Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/PjmtWsqzWpwdCqhdWLqpp3bQd4Y.roa
File: PjmtWsqzWpwdCqhdWLqpp3bQd4Y.roa (raw, json)
Hash identifier: hvLpmbdiGhF3ZUFHdg7wveaO+dp5humZ7keUEHQHduw=
Subject key identifier: 3E:39:AD:5A:CA:B3:5A:9C:1D:0A:A8:5D:58:BA:A9:A7:76:D0:77:86
Certificate issuer: /CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Certificate serial: 018E55AB7B09765EBB80ABACA124A97CF33B
Authority key identifier: 3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/PjmtWsqzWpwdCqhdWLqpp3bQd4Y.roa
Signing time: Tue 19 Mar 2024 07:44:45 +0000
ROA not before: Tue 19 Mar 2024 07:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 91.217.219.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:55:ab:7b:09:76:5e:bb:80:ab:ac:a1:24:a9:7c:f3:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ebcb79ef58a1c98e151f60c51426f74eb1c3938
Validity
Not Before: Mar 19 07:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e39ad5acab35a9c1d0aa85d58baa9a776d07786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c9:35:a2:76:28:28:20:05:f3:e3:a9:11:ce:
4e:f6:18:1c:b5:fb:d1:37:aa:83:22:20:b0:5b:b2:
8e:ef:21:4f:34:78:f4:b6:85:eb:00:d8:38:1c:f9:
28:2d:7a:52:03:c7:96:e6:b3:45:3b:3b:57:55:8f:
ec:37:12:46:33:bd:f6:63:a4:65:0c:7a:65:fb:09:
4c:f6:8b:07:c6:e3:a0:a6:2a:a5:c4:b7:18:10:96:
55:05:69:20:41:84:52:7d:11:30:1d:dc:11:43:d3:
3e:81:17:f8:f8:44:94:3c:f4:f5:51:62:0c:56:6e:
70:87:e9:e9:3e:92:9f:c7:30:33:2f:b4:8a:7e:54:
8c:2e:5d:fc:79:ce:76:e8:89:89:5e:7d:10:de:f1:
fb:a1:87:cc:e6:6a:c4:f8:81:b3:d7:cf:ca:f8:7a:
d9:8f:7f:ce:95:6d:59:06:82:65:d8:29:f2:7e:a3:
af:72:05:6b:2c:ef:02:b2:42:01:27:96:3e:64:67:
51:3b:e1:06:25:1a:da:92:b0:90:b0:22:3d:32:70:
ae:68:36:28:0d:a2:ef:6f:8b:56:82:88:7b:34:a1:
cf:17:0d:51:04:7d:77:d8:7f:7e:30:2d:cc:a6:4b:
18:8a:88:1d:d1:d1:78:19:dc:4d:a3:b0:0e:0a:6b:
14:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:39:AD:5A:CA:B3:5A:9C:1D:0A:A8:5D:58:BA:A9:A7:76:D0:77:86
X509v3 Authority Key Identifier:
keyid:3E:BC:B7:9E:F5:8A:1C:98:E1:51:F6:0C:51:42:6F:74:EB:1C:39:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pry3nvWKHJjhUfYMUUJvdOscOTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/PjmtWsqzWpwdCqhdWLqpp3bQd4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/dd9ed1-02cd-4b35-a3b4-e9f79dfbd2e6/1/Pry3nvWKHJjhUfYMUUJvdOscOTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.219.0/24
Signature Algorithm: sha256WithRSAEncryption
84:e7:08:c8:ce:3e:13:b6:2d:1c:4a:16:95:fa:4f:f4:8c:5a:
47:fb:16:e9:0f:aa:83:dd:e4:13:f1:13:5f:6d:8a:83:f8:f5:
af:a4:0a:97:ac:56:c9:5d:53:08:1b:75:20:37:64:d8:eb:c4:
c5:94:d2:eb:12:fd:0b:af:8c:d4:9e:54:3b:16:bb:14:b1:d8:
13:ad:a9:4a:f3:f4:51:b1:b5:a5:48:48:7d:4d:7f:0c:b6:eb:
c9:bc:2b:b8:6a:0e:4b:e9:02:7b:36:87:c2:1b:ba:78:b8:78:
d8:d5:d2:18:96:d1:84:87:d9:e4:ab:85:dc:92:ac:84:28:68:
be:4a:0f:93:bc:10:af:cf:ae:79:67:74:3e:a9:ff:5a:d2:75:
90:39:fd:07:79:4f:08:fe:44:41:64:04:dc:4b:94:ea:f5:05:
d6:55:12:24:13:03:e1:27:b6:7f:b0:62:30:bd:9e:3a:46:ed:
72:a4:72:13:34:c3:2f:6f:31:a1:c3:08:a2:70:20:55:ef:eb:
55:d4:7f:6a:f8:04:20:37:fa:a1:bc:90:09:91:64:3c:74:98:
a4:f5:ed:a5:30:77:36:81:90:82:d5:a5:47:61:c0:f0:42:0e:
ff:51:04:8f:5c:1e:98:ad:8e:da:08:9d:4f:fd:80:fc:ce:5b:
74:e2:f5:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5Vq3sJdl67gKusoSSpfPM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYmNiNzllZjU4YTFjOThlMTUxZjYwYzUxNDI2Zjc0ZWIx
YzM5MzgwHhcNMjQwMzE5MDc0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTM5YWQ1YWNhYjM1YTljMWQwYWE4NWQ1OGJhYTlhNzc2ZDA3Nzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMk1onYoKCAF8+OpEc5O9hgctfvR
N6qDIiCwW7KO7yFPNHj0toXrANg4HPkoLXpSA8eW5rNFOztXVY/sNxJGM732Y6Rl
DHpl+wlM9osHxuOgpiqlxLcYEJZVBWkgQYRSfREwHdwRQ9M+gRf4+ESUPPT1UWIM
Vm5wh+npPpKfxzAzL7SKflSMLl38ec526ImJXn0Q3vH7oYfM5mrE+IGz18/K+HrZ
j3/OlW1ZBoJl2CnyfqOvcgVrLO8CskIBJ5Y+ZGdRO+EGJRrakrCQsCI9MnCuaDYo
DaLvb4tWgoh7NKHPFw1RBH132H9+MC3MpksYiogd0dF4GdxNo7AOCmsUWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD45rVrKs1qcHQqoXVi6qad20HeGMB8GA1UdIwQY
MBaAFD68t571ihyY4VH2DFFCb3TrHDk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQt
ZTlmNzlkZmJkMmU2LzEvUGptdFdzcXpXcHdkQ3FoZFdMcXBwM2JRZDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kZDllZDEtMDJjZC00YjM1LWEzYjQtZTlmNzlkZmJkMmU2
LzEvUHJ5M252V0tISmpoVWZZTVVVSnZkT3NjT1RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nbMA0G
CSqGSIb3DQEBCwUAA4IBAQCE5wjIzj4Tti0cShaV+k/0jFpH+xbpD6qD3eQT8RNf
bYqD+PWvpAqXrFbJXVMIG3UgN2TY68TFlNLrEv0Lr4zUnlQ7FrsUsdgTralK8/RR
sbWlSEh9TX8MtuvJvCu4ag5L6QJ7NofCG7p4uHjY1dIYltGEh9nkq4XckqyEKGi+
Sg+TvBCvz655Z3Q+qf9a0nWQOf0HeU8I/kRBZATcS5Tq9QXWVRIkEwPhJ7Z/sGIw
vZ46Ru1ypHITNMMvbzGhwwiicCBV7+tV1H9q+AQgN/qhvJAJkWQ8dJik9e2lMHc2
gZCC1aVHYcDwQg7/UQSPXB6YrY7aCJ1P/YD8zlt04vUY
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:29 2025 by rpki-client