Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/PJqvfoxrY9TUKPALlbiy9-3SaoY.roa
File: PJqvfoxrY9TUKPALlbiy9-3SaoY.roa (raw, json)
Hash identifier: l5k8yFsvgSxq4Nc3aWgjyjmVIoDadK6iTCXVVsTX2RE=
Subject key identifier: 3C:9A:AF:7E:8C:6B:63:D4:D4:28:F0:0B:95:B8:B2:F7:ED:D2:6A:86
Certificate issuer: /CN=4b25df8620374243e3c5eab25550af24e0eff48c
Certificate serial: 018CC501541389AC992B596EB5FE85BEE571
Authority key identifier: 4B:25:DF:86:20:37:42:43:E3:C5:EA:B2:55:50:AF:24:E0:EF:F4:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SyXfhiA3QkPjxeqyVVCvJODv9Iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/PJqvfoxrY9TUKPALlbiy9-3SaoY.roa
Signing time: Mon 01 Jan 2024 12:30:47 +0000
ROA not before: Mon 01 Jan 2024 12:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43279
IP address blocks: 185.208.232.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:54:13:89:ac:99:2b:59:6e:b5:fe:85:be:e5:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b25df8620374243e3c5eab25550af24e0eff48c
Validity
Not Before: Jan 1 12:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c9aaf7e8c6b63d4d428f00b95b8b2f7edd26a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2e:63:b2:8b:00:68:c3:c1:39:4a:df:cc:ae:
c4:22:e2:c5:ad:2e:5e:7a:d6:55:2a:4e:e8:d8:99:
11:af:8f:8d:5c:91:25:3a:e8:2a:23:60:da:bc:73:
0c:bd:48:90:21:02:18:fe:7a:ef:4c:cb:56:f3:4c:
2e:e8:8d:1a:ec:a0:b3:3a:76:f2:66:c2:c2:75:fc:
61:d3:35:01:5d:c6:93:54:c7:05:69:a9:92:fd:c2:
73:3b:8f:f0:31:75:2a:ae:a3:5d:e2:13:b5:b0:1a:
64:33:09:b4:65:2b:76:2d:9e:b3:fe:39:03:89:ed:
6b:34:a5:e9:eb:01:24:bd:e0:6c:9f:b6:1e:e6:fa:
27:37:90:b4:5a:fb:bc:c0:ee:26:73:24:02:10:b3:
3d:39:98:72:02:a4:ba:94:c8:b1:f7:4a:03:39:5b:
80:07:00:78:fd:3a:8f:7c:a5:19:ef:44:a3:db:eb:
6c:18:6c:4c:9d:d6:dc:46:8c:b5:ff:de:e2:7c:ee:
72:b8:18:ff:6c:4e:9f:87:a8:aa:2d:21:ff:0f:d2:
db:4c:16:f5:2d:be:b6:31:42:32:84:48:65:ae:14:
6c:ad:f2:75:9e:43:96:eb:ec:00:4d:5e:40:9c:e0:
d8:5c:e6:e3:4c:36:a3:82:03:3d:42:d8:e9:a0:2f:
05:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9A:AF:7E:8C:6B:63:D4:D4:28:F0:0B:95:B8:B2:F7:ED:D2:6A:86
X509v3 Authority Key Identifier:
keyid:4B:25:DF:86:20:37:42:43:E3:C5:EA:B2:55:50:AF:24:E0:EF:F4:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SyXfhiA3QkPjxeqyVVCvJODv9Iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/PJqvfoxrY9TUKPALlbiy9-3SaoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/a71248-a465-40d4-a2cf-a41b50aa272d/1/SyXfhiA3QkPjxeqyVVCvJODv9Iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.232.0/24
Signature Algorithm: sha256WithRSAEncryption
62:8c:f2:3e:cb:82:f1:30:c8:1e:a6:b3:0a:2c:52:59:35:1d:
fd:f3:51:ad:e7:c3:4e:21:02:34:cb:9e:f8:d3:63:18:d3:4a:
92:e6:4a:8c:dc:e4:75:4d:fa:76:e1:00:5a:2f:a4:4f:31:d5:
47:d7:8b:14:0f:65:e6:cc:6f:12:11:1b:49:cb:4b:8c:c6:95:
aa:d7:f7:02:bb:3b:86:f1:b2:69:06:25:4b:ea:a7:6f:e8:70:
33:d1:64:85:29:a6:f5:04:ca:3c:cf:af:25:bf:71:d2:60:93:
b5:88:83:ec:64:c2:37:87:c8:df:91:24:52:77:26:93:3e:fd:
80:47:06:c3:a1:dd:b3:58:a4:b0:9f:75:ca:80:81:1c:92:7c:
be:8a:57:5e:fc:f5:f0:d9:95:f3:ba:f5:4e:be:ab:47:99:c5:
c6:1d:79:f0:67:6c:87:69:70:39:a4:dc:84:ed:6f:a3:31:9c:
a2:19:2d:bc:9d:f7:15:5f:95:58:0f:a0:76:8b:10:01:78:cd:
ac:79:e6:86:6d:20:44:0a:f4:a5:08:f3:a1:18:66:de:e7:90:
e3:be:1a:87:b7:c3:e5:60:d6:16:94:85:39:0f:8e:d8:65:cc:
f8:21:5b:2b:c9:01:8f:a6:88:dd:b3:bc:e8:b5:45:1b:e6:61:
57:db:c1:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAVQTiayZK1lutf6FvuVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiMjVkZjg2MjAzNzQyNDNlM2M1ZWFiMjU1NTBhZjI0ZTBl
ZmY0OGMwHhcNMjQwMTAxMTIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzlhYWY3ZThjNmI2M2Q0ZDQyOGYwMGI5NWI4YjJmN2VkZDI2YTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS5jsosAaMPBOUrfzK7EIuLFrS5e
etZVKk7o2JkRr4+NXJElOugqI2DavHMMvUiQIQIY/nrvTMtW80wu6I0a7KCzOnby
ZsLCdfxh0zUBXcaTVMcFaamS/cJzO4/wMXUqrqNd4hO1sBpkMwm0ZSt2LZ6z/jkD
ie1rNKXp6wEkveBsn7Ye5vonN5C0Wvu8wO4mcyQCELM9OZhyAqS6lMix90oDOVuA
BwB4/TqPfKUZ70Sj2+tsGGxMndbcRoy1/97ifO5yuBj/bE6fh6iqLSH/D9LbTBb1
Lb62MUIyhEhlrhRsrfJ1nkOW6+wATV5AnODYXObjTDajggM9QtjpoC8FlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyar36Ma2PU1CjwC5W4svft0mqGMB8GA1UdIwQY
MBaAFEsl34YgN0JD48XqslVQryTg7/SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3lYZmhpQTNRa1BqeGVxeVZWQ3ZKT0R2OUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9hNzEyNDgtYTQ2NS00MGQ0LWEyY2Yt
YTQxYjUwYWEyNzJkLzEvUEpxdmZveHJZOVRVS1BBTGxiaXk5LTNTYW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9hNzEyNDgtYTQ2NS00MGQ0LWEyY2YtYTQxYjUwYWEyNzJk
LzEvU3lYZmhpQTNRa1BqeGVxeVZWQ3ZKT0R2OUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudDoMA0G
CSqGSIb3DQEBCwUAA4IBAQBijPI+y4LxMMgeprMKLFJZNR3981Gt58NOIQI0y574
02MY00qS5kqM3OR1Tfp24QBaL6RPMdVH14sUD2XmzG8SERtJy0uMxpWq1/cCuzuG
8bJpBiVL6qdv6HAz0WSFKab1BMo8z68lv3HSYJO1iIPsZMI3h8jfkSRSdyaTPv2A
RwbDod2zWKSwn3XKgIEckny+ilde/PXw2ZXzuvVOvqtHmcXGHXnwZ2yHaXA5pNyE
7W+jMZyiGS28nfcVX5VYD6B2ixABeM2seeaGbSBECvSlCPOhGGbe55DjvhqHt8Pl
YNYWlIU5D47YZcz4IVsryQGPpojds7zotUUb5mFX28G6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:22 2025 by rpki-client