Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/PbarvFD-DfboyTwmYNWYW4W2R9w.roa
File: PbarvFD-DfboyTwmYNWYW4W2R9w.roa (raw, json)
Hash identifier: x10XcqhvaDHkUVsBFH7jM56sVdDbvr2ZFm9l+eYW+G4=
Subject key identifier: 3D:B6:AB:BC:50:FE:0D:F6:E8:C9:3C:26:60:D5:98:5B:85:B6:47:DC
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 0195CE58A176460A8E6CB5A7D495ED901B13
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/PbarvFD-DfboyTwmYNWYW4W2R9w.roa
Signing time: Tue 25 Mar 2025 17:27:49 +0000
ROA not before: Tue 25 Mar 2025 17:27:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8254
IP address blocks: 46.28.64.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:58:a1:76:46:0a:8e:6c:b5:a7:d4:95:ed:90:1b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Mar 25 17:27:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3db6abbc50fe0df6e8c93c2660d5985b85b647dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:01:b2:e9:cb:69:d5:c8:14:4e:b0:ee:be:63:
6f:b8:e8:16:e4:cd:25:05:8d:2c:e5:18:c5:db:5f:
e7:c6:89:1f:c9:69:47:ae:92:fd:26:18:2e:64:43:
ae:75:11:b1:e4:ba:50:2e:4f:6c:0b:8d:fa:c3:84:
76:5e:ac:6c:f3:a6:f6:1d:dd:2f:84:86:a0:a6:3b:
c2:4c:e7:cf:d6:01:a2:a9:95:cf:8f:86:7c:d6:25:
45:86:67:f0:53:88:0f:02:8d:1b:22:39:52:94:a0:
b1:5d:cc:05:fa:17:fe:03:c7:6b:7f:47:7e:c0:6e:
77:a6:6f:7d:2f:2b:c2:7f:d4:d0:d5:8d:ea:66:77:
e9:e1:a2:cb:77:2d:75:16:46:f1:10:4a:e3:de:5c:
c2:98:b6:51:ac:30:7e:49:3e:86:1c:aa:ef:53:85:
c5:26:3a:77:c3:a7:c6:e6:ac:26:63:ef:2f:ee:64:
87:0b:61:0a:c9:64:6f:39:c8:f3:60:aa:a2:4d:55:
a7:cc:40:6b:88:f0:1b:56:3d:fe:e1:41:39:85:81:
31:10:cc:ae:1c:9b:51:4d:e6:bc:1c:68:fc:59:6e:
09:ee:a8:02:e1:a8:fb:f1:4c:b9:d9:b4:67:4e:22:
f0:6c:9b:49:33:c0:d5:af:bf:b5:a0:22:de:f8:f1:
e8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B6:AB:BC:50:FE:0D:F6:E8:C9:3C:26:60:D5:98:5B:85:B6:47:DC
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/PbarvFD-DfboyTwmYNWYW4W2R9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.64.0/21
Signature Algorithm: sha256WithRSAEncryption
26:51:4d:14:84:a0:7c:4f:62:cc:dc:98:49:0b:23:4b:0c:a3:
f7:75:72:8c:ef:ff:24:c0:8f:78:24:39:fc:40:1d:ef:76:16:
b8:77:e6:15:e2:72:af:a2:6f:57:d4:be:0e:d1:95:19:3b:4e:
5e:62:6a:50:4d:c1:97:f2:a6:fc:59:69:bd:64:6f:c4:29:9c:
36:83:24:c8:0d:3a:25:d5:85:3d:e2:fe:e1:50:39:11:f7:76:
0f:c9:36:c5:5f:fa:38:44:34:2a:98:c1:14:13:67:c8:66:1b:
92:6e:d2:af:74:90:0c:bd:79:0a:89:b2:30:31:e1:f2:9d:89:
f2:fb:81:4f:a5:d7:81:8b:e1:a1:61:bc:52:44:ed:3b:ef:0f:
df:93:74:f1:87:02:9f:43:21:dc:5d:ab:7f:bc:34:93:ed:ac:
28:b4:12:20:dc:2e:2b:51:2f:34:b9:34:85:7a:2a:2d:b1:de:
ca:bf:3d:d6:ac:d4:f1:c0:28:75:95:25:aa:48:c7:d7:67:e5:
90:80:c6:fb:02:08:f2:93:df:ab:ce:a1:70:dd:d2:57:14:6b:
dc:e6:ca:3c:e5:53:ab:fd:6f:58:13:54:47:8c:5c:ea:d7:19:
ed:36:cc:0b:be:2f:39:65:f5:cf:f6:e8:db:6a:66:5b:aa:01:
53:d7:83:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXOWKF2RgqObLWn1JXtkBsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjUwMzI1MTcyNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGI2YWJiYzUwZmUwZGY2ZThjOTNjMjY2MGQ1OTg1Yjg1YjY0N2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQGy6ctp1cgUTrDuvmNvuOgW5M0l
BY0s5RjF21/nxokfyWlHrpL9JhguZEOudRGx5LpQLk9sC436w4R2Xqxs86b2Hd0v
hIagpjvCTOfP1gGiqZXPj4Z81iVFhmfwU4gPAo0bIjlSlKCxXcwF+hf+A8drf0d+
wG53pm99LyvCf9TQ1Y3qZnfp4aLLdy11FkbxEErj3lzCmLZRrDB+ST6GHKrvU4XF
Jjp3w6fG5qwmY+8v7mSHC2EKyWRvOcjzYKqiTVWnzEBriPAbVj3+4UE5hYExEMyu
HJtRTea8HGj8WW4J7qgC4aj78Uy52bRnTiLwbJtJM8DVr7+1oCLe+PHoBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD22q7xQ/g326Mk8JmDVmFuFtkfcMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvUGJhcnZGRC1EZmJveVR3bVlOV1lXNFcyUjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLhxAMA0G
CSqGSIb3DQEBCwUAA4IBAQAmUU0UhKB8T2LM3JhJCyNLDKP3dXKM7/8kwI94JDn8
QB3vdha4d+YV4nKvom9X1L4O0ZUZO05eYmpQTcGX8qb8WWm9ZG/EKZw2gyTIDTol
1YU94v7hUDkR93YPyTbFX/o4RDQqmMEUE2fIZhuSbtKvdJAMvXkKibIwMeHynYny
+4FPpdeBi+GhYbxSRO077w/fk3TxhwKfQyHcXat/vDST7awotBIg3C4rUS80uTSF
eiotsd7Kvz3WrNTxwCh1lSWqSMfXZ+WQgMb7Agjyk9+rzqFw3dJXFGvc5so85VOr
/W9YE1RHjFzq1xntNswLvi85ZfXP9ujbamZbqgFT14P4
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:46:47 2025 by rpki-client