Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/PJNkvoIOu0Kv2nvZWV9wyx_8ewY.roa
File: PJNkvoIOu0Kv2nvZWV9wyx_8ewY.roa (raw, json)
Hash identifier: uqJwiHd5XAbFvhtDeQuLqT6knQKlA+d9tJpxF6BtBb0=
Subject key identifier: 3C:93:64:BE:82:0E:BB:42:AF:DA:7B:D9:59:5F:70:CB:1F:FC:7B:06
Certificate issuer: /CN=390b67368c91b85e84888c5ed2e824d1390810bb
Certificate serial: 018571DE91867848F86EDBC208ECA138F528
Authority key identifier: 39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/PJNkvoIOu0Kv2nvZWV9wyx_8ewY.roa
Signing time: Mon 02 Jan 2023 09:44:49 +0000
ROA not before: Mon 02 Jan 2023 09:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 193.109.197.0/24 maxlen: 24
193.109.198.0/24 maxlen: 24
85.158.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:91:86:78:48:f8:6e:db:c2:08:ec:a1:38:f5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=390b67368c91b85e84888c5ed2e824d1390810bb
Validity
Not Before: Jan 2 09:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c9364be820ebb42afda7bd9595f70cb1ffc7b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ed:79:c9:4a:e0:62:5c:a3:c7:38:c2:1f:52:
43:91:d6:b5:52:91:68:bf:84:87:1c:fc:6d:54:06:
52:95:61:b5:ce:8c:f8:17:8a:91:86:e5:cf:e5:40:
d9:b6:57:a8:ce:7a:ea:e1:bf:2e:f2:34:a4:e1:5b:
d6:0b:a5:56:9e:b8:9f:e3:4e:80:f6:e6:67:3e:bd:
53:31:a5:9b:8a:47:e1:8b:87:d0:99:06:58:0a:c2:
d6:c5:d6:28:c0:1a:ab:72:b9:1e:34:00:cf:8b:f7:
e0:f0:f9:94:38:f3:b9:25:34:d9:39:0c:ef:91:59:
9b:73:44:86:18:68:20:84:d9:f7:25:33:31:3c:d2:
bb:cc:31:c3:c0:18:69:fc:ed:83:26:54:63:42:e0:
19:17:c6:e4:7f:c6:38:15:58:2a:a5:0d:9d:c8:92:
89:ae:5e:c4:d5:a5:00:be:06:f5:72:4c:33:38:15:
5d:02:cd:6a:11:8c:fb:89:01:8b:29:b2:a2:c9:40:
b8:c6:8e:22:d4:60:5b:af:53:60:b9:9c:0b:6a:d5:
36:c8:b7:d7:54:2c:dc:b2:af:fd:3d:93:f7:fc:5f:
fb:da:6d:47:9d:b4:4f:96:de:80:56:03:90:f2:c9:
bf:ab:88:a0:14:ec:4b:90:b4:0a:d7:50:30:d9:0f:
6f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:93:64:BE:82:0E:BB:42:AF:DA:7B:D9:59:5F:70:CB:1F:FC:7B:06
X509v3 Authority Key Identifier:
keyid:39:0B:67:36:8C:91:B8:5E:84:88:8C:5E:D2:E8:24:D1:39:08:10:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQtnNoyRuF6EiIxe0ugk0TkIELs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/PJNkvoIOu0Kv2nvZWV9wyx_8ewY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/16cce4-e981-4be5-b9f6-5c9d62629c86/1/OQtnNoyRuF6EiIxe0ugk0TkIELs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.63.0/24
193.109.197.0-193.109.198.255
Signature Algorithm: sha256WithRSAEncryption
aa:df:cc:78:35:58:e6:f1:2c:8e:3c:5b:65:e3:8f:64:3d:b8:
bb:49:22:5a:b3:e0:d1:dd:c2:92:9c:c3:a9:d1:da:60:ff:6d:
0c:12:29:2c:10:90:79:87:01:76:e6:0f:e9:01:7c:39:eb:df:
85:96:4a:b5:87:82:99:78:89:37:96:21:35:0a:b5:13:5a:b6:
af:76:54:46:6a:3e:01:4c:1c:5d:4f:a5:63:96:98:fc:6a:84:
35:f9:bb:84:c7:1a:07:c7:12:e1:ac:53:95:33:6e:27:27:3e:
b0:9a:e1:e1:bb:25:ab:c7:32:f3:39:03:13:67:10:58:51:7e:
3b:ab:b1:99:35:2a:e4:03:5c:e4:80:a9:b2:22:58:15:ef:64:
c9:4d:e5:ba:de:ba:2b:bc:bb:40:ad:39:d7:ae:1b:57:0f:2c:
44:a0:bf:9f:07:65:b3:cd:c0:d8:f0:0a:95:c1:ec:e5:49:e9:
04:0d:46:b2:08:8b:72:e7:a3:25:02:44:19:d2:04:a9:50:7e:
af:95:02:2f:de:a8:86:e9:b7:2e:0a:8c:ec:1c:40:cb:13:ed:
2e:dd:1f:b2:23:be:94:3a:f1:16:60:af:c9:be:7e:12:aa:b8:
1c:13:ef:24:1a:32:14:90:4d:ed:10:e6:e8:8c:49:d8:1a:7c:
fa:72:64:ae
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVx3pGGeEj4btvCCOyhOPUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MGI2NzM2OGM5MWI4NWU4NDg4OGM1ZWQyZTgyNGQxMzkw
ODEwYmIwHhcNMjMwMTAyMDk0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzkzNjRiZTgyMGViYjQyYWZkYTdiZDk1OTVmNzBjYjFmZmM3YjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte15yUrgYlyjxzjCH1JDkda1UpFo
v4SHHPxtVAZSlWG1zoz4F4qRhuXP5UDZtleoznrq4b8u8jSk4VvWC6VWnrif406A
9uZnPr1TMaWbikfhi4fQmQZYCsLWxdYowBqrcrkeNADPi/fg8PmUOPO5JTTZOQzv
kVmbc0SGGGgghNn3JTMxPNK7zDHDwBhp/O2DJlRjQuAZF8bkf8Y4FVgqpQ2dyJKJ
rl7E1aUAvgb1ckwzOBVdAs1qEYz7iQGLKbKiyUC4xo4i1GBbr1NguZwLatU2yLfX
VCzcsq/9PZP3/F/72m1HnbRPlt6AVgOQ8sm/q4igFOxLkLQK11Aw2Q9vnQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDyTZL6CDrtCr9p72VlfcMsf/HsGMB8GA1UdIwQY
MBaAFDkLZzaMkbhehIiMXtLoJNE5CBC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYt
NWM5ZDYyNjI5Yzg2LzEvUEpOa3ZvSU91MEt2Mm52WldWOXd5eF84ZXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xNmNjZTQtZTk4MS00YmU1LWI5ZjYtNWM5ZDYyNjI5Yzg2
LzEvT1F0bk5veVJ1RjZFaUl4ZTB1Z2swVGtJRUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVZ4/MAwD
BADBbcUDBADBbcYwDQYJKoZIhvcNAQELBQADggEBAKrfzHg1WObxLI48W2Xjj2Q9
uLtJIlqz4NHdwpKcw6nR2mD/bQwSKSwQkHmHAXbmD+kBfDnr34WWSrWHgpl4iTeW
ITUKtRNatq92VEZqPgFMHF1PpWOWmPxqhDX5u4THGgfHEuGsU5UzbicnPrCa4eG7
JavHMvM5AxNnEFhRfjursZk1KuQDXOSAqbIiWBXvZMlN5breuiu8u0CtOdeuG1cP
LESgv58HZbPNwNjwCpXB7OVJ6QQNRrIIi3LnoyUCRBnSBKlQfq+VAi/eqIbpty4K
jOwcQMsT7S7dH7IjvpQ68RZgr8m+fhKquBwT7yQaMhSQTe0Q5uiMSdgafPpyZK4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:13 2025 by rpki-client