Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/pXbNNPwN94jiY7_-VrGgRRgnbvM.roa
File: pXbNNPwN94jiY7_-VrGgRRgnbvM.roa (raw, json)
Hash identifier: iGkJvRDhgHWubYW0daL/Fj7V8HneaI44eRUKNiVEAEM=
Subject key identifier: A5:76:CD:34:FC:0D:F7:88:E2:63:BF:FE:56:B1:A0:45:18:27:6E:F3
Certificate issuer: /CN=d283616f1362c25d82ec2a70c4b9750565b1197f
Certificate serial: 0194221FC25727E281B99D5C54A0FFD9EB0F
Authority key identifier: D2:83:61:6F:13:62:C2:5D:82:EC:2A:70:C4:B9:75:05:65:B1:19:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0oNhbxNiwl2C7CpwxLl1BWWxGX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/pXbNNPwN94jiY7_-VrGgRRgnbvM.roa
Signing time: Wed 01 Jan 2025 13:48:14 +0000
ROA not before: Wed 01 Jan 2025 13:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.54.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c2:57:27:e2:81:b9:9d:5c:54:a0:ff:d9:eb:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d283616f1362c25d82ec2a70c4b9750565b1197f
Validity
Not Before: Jan 1 13:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a576cd34fc0df788e263bffe56b1a04518276ef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3b:3b:80:0e:1d:43:43:40:93:ca:c3:2e:f9:
88:a7:c5:2a:b2:01:21:d7:9a:e8:ec:dc:98:18:26:
21:1f:3f:ae:92:72:f8:7a:6e:57:ad:cc:c7:2c:ea:
0a:7a:df:a0:5a:6d:84:d1:92:05:b8:26:d7:5d:2d:
d7:19:83:e2:ce:59:40:99:75:61:69:da:0c:e7:d6:
fd:a4:82:40:1d:12:ba:1d:8f:c3:88:85:65:de:c0:
0c:b1:7f:46:9a:81:0d:9e:90:b8:e3:ba:1f:a2:5e:
08:38:9c:ea:c6:e4:c7:3f:84:34:d2:c3:cc:3f:d5:
36:c6:27:da:cf:c2:a3:eb:db:51:f3:f7:7d:61:93:
57:d8:af:62:fb:34:96:92:04:0f:e3:b6:5c:c8:89:
f2:62:1c:7d:d6:ca:a9:51:da:d1:9e:67:91:fa:11:
2b:46:13:ac:0a:f3:33:90:da:5f:94:f8:9b:e3:f0:
60:fa:44:77:f3:72:20:31:71:75:bd:f3:8b:3e:8f:
04:a1:16:a4:ba:98:75:ca:69:6c:de:68:15:fd:a3:
70:59:fe:d7:6b:7b:70:9f:c3:ed:97:2a:ac:07:3d:
0f:73:21:70:17:a6:d2:64:57:84:61:33:5a:31:7e:
de:8d:98:8a:a9:ac:55:44:96:41:c6:5d:b5:69:49:
d7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:76:CD:34:FC:0D:F7:88:E2:63:BF:FE:56:B1:A0:45:18:27:6E:F3
X509v3 Authority Key Identifier:
keyid:D2:83:61:6F:13:62:C2:5D:82:EC:2A:70:C4:B9:75:05:65:B1:19:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0oNhbxNiwl2C7CpwxLl1BWWxGX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/pXbNNPwN94jiY7_-VrGgRRgnbvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2fbccc-64b6-4f66-8969-a6d27c431818/1/0oNhbxNiwl2C7CpwxLl1BWWxGX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.72.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:08:9e:81:36:3f:b2:b0:57:32:ed:5c:c6:93:3b:c5:01:ac:
e4:cd:52:4f:30:5c:7b:31:eb:35:fc:b5:4e:f3:25:8a:e0:9d:
e7:cb:f9:92:75:a3:61:a7:21:d1:e5:a9:89:98:e7:d5:06:3c:
d4:a4:15:aa:3f:6a:39:01:3c:07:85:84:08:65:76:d8:8c:14:
9c:ad:d6:7a:1e:41:8a:c6:45:a9:15:5c:6c:92:77:6a:f4:19:
70:cb:27:1f:96:56:32:b3:42:b0:12:ed:a3:57:2f:29:73:88:
fe:5b:94:e5:82:17:ab:4d:43:73:63:4b:e6:00:89:c5:a7:fb:
4b:26:8c:07:67:dd:cc:34:e7:30:d6:61:98:1d:90:cd:41:14:
03:4a:e1:2e:7d:cf:c2:fe:4e:0f:95:29:28:bd:03:2b:71:03:
6d:c6:2e:66:1e:38:cb:17:dd:62:e9:3c:7f:eb:6b:51:be:65:
89:c1:2a:1c:69:d4:ff:24:0b:bc:f7:7c:2d:3a:e4:54:8a:e5:
53:31:11:65:b0:41:af:47:84:b5:53:41:74:c6:d2:10:49:91:
bd:6b:22:a0:2c:69:ae:22:a9:08:16:9c:57:95:8c:a9:ff:47:
af:be:90:f4:78:8f:8f:9a:df:44:86:0c:51:5e:02:94:49:bd:
da:7a:e1:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH8JXJ+KBuZ1cVKD/2esPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyODM2MTZmMTM2MmMyNWQ4MmVjMmE3MGM0Yjk3NTA1NjVi
MTE5N2YwHhcNMjUwMTAxMTM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTc2Y2QzNGZjMGRmNzg4ZTI2M2JmZmU1NmIxYTA0NTE4Mjc2ZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTs7gA4dQ0NAk8rDLvmIp8UqsgEh
15ro7NyYGCYhHz+uknL4em5XrczHLOoKet+gWm2E0ZIFuCbXXS3XGYPizllAmXVh
adoM59b9pIJAHRK6HY/DiIVl3sAMsX9GmoENnpC447ofol4IOJzqxuTHP4Q00sPM
P9U2xifaz8Kj69tR8/d9YZNX2K9i+zSWkgQP47ZcyInyYhx91sqpUdrRnmeR+hEr
RhOsCvMzkNpflPib4/Bg+kR383IgMXF1vfOLPo8EoRakuph1ymls3mgV/aNwWf7X
a3twn8PtlyqsBz0PcyFwF6bSZFeEYTNaMX7ejZiKqaxVRJZBxl21aUnXcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKV2zTT8DfeI4mO//laxoEUYJ27zMB8GA1UdIwQY
MBaAFNKDYW8TYsJdguwqcMS5dQVlsRl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG9OaGJ4Tml3bDJDN0Nwd3hMbDFCV1d4R1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yZmJjY2MtNjRiNi00ZjY2LTg5Njkt
YTZkMjdjNDMxODE4LzEvcFhiTk5Qd045NGppWTdfLVZyR2dSUmduYnZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yZmJjY2MtNjRiNi00ZjY2LTg5NjktYTZkMjdjNDMxODE4
LzEvMG9OaGJ4Tml3bDJDN0Nwd3hMbDFCV1d4R1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTZIMA0G
CSqGSIb3DQEBCwUAA4IBAQAdCJ6BNj+ysFcy7VzGkzvFAazkzVJPMFx7Mes1/LVO
8yWK4J3ny/mSdaNhpyHR5amJmOfVBjzUpBWqP2o5ATwHhYQIZXbYjBScrdZ6HkGK
xkWpFVxskndq9BlwyycfllYys0KwEu2jVy8pc4j+W5TlgherTUNzY0vmAInFp/tL
JowHZ93MNOcw1mGYHZDNQRQDSuEufc/C/k4PlSkovQMrcQNtxi5mHjjLF91i6Tx/
62tRvmWJwSocadT/JAu893wtOuRUiuVTMRFlsEGvR4S1U0F0xtIQSZG9ayKgLGmu
IqkIFpxXlYyp/0evvpD0eI+Pmt9EhgxRXgKUSb3aeuEs
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:52:42 2025 by rpki-client