Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/pehnBB-B-wysgLV5x41--aRvVZU.roa
File: pehnBB-B-wysgLV5x41--aRvVZU.roa (raw, json)
Hash identifier: znIOUjgtTlPjJizZbJTREWW6ctyWS6FYMjde0/qvy2I=
Subject key identifier: A5:E8:67:04:1F:81:FB:0C:AC:80:B5:79:C7:8D:7E:F9:A4:6F:55:95
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 01942368CF638AAB4AEEE79B8DF812CA3E48
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/pehnBB-B-wysgLV5x41--aRvVZU.roa
Signing time: Wed 01 Jan 2025 19:47:38 +0000
ROA not before: Wed 01 Jan 2025 19:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202
IP address blocks: 91.205.116.0/22 maxlen: 24
109.234.0.0/21 maxlen: 24
185.148.224.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:cf:63:8a:ab:4a:ee:e7:9b:8d:f8:12:ca:3e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 1 19:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5e867041f81fb0cac80b579c78d7ef9a46f5595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fb:6f:1f:1e:30:56:8d:d3:09:1b:44:63:d2:
49:dc:48:3b:c4:86:98:c4:2e:df:e2:ea:67:f8:bd:
18:7b:bb:b6:62:51:e7:b5:3f:17:9c:b3:d9:6e:d3:
73:dd:79:f8:42:b6:e2:33:db:e6:02:af:1c:3d:4f:
4d:ab:6c:18:2b:b2:b8:61:66:b0:31:28:e5:85:e6:
43:1d:f6:12:99:f2:ef:28:1d:ed:83:73:08:e2:fe:
54:b1:f0:93:2d:27:5c:06:eb:6d:e7:31:ac:aa:78:
ba:55:78:62:cc:af:d2:37:9f:d3:2d:98:16:72:15:
1d:fc:2d:2f:0e:91:81:e0:65:72:ce:36:5c:51:96:
a0:c0:13:ae:0f:87:4d:bc:d8:bd:e4:59:d2:6d:71:
17:95:8e:c3:25:6e:36:a3:c6:be:a7:24:9a:e8:17:
37:e6:fe:ac:00:ae:d0:f9:ed:80:e6:3d:f7:19:33:
f4:1e:52:80:ae:ad:dc:f6:90:c6:71:37:f9:94:fe:
38:7c:21:36:f7:14:6d:3d:b6:95:87:4a:2e:08:38:
81:bb:d2:eb:9e:bd:3e:96:b7:3b:7e:7e:fb:11:27:
d7:f3:5e:3e:ed:a8:0e:95:20:34:e1:16:20:5b:c2:
e2:b7:13:43:2d:7b:1c:d6:f7:5c:62:0a:f3:a1:b7:
cb:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E8:67:04:1F:81:FB:0C:AC:80:B5:79:C7:8D:7E:F9:A4:6F:55:95
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/pehnBB-B-wysgLV5x41--aRvVZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200:1::/48
Signature Algorithm: sha256WithRSAEncryption
1d:5d:0e:14:53:4a:43:df:f5:9b:4c:03:8a:5f:b6:c5:53:0e:
2f:72:ea:2e:3e:0f:e8:02:ea:c1:36:d4:ed:88:28:35:80:e3:
c7:2f:07:4d:a0:db:43:69:a4:c8:02:c8:f5:bd:a3:48:39:6b:
58:9d:37:64:4b:5c:37:93:d5:3f:6e:32:7c:fc:33:e6:92:e9:
54:00:49:02:88:cb:7d:e2:3f:40:d0:95:84:bb:f3:7a:d3:d8:
e8:73:a4:ab:50:ef:58:67:43:42:32:d0:dc:ba:0f:f5:c1:cd:
fe:56:20:28:da:18:6b:5c:22:60:90:c0:06:4e:e0:5b:44:05:
ce:9d:bd:07:82:b3:e2:53:cd:90:5f:30:ef:00:f1:9b:47:0a:
fb:4d:a3:06:7f:b2:c1:bb:a6:a9:44:33:e5:09:71:60:5e:7c:
66:c7:1d:93:6d:1a:18:09:6d:d7:ed:87:23:b4:aa:fb:79:13:
7f:fe:ea:11:50:e2:52:0f:ce:d8:d6:0d:a9:80:9b:4d:72:13:
37:d7:e1:55:dc:57:fb:da:2b:53:07:d3:a2:37:9f:d6:6e:db:
b2:01:88:1f:04:d5:f6:5e:03:5f:3e:30:77:8e:dc:78:cf:22:
3d:e5:01:1d:76:ba:73:26:40:da:03:af:7b:69:e4:92:09:ca:
02:40:21:9b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQjaM9jiqtK7uebjfgSyj5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjUwMTAxMTk0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWU4NjcwNDFmODFmYjBjYWM4MGI1NzljNzhkN2VmOWE0NmY1NTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/tvHx4wVo3TCRtEY9JJ3Eg7xIaY
xC7f4upn+L0Ye7u2YlHntT8XnLPZbtNz3Xn4QrbiM9vmAq8cPU9Nq2wYK7K4YWaw
MSjlheZDHfYSmfLvKB3tg3MI4v5UsfCTLSdcButt5zGsqni6VXhizK/SN5/TLZgW
chUd/C0vDpGB4GVyzjZcUZagwBOuD4dNvNi95FnSbXEXlY7DJW42o8a+pySa6Bc3
5v6sAK7Q+e2A5j33GTP0HlKArq3c9pDGcTf5lP44fCE29xRtPbaVh0ouCDiBu9Lr
nr0+lrc7fn77ESfX814+7agOlSA04RYgW8LitxNDLXsc1vdcYgrzobfLnwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKXoZwQfgfsMrIC1eceNfvmkb1WVMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvcGVobkJCLUItd3lzZ0xWNXg0MS0tYVJ2VlpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA8EAgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAB1dDhRTSkPf9ZtMA4pftsVTDi9y6i4+D+gC6sE21O2IKDWA48cvB02g20Np
pMgCyPW9o0g5a1idN2RLXDeT1T9uMnz8M+aS6VQASQKIy33iP0DQlYS783rT2Ohz
pKtQ71hnQ0Iy0Ny6D/XBzf5WICjaGGtcImCQwAZO4FtEBc6dvQeCs+JTzZBfMO8A
8ZtHCvtNowZ/ssG7pqlEM+UJcWBefGbHHZNtGhgJbdfthyO0qvt5E3/+6hFQ4lIP
ztjWDamAm01yEzfX4VXcV/vaK1MH06I3n9Zu27IBiB8E1fZeA18+MHeO3HjPIj3l
AR12unMmQNoDr3tp5JIJygJAIZs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:02:16 2025 by rpki-client