Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/plPtMFM7MQOlVsjcu0WYbmT2KW0.roa
File: plPtMFM7MQOlVsjcu0WYbmT2KW0.roa (raw, json)
Hash identifier: ZoQkvASmx4YzUOHV7U2q24wb5ZJiI+DZZjaqIRio48A=
Subject key identifier: A6:53:ED:30:53:3B:31:03:A5:56:C8:DC:BB:45:98:6E:64:F6:29:6D
Certificate issuer: /CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Certificate serial: 01867F8FD2E8552C985EC311F4D587B23F09
Authority key identifier: 35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/plPtMFM7MQOlVsjcu0WYbmT2KW0.roa
Signing time: Thu 23 Feb 2023 18:36:17 +0000
ROA not before: Thu 23 Feb 2023 18:36:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 79.139.52.0/22 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
83.142.200.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7f:8f:d2:e8:55:2c:98:5e:c3:11:f4:d5:87:b2:3f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35c96065093998ba42cfba11bf0d17d3ac403d40
Validity
Not Before: Feb 23 18:36:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a653ed30533b3103a556c8dcbb45986e64f6296d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ae:89:43:0e:e4:7e:29:0c:34:cb:2b:dc:41:
68:ba:e4:9e:9f:42:fe:86:7a:e4:57:53:f5:86:d6:
38:99:8d:b2:d4:dd:82:d1:1d:b3:6b:37:64:83:d7:
8d:17:dd:a8:e2:ff:72:e2:d2:28:7b:7c:4c:2b:96:
a2:91:ed:85:e3:1b:4c:76:51:75:5d:b2:88:7a:b8:
ea:c2:99:ae:88:cd:6e:3f:73:99:27:3a:b3:50:0b:
10:34:68:b1:aa:46:06:77:6f:bb:c1:f4:63:4c:1e:
1b:38:d4:22:3a:91:7c:d9:40:a9:97:c5:17:48:cc:
a8:ef:93:a6:f5:3b:7c:b5:e0:d6:9f:0f:b6:b0:0f:
4b:c8:8a:7e:4a:96:7b:44:cc:93:9a:76:c6:40:19:
19:f4:a8:7d:64:4b:d8:ab:bf:c5:7e:46:fa:02:43:
4b:ea:57:94:ec:b0:4b:cc:76:4e:96:e3:ed:53:92:
79:5e:97:f9:bc:e9:43:47:8d:95:0b:9f:22:b2:e9:
27:58:e4:1a:7c:de:9d:a7:b5:49:42:d3:cc:cc:92:
33:6e:08:be:38:c8:14:a7:7f:a5:b1:c7:c1:98:6e:
d0:24:5c:cc:b8:a5:f1:9f:ef:03:18:b1:55:35:fe:
8e:17:fd:0d:a1:ec:44:12:27:da:36:9f:58:f7:43:
59:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:53:ED:30:53:3B:31:03:A5:56:C8:DC:BB:45:98:6E:64:F6:29:6D
X509v3 Authority Key Identifier:
keyid:35:C9:60:65:09:39:98:BA:42:CF:BA:11:BF:0D:17:D3:AC:40:3D:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NclgZQk5mLpCz7oRvw0X06xAPUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/plPtMFM7MQOlVsjcu0WYbmT2KW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/62764b-9aa6-4f12-a71c-6bac34987019/1/NclgZQk5mLpCz7oRvw0X06xAPUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.139.52.0/22
83.142.200.0/21
95.178.8.0/21
116.50.16.0/21
Signature Algorithm: sha256WithRSAEncryption
7e:f9:48:d3:3a:7f:00:fc:56:aa:a1:83:21:76:db:a7:c6:7e:
b0:b2:ee:14:e6:70:b6:4c:c8:e1:b7:8b:e3:ea:db:f9:99:95:
ca:ba:c5:a7:e7:44:7e:d3:0b:b4:f5:a1:86:75:fb:fb:ea:e0:
46:65:f1:42:28:79:61:43:55:6e:9a:a0:95:e4:10:07:c0:57:
58:5e:a2:e3:c1:9b:c6:d0:97:24:b2:71:6d:1c:33:3c:42:a3:
68:cb:c8:38:86:5f:0b:76:50:39:df:b9:05:22:c5:bf:66:02:
4f:70:38:3c:5b:23:45:2b:47:a8:dd:4f:71:5f:ca:b4:ad:8d:
35:61:b2:ed:c6:8c:5d:7c:74:81:16:5a:ab:1e:50:22:88:5b:
7f:09:6c:cf:77:b9:53:42:d1:fe:04:c8:fd:d2:fd:04:b6:3f:
e6:fc:76:93:e7:bf:f2:42:72:e1:2a:8f:ef:04:85:3e:6e:38:
56:3d:cb:cd:9a:89:c2:2b:16:79:f3:31:91:26:cc:49:1d:96:
7b:fa:c7:3b:ea:d9:0a:e8:02:d8:3d:6e:8a:d3:53:b5:46:86:
49:55:9a:32:ff:1d:de:32:5f:9c:27:c9:3a:3a:bb:46:8e:5a:
8a:88:ca:28:98:93:96:78:ff:63:93:07:e5:01:f7:e8:8c:d2:
d5:c6:2d:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZ/j9LoVSyYXsMR9NWHsj8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1Yzk2MDY1MDkzOTk4YmE0MmNmYmExMWJmMGQxN2QzYWM0
MDNkNDAwHhcNMjMwMjIzMTgzNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjUzZWQzMDUzM2IzMTAzYTU1NmM4ZGNiYjQ1OTg2ZTY0ZjYyOTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK6JQw7kfikMNMsr3EFouuSen0L+
hnrkV1P1htY4mY2y1N2C0R2zazdkg9eNF92o4v9y4tIoe3xMK5aike2F4xtMdlF1
XbKIerjqwpmuiM1uP3OZJzqzUAsQNGixqkYGd2+7wfRjTB4bONQiOpF82UCpl8UX
SMyo75Om9Tt8teDWnw+2sA9LyIp+SpZ7RMyTmnbGQBkZ9Kh9ZEvYq7/Ffkb6AkNL
6leU7LBLzHZOluPtU5J5Xpf5vOlDR42VC58isuknWOQafN6dp7VJQtPMzJIzbgi+
OMgUp3+lscfBmG7QJFzMuKXxn+8DGLFVNf6OF/0NoexEEifaNp9Y90NZuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKZT7TBTOzEDpVbI3LtFmG5k9iltMB8GA1UdIwQY
MBaAFDXJYGUJOZi6Qs+6Eb8NF9OsQD1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMt
NmJhYzM0OTg3MDE5LzEvcGxQdE1GTTdNUU9sVnNqY3UwV1libVQyS1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82Mjc2NGItOWFhNi00ZjEyLWE3MWMtNmJhYzM0OTg3MDE5
LzEvTmNsZ1pRazVtTHBDejdvUnZ3MFgwNnhBUFVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCT4s0AwQD
U47IAwQDX7IIAwQDdDIQMA0GCSqGSIb3DQEBCwUAA4IBAQB++UjTOn8A/FaqoYMh
dtunxn6wsu4U5nC2TMjht4vj6tv5mZXKusWn50R+0wu09aGGdfv76uBGZfFCKHlh
Q1VumqCV5BAHwFdYXqLjwZvG0JcksnFtHDM8QqNoy8g4hl8LdlA537kFIsW/ZgJP
cDg8WyNFK0eo3U9xX8q0rY01YbLtxoxdfHSBFlqrHlAiiFt/CWzPd7lTQtH+BMj9
0v0Etj/m/HaT57/yQnLhKo/vBIU+bjhWPcvNmonCKxZ58zGRJsxJHZZ7+sc76tkK
6ALYPW6K01O1RoZJVZoy/x3eMl+cJ8k6OrtGjlqKiMoomJOWeP9jkwflAffojNLV
xi1T
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:40:50 2025 by rpki-client