Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c43a75-a326-4c6d-87ca-817d84e53d53/1/pchvFEtf54PSSiTi01p5PApQHUQ.roa
File: pchvFEtf54PSSiTi01p5PApQHUQ.roa (raw, json)
Hash identifier: LNaFLGgXExgOKyuOXBO2LPMxZGv4i1837UIKdLVtZOA=
Subject key identifier: A5:C8:6F:14:4B:5F:E7:83:D2:4A:24:E2:D3:5A:79:3C:0A:50:1D:44
Certificate issuer: /CN=9e0374d71bc57db96dc393e91febb9e9d59fef9a
Certificate serial: 0194258FC82D5300985C4484A1BA660D2AED
Authority key identifier: 9E:03:74:D7:1B:C5:7D:B9:6D:C3:93:E9:1F:EB:B9:E9:D5:9F:EF:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ngN01xvFfbltw5PpH-u56dWf75o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c43a75-a326-4c6d-87ca-817d84e53d53/1/pchvFEtf54PSSiTi01p5PApQHUQ.roa
Signing time: Thu 02 Jan 2025 05:49:27 +0000
ROA not before: Thu 02 Jan 2025 05:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.97.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:c8:2d:53:00:98:5c:44:84:a1:ba:66:0d:2a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e0374d71bc57db96dc393e91febb9e9d59fef9a
Validity
Not Before: Jan 2 05:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5c86f144b5fe783d24a24e2d35a793c0a501d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d8:08:62:54:b1:cd:2c:db:22:4a:58:d2:8b:
91:70:4f:ae:2a:d9:85:9b:83:32:2a:25:3b:29:f0:
9a:c5:6b:cf:6e:92:3c:92:e1:7c:3d:4c:da:aa:6e:
c3:df:d0:81:01:27:f5:ba:e6:7b:09:65:1d:30:bd:
0d:5f:01:eb:a0:d3:f1:ba:1f:02:ee:fc:7a:b6:66:
6a:1b:df:54:ac:7f:97:48:a6:03:a0:0e:21:54:1c:
82:f5:58:ba:7d:78:5e:75:aa:c2:7f:63:75:c3:8c:
08:45:70:7f:07:79:15:84:1f:78:2e:7d:8f:62:d2:
2d:69:8a:8a:43:31:8f:98:0f:60:37:4f:a0:8c:3f:
1b:11:c5:72:bb:01:06:f4:36:ed:00:a3:32:e3:65:
e2:a5:88:b0:77:d1:77:42:4a:cb:5f:55:c5:7f:19:
33:25:8e:c7:bf:15:25:39:63:52:db:f4:96:df:1d:
8c:0d:cd:02:c7:8d:b9:28:73:93:24:c3:11:29:4e:
cd:98:31:62:e7:1b:9c:a8:73:8a:5a:1c:20:f3:fb:
f0:3b:65:b8:df:a8:7c:d2:60:96:08:10:21:42:52:
46:ef:23:35:e9:bd:23:c1:db:e5:b5:4f:d3:6d:94:
c3:77:c4:14:c4:73:63:99:ed:bc:ac:38:f0:d0:3e:
c5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C8:6F:14:4B:5F:E7:83:D2:4A:24:E2:D3:5A:79:3C:0A:50:1D:44
X509v3 Authority Key Identifier:
keyid:9E:03:74:D7:1B:C5:7D:B9:6D:C3:93:E9:1F:EB:B9:E9:D5:9F:EF:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ngN01xvFfbltw5PpH-u56dWf75o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c43a75-a326-4c6d-87ca-817d84e53d53/1/pchvFEtf54PSSiTi01p5PApQHUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c43a75-a326-4c6d-87ca-817d84e53d53/1/ngN01xvFfbltw5PpH-u56dWf75o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.10.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:f3:45:b4:95:ec:4c:1d:8d:ac:59:95:1f:1f:59:13:5b:ec:
06:2c:68:3e:43:ed:71:ff:92:ac:ce:61:e4:a7:23:46:18:53:
6c:e8:84:ef:4a:e1:e3:a5:b1:4c:d7:0d:c1:bf:cd:33:09:18:
21:2c:a0:0f:fa:7c:63:db:a0:7e:43:a5:8e:f6:15:62:71:b4:
c1:62:3b:d1:7d:d4:a7:42:19:bf:7f:da:66:99:71:d5:96:b0:
2a:43:4b:a0:9b:4f:af:d1:89:bc:cb:c7:36:24:07:de:b0:fa:
df:f5:ab:c7:6a:37:be:bb:65:5d:fe:ab:46:de:3a:25:92:bf:
a6:93:8c:ca:14:b7:76:68:3a:c6:10:52:41:29:f2:f9:09:10:
8c:f8:65:60:36:6c:00:75:35:00:26:28:5b:2d:6e:76:41:71:
b3:35:0b:63:77:10:ba:c6:58:7d:89:9c:63:48:07:92:95:ef:
aa:a4:94:bf:30:06:50:46:cf:68:70:af:8c:5a:66:2d:ae:9a:
b6:cd:1d:fc:59:bb:9b:ee:c1:8a:6e:dc:39:e6:19:52:10:f0:
5f:c5:d7:bf:6a:66:14:0b:f9:de:a6:10:3f:ca:27:6f:62:a2:
cc:ea:2c:11:87:4c:d5:96:c8:02:34:2e:21:1e:b0:98:15:4f:
12:ce:27:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj8gtUwCYXESEobpmDSrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMDM3NGQ3MWJjNTdkYjk2ZGMzOTNlOTFmZWJiOWU5ZDU5
ZmVmOWEwHhcNMjUwMTAyMDU0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWM4NmYxNDRiNWZlNzgzZDI0YTI0ZTJkMzVhNzkzYzBhNTAxZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtgIYlSxzSzbIkpY0ouRcE+uKtmF
m4MyKiU7KfCaxWvPbpI8kuF8PUzaqm7D39CBASf1uuZ7CWUdML0NXwHroNPxuh8C
7vx6tmZqG99UrH+XSKYDoA4hVByC9Vi6fXhedarCf2N1w4wIRXB/B3kVhB94Ln2P
YtItaYqKQzGPmA9gN0+gjD8bEcVyuwEG9DbtAKMy42XipYiwd9F3QkrLX1XFfxkz
JY7HvxUlOWNS2/SW3x2MDc0Cx425KHOTJMMRKU7NmDFi5xucqHOKWhwg8/vwO2W4
36h80mCWCBAhQlJG7yM16b0jwdvltU/TbZTDd8QUxHNjme28rDjw0D7F9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXIbxRLX+eD0kok4tNaeTwKUB1EMB8GA1UdIwQY
MBaAFJ4DdNcbxX25bcOT6R/ruenVn++aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmdOMDF4dkZmYmx0dzVQcEgtdTU2ZFdmNzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jNDNhNzUtYTMyNi00YzZkLTg3Y2Et
ODE3ZDg0ZTUzZDUzLzEvcGNodkZFdGY1NFBTU2lUaTAxcDVQQXBRSFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jNDNhNzUtYTMyNi00YzZkLTg3Y2EtODE3ZDg0ZTUzZDUz
LzEvbmdOMDF4dkZmYmx0dzVQcEgtdTU2ZFdmNzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWEKMA0G
CSqGSIb3DQEBCwUAA4IBAQBP80W0lexMHY2sWZUfH1kTW+wGLGg+Q+1x/5KszmHk
pyNGGFNs6ITvSuHjpbFM1w3Bv80zCRghLKAP+nxj26B+Q6WO9hVicbTBYjvRfdSn
Qhm/f9pmmXHVlrAqQ0ugm0+v0Ym8y8c2JAfesPrf9avHaje+u2Vd/qtG3jolkr+m
k4zKFLd2aDrGEFJBKfL5CRCM+GVgNmwAdTUAJihbLW52QXGzNQtjdxC6xlh9iZxj
SAeSle+qpJS/MAZQRs9ocK+MWmYtrpq2zR38Wbub7sGKbtw55hlSEPBfxde/amYU
C/nephA/yidvYqLM6iwRh0zVlsgCNC4hHrCYFU8Szicz
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:50:15 2025 by rpki-client