCTM.roa
Signing time: Wed 01 Jan 2025 21:49:08 +0000
ROA not before: Wed 01 Jan 2025 21:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203887
IP address blocks: 185.120.172.0/22 maxlen: 24
185.120.172.0/24 maxlen: 24
185.120.173.0/24 maxlen: 24
185.120.174.0/23 maxlen: 24
185.120.174.0/24 maxlen: 24
185.120.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d8:08:57:b8:c2:30:1a:2d:50:d4:60:ee:18:2a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Validity
Not Before: Jan 1 21:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4565506682a894d1cb1ff56e3783a1485910933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8d:cb:94:e0:34:bb:f0:d3:f8:d9:31:1b:dd:
c2:52:1b:e9:e5:20:15:34:a3:a9:0e:0f:25:c0:32:
93:95:c1:11:4a:43:e1:79:ec:0d:7f:63:7d:0f:8f:
0b:68:af:e2:96:8c:1d:33:fb:a7:59:60:0a:ee:d3:
f5:02:70:9d:c3:f7:fe:71:43:b4:c4:75:62:b5:5e:
ae:51:44:88:1f:8f:17:05:3f:f3:a3:1f:7e:08:63:
99:77:4c:29:5c:3a:cb:dc:39:3e:48:8d:a1:bb:d6:
c9:b4:8d:b4:af:e6:e3:72:1b:86:3b:89:ea:af:96:
81:fa:dc:5a:58:6b:b2:fe:17:3f:ea:bf:f0:13:1c:
88:63:1e:9d:ab:6a:3a:74:98:a6:fe:5a:e7:23:7c:
13:3c:8e:e4:15:dd:8b:d4:6d:7c:c1:83:9e:e7:36:
59:5f:9c:a5:b8:75:b2:38:0e:c3:81:e0:74:70:fd:
55:fc:0f:5e:12:e6:d4:25:4a:67:3b:54:37:44:de:
52:dc:84:45:d4:35:99:74:fa:f5:57:14:ac:fd:43:
f6:be:b3:b8:67:cd:d7:26:0a:aa:8e:52:0f:70:0f:
51:bd:91:bd:db:c1:f1:4e:d3:a5:c1:cc:1c:08:1b:
2e:2d:e8:0c:0e:2b:11:59:89:95:d4:d7:31:00:0d:
a3:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:56:55:06:68:2A:89:4D:1C:B1:FF:56:E3:78:3A:14:85:91:09:33
X509v3 Authority Key Identifier:
keyid:34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/pFZVBmgqiU0csf9W43g6FIWRCTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.172.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:2f:04:ab:17:51:0f:62:33:71:f8:ba:41:69:a2:0f:1c:d4:
1b:9d:75:cf:0b:97:8c:09:24:4b:69:37:17:26:9c:5e:b5:8e:
d2:54:c0:57:fe:5d:f8:37:3e:64:9f:02:82:5d:6d:22:93:24:
59:65:be:56:33:bc:b6:99:16:9f:d7:81:69:00:b3:ac:f1:99:
2b:64:62:18:1f:18:48:b6:4c:f9:fa:e0:37:85:c2:cb:84:2f:
28:44:e2:2e:0c:6a:72:e6:94:d8:1e:e2:45:36:48:1b:ae:88:
24:eb:a3:d4:e7:28:ed:6c:e7:f7:cc:b7:fa:2d:84:99:5e:b0:
34:c3:a5:fb:51:3b:60:d1:06:8a:2a:f7:76:88:65:78:e3:95:
87:b1:43:25:37:64:94:0a:b3:83:cc:c5:fd:8e:f6:6c:b3:c3:
32:60:d2:e8:55:d2:45:28:cb:ee:a5:32:9c:94:fa:af:e7:65:
fc:42:cc:cf:af:47:55:89:cd:6d:3b:19:31:e9:35:b9:53:0e:
23:86:8c:5d:e7:90:df:ed:e1:da:cc:3b:1b:d2:9d:46:76:02:
90:62:cd:81:83:6d:22:02:35:64:bd:7d:81:57:13:e8:fb:47:
94:52:f3:2b:cc:b0:79:5f:cc:d0:67:8c:79:de:53:59:a1:09:
37:83:7c:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj2AhXuMIwGi1Q1GDuGCoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWFlNjQ2ZWEzNGFkMjY4OGFjYTJmZGQxYTZmMzM0MDM1
NjQ5NWUwHhcNMjUwMTAxMjE0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDU2NTUwNjY4MmE4OTRkMWNiMWZmNTZlMzc4M2ExNDg1OTEwOTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo3LlOA0u/DT+NkxG93CUhvp5SAV
NKOpDg8lwDKTlcERSkPheewNf2N9D48LaK/ilowdM/unWWAK7tP1AnCdw/f+cUO0
xHVitV6uUUSIH48XBT/zox9+CGOZd0wpXDrL3Dk+SI2hu9bJtI20r+bjchuGO4nq
r5aB+txaWGuy/hc/6r/wExyIYx6dq2o6dJim/lrnI3wTPI7kFd2L1G18wYOe5zZZ
X5yluHWyOA7DgeB0cP1V/A9eEubUJUpnO1Q3RN5S3IRF1DWZdPr1VxSs/UP2vrO4
Z83XJgqqjlIPcA9RvZG928HxTtOlwcwcCBsuLegMDisRWYmV1NcxAA2jLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRWVQZoKolNHLH/VuN4OhSFkQkzMB8GA1UdIwQY
MBaAFDRa5kbqNK0miKyi/dGm8zQDVkleMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMt
ZjQ5MTIwYmVkNTFjLzEvcEZaVkJtZ3FpVTBjc2Y5VzQzZzZGSVdSQ1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMtZjQ5MTIwYmVkNTFj
LzEvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXisMA0G
CSqGSIb3DQEBCwUAA4IBAQBfLwSrF1EPYjNx+LpBaaIPHNQbnXXPC5eMCSRLaTcX
JpxetY7SVMBX/l34Nz5knwKCXW0ikyRZZb5WM7y2mRaf14FpALOs8ZkrZGIYHxhI
tkz5+uA3hcLLhC8oROIuDGpy5pTYHuJFNkgbrogk66PU5yjtbOf3zLf6LYSZXrA0
w6X7UTtg0QaKKvd2iGV445WHsUMlN2SUCrODzMX9jvZss8MyYNLoVdJFKMvupTKc
lPqv52X8QszPr0dVic1tOxkx6TW5Uw4jhoxd55Df7eHazDsb0p1GdgKQYs2Bg20i
AjVkvX2BVxPo+0eUUvMrzLB5X8zQZ4x53lNZoQk3g3yU
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:57:51 2025 by rpki-client