Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/PD6rMx-lGOQvO8vM-4WcUjvnq5w.roa
File: PD6rMx-lGOQvO8vM-4WcUjvnq5w.roa (raw, json)
Hash identifier: PPLel/5joCBZsp48Se9s2Fkk4rKCQgaL+toUxP87oVY=
Subject key identifier: 3C:3E:AB:33:1F:A5:18:E4:2F:3B:CB:CC:FB:85:9C:52:3B:E7:AB:9C
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 018D3034A074932594EC249E799BC899F35E
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/PD6rMx-lGOQvO8vM-4WcUjvnq5w.roa
Signing time: Mon 22 Jan 2024 08:06:11 +0000
ROA not before: Mon 22 Jan 2024 08:06:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 91.188.220.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:34:a0:74:93:25:94:ec:24:9e:79:9b:c8:99:f3:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Jan 22 08:06:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c3eab331fa518e42f3bcbccfb859c523be7ab9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:16:e9:04:3a:1b:4c:93:18:2b:59:15:f6:7a:
c5:a2:5e:e1:43:fa:2b:c4:ac:ae:de:09:9b:bd:4b:
96:6a:e2:3e:60:73:f0:24:28:ce:b2:bb:ab:ef:70:
55:db:88:77:e6:59:d4:c9:1e:7c:4f:16:71:5b:b1:
31:b0:08:8b:f4:ed:88:4c:f5:0e:9e:46:92:a4:4a:
ac:a5:87:9c:73:4c:87:6a:cc:88:b2:c7:99:21:2f:
85:8f:a5:e7:a0:9b:5f:6a:6b:cd:a9:96:c7:27:3c:
39:60:6b:b4:97:61:d5:b0:a5:1d:95:3e:56:36:b6:
cf:7e:23:7e:f3:27:73:b4:73:dd:58:de:86:fe:be:
36:f2:af:c1:46:b3:54:cd:47:0a:ad:69:c8:4a:88:
24:58:8f:d6:f4:a3:28:00:be:11:52:76:25:d5:8e:
78:48:77:d1:c6:15:ef:68:4f:48:0f:02:4d:df:1e:
72:bc:c2:05:16:ae:61:66:3c:ea:0f:6f:b5:4e:b7:
5f:e1:71:ab:4e:b6:7c:e4:ba:f2:06:ac:df:fc:a4:
f7:8d:75:24:ef:bc:d2:52:43:29:90:2c:0a:c1:b9:
50:79:bd:47:d8:3c:57:c8:bb:04:7b:a3:c7:35:15:
96:69:58:55:c5:cf:d9:dd:2a:46:6b:50:a1:93:be:
15:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3E:AB:33:1F:A5:18:E4:2F:3B:CB:CC:FB:85:9C:52:3B:E7:AB:9C
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/PD6rMx-lGOQvO8vM-4WcUjvnq5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.220.0/24
193.201.114.0/24
195.225.96.0/24
Signature Algorithm: sha256WithRSAEncryption
02:f5:0f:6c:bc:20:9b:66:a7:68:7a:ef:f6:c6:7e:d3:b1:42:
33:1b:c0:b4:d7:48:ff:30:67:04:7c:a1:d2:6d:18:fb:be:dd:
11:2c:91:c5:e2:e1:f8:0e:82:47:54:03:a6:9c:6b:2d:c3:79:
a7:82:ab:45:c7:de:df:00:21:8b:1f:c2:2e:75:00:70:04:30:
bd:7f:43:26:8e:1e:70:a7:64:2f:a8:92:56:f5:da:ef:69:58:
a0:bc:a1:5c:22:0b:cd:28:aa:af:3b:12:cc:40:07:9a:ef:5b:
18:0f:bd:b9:d7:ed:e2:4d:59:aa:0b:3d:6c:b3:ef:c5:c7:52:
5a:24:61:15:71:d9:1a:0f:ba:94:19:f0:a9:cf:a0:9d:c2:93:
45:c8:c5:93:a3:ab:cb:51:ce:de:19:44:e9:e7:14:86:69:78:
5f:a1:ea:99:b7:e5:d5:9d:9c:3f:0e:b7:83:77:cf:b6:78:2b:
ec:ce:f5:4f:8d:9e:2e:e1:b6:3d:3c:81:ce:df:59:ef:25:e8:
28:51:95:98:ac:b3:b2:31:ce:38:d0:ba:00:58:0b:ff:3e:47:
87:88:bb:8f:38:09:6d:a2:0b:97:63:15:5c:30:06:bd:0c:5b:
bf:18:a3:ae:e0:dc:8f:cd:54:18:77:57:c1:72:16:65:e8:04:
00:5a:a2:35
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0wNKB0kyWU7CSeeZvImfNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjQwMTIyMDgwNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzNlYWIzMzFmYTUxOGU0MmYzYmNiY2NmYjg1OWM1MjNiZTdhYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRbpBDobTJMYK1kV9nrFol7hQ/or
xKyu3gmbvUuWauI+YHPwJCjOsrur73BV24h35lnUyR58TxZxW7ExsAiL9O2ITPUO
nkaSpEqspYecc0yHasyIsseZIS+Fj6XnoJtfamvNqZbHJzw5YGu0l2HVsKUdlT5W
NrbPfiN+8ydztHPdWN6G/r428q/BRrNUzUcKrWnISogkWI/W9KMoAL4RUnYl1Y54
SHfRxhXvaE9IDwJN3x5yvMIFFq5hZjzqD2+1Trdf4XGrTrZ85LryBqzf/KT3jXUk
77zSUkMpkCwKwblQeb1H2DxXyLsEe6PHNRWWaVhVxc/Z3SpGa1Chk74V/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDw+qzMfpRjkLzvLzPuFnFI756ucMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvUEQ2ck14LWxHT1F2Tzh2TS00V2NVanZucTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW7zcAwQA
wclyAwQAw+FgMA0GCSqGSIb3DQEBCwUAA4IBAQAC9Q9svCCbZqdoeu/2xn7TsUIz
G8C010j/MGcEfKHSbRj7vt0RLJHF4uH4DoJHVAOmnGstw3mngqtFx97fACGLH8Iu
dQBwBDC9f0Mmjh5wp2QvqJJW9drvaVigvKFcIgvNKKqvOxLMQAea71sYD7251+3i
TVmqCz1ss+/Fx1JaJGEVcdkaD7qUGfCpz6CdwpNFyMWTo6vLUc7eGUTp5xSGaXhf
oeqZt+XVnZw/DreDd8+2eCvszvVPjZ4u4bY9PIHO31nvJegoUZWYrLOyMc440LoA
WAv/PkeHiLuPOAltoguXYxVcMAa9DFu/GKOu4NyPzVQYd1fBchZl6AQAWqI1
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:10:07 2025 by rpki-client