Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/pvBG2xECdzHTVs641X3gqPzR1UY.roa
File: pvBG2xECdzHTVs641X3gqPzR1UY.roa (raw, json)
Hash identifier: +WsgWlUpXhizekJl6wsI6hTdTwZfghausXWKF2aVl1o=
Subject key identifier: A6:F0:46:DB:11:02:77:31:D3:56:CE:B8:D5:7D:E0:A8:FC:D1:D5:46
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 0194266BF6FB6747BA7D69AC0BAF8A85E557
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/pvBG2xECdzHTVs641X3gqPzR1UY.roa
Signing time: Thu 02 Jan 2025 09:49:57 +0000
ROA not before: Thu 02 Jan 2025 09:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207555
IP address blocks: 188.114.64.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f6:fb:67:47:ba:7d:69:ac:0b:af:8a:85:e5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 2 09:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6f046db11027731d356ceb8d57de0a8fcd1d546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6e:bf:1d:91:4d:ca:ed:e9:51:73:93:c0:c2:
a3:17:11:14:76:5c:17:0b:9f:ec:3c:9b:fe:25:be:
f9:1e:71:6b:78:fd:7b:9c:c0:08:66:4c:93:3c:7b:
76:6b:69:17:20:5b:e6:b0:43:16:1e:ca:d1:ab:18:
32:b5:d6:0f:ad:56:dd:98:18:61:de:d0:38:24:7b:
d0:68:1e:03:03:5d:89:87:5d:27:21:39:86:2f:b5:
10:7f:01:67:be:be:05:a1:b5:08:25:75:d2:a0:f9:
9c:43:01:8e:54:e1:6c:93:43:7f:0c:ad:ba:0a:d3:
0e:ec:df:fa:d6:65:53:0e:b2:da:12:27:c2:1c:b6:
73:35:3a:62:79:d1:78:ce:bf:6c:0e:68:cf:e3:09:
82:56:4f:e2:f7:c8:70:38:01:53:34:d6:14:2c:1c:
29:ef:7b:bf:99:51:b6:22:ad:b4:c0:a0:e5:a0:7a:
bd:b9:e9:c6:f3:4b:1d:1b:35:b7:65:e6:f4:6a:5b:
c8:ae:6d:55:69:b6:67:59:6d:2e:3f:2e:92:34:27:
76:1f:b7:4d:87:da:4a:61:cd:f3:00:fe:f3:25:59:
e8:81:ff:04:ff:58:a6:f5:4f:8e:a9:dd:06:e4:52:
76:6a:e9:f8:a2:60:9c:aa:c5:2e:b7:6b:2b:e1:fb:
06:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F0:46:DB:11:02:77:31:D3:56:CE:B8:D5:7D:E0:A8:FC:D1:D5:46
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/pvBG2xECdzHTVs641X3gqPzR1UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.114.64.0/24
Signature Algorithm: sha256WithRSAEncryption
85:8d:2b:fa:f5:86:ef:2b:c1:74:43:38:b6:04:b6:5c:60:10:
5e:8c:20:db:c6:86:fa:ea:cc:92:26:98:f4:23:94:ed:b8:7e:
f4:d3:9a:5d:cf:ad:40:40:9f:21:40:85:76:28:53:3b:eb:97:
0b:4f:12:f9:2d:12:d1:9c:23:0c:be:95:32:12:63:23:43:71:
ab:48:a7:20:89:1a:6d:03:90:f8:cc:25:ee:b6:57:2d:56:f5:
8f:5b:bb:34:0b:2d:24:0e:b1:0f:65:4f:8e:df:42:b9:53:6e:
cb:f2:b9:43:a8:63:e6:76:28:8d:f4:a8:3b:b2:2d:39:08:b6:
fc:a7:f7:66:44:54:a3:b5:fc:5b:32:b8:89:2a:36:0b:5d:05:
ca:ed:33:7c:a7:e0:4a:af:0a:b0:41:ed:cd:69:ec:c7:53:cc:
51:df:a2:2b:de:85:cd:07:fc:d8:62:03:e7:33:d2:aa:0f:52:
82:46:6b:46:07:7b:84:40:99:e4:db:0f:9c:34:39:ea:80:31:
05:8d:5c:f0:a5:ac:12:0e:9d:46:01:67:8e:ca:8b:ac:2a:37:
70:65:45:ca:15:15:42:ba:8c:5c:64:79:33:6d:b0:dd:d7:c1:
a7:02:40:19:ca:62:17:28:d8:57:32:ef:4b:ab:4c:67:97:96:
4d:e7:91:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma/b7Z0e6fWmsC6+KheVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjUwMTAyMDk0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmYwNDZkYjExMDI3NzMxZDM1NmNlYjhkNTdkZTBhOGZjZDFkNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG6/HZFNyu3pUXOTwMKjFxEUdlwX
C5/sPJv+Jb75HnFreP17nMAIZkyTPHt2a2kXIFvmsEMWHsrRqxgytdYPrVbdmBhh
3tA4JHvQaB4DA12Jh10nITmGL7UQfwFnvr4FobUIJXXSoPmcQwGOVOFsk0N/DK26
CtMO7N/61mVTDrLaEifCHLZzNTpiedF4zr9sDmjP4wmCVk/i98hwOAFTNNYULBwp
73u/mVG2Iq20wKDloHq9uenG80sdGzW3Zeb0alvIrm1VabZnWW0uPy6SNCd2H7dN
h9pKYc3zAP7zJVnogf8E/1im9U+Oqd0G5FJ2aun4omCcqsUut2sr4fsGuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKbwRtsRAncx01bOuNV94Kj80dVGMB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvcHZCRzJ4RUNkekhUVnM2NDFYM2dxUHpSMVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHJAMA0G
CSqGSIb3DQEBCwUAA4IBAQCFjSv69YbvK8F0Qzi2BLZcYBBejCDbxob66sySJpj0
I5TtuH7005pdz61AQJ8hQIV2KFM765cLTxL5LRLRnCMMvpUyEmMjQ3GrSKcgiRpt
A5D4zCXutlctVvWPW7s0Cy0kDrEPZU+O30K5U27L8rlDqGPmdiiN9Kg7si05CLb8
p/dmRFSjtfxbMriJKjYLXQXK7TN8p+BKrwqwQe3NaezHU8xR36Ir3oXNB/zYYgPn
M9KqD1KCRmtGB3uEQJnk2w+cNDnqgDEFjVzwpawSDp1GAWeOyousKjdwZUXKFRVC
uoxcZHkzbbDd18GnAkAZymIXKNhXMu9Lq0xnl5ZN55Hn
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:07:27 2025 by rpki-client