Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/99be80-152c-4b65-8b32-0718aa8dd9a7/1/pGDYisQVL2BUGulNE7Y5piT07UA.roa
File: pGDYisQVL2BUGulNE7Y5piT07UA.roa (raw, json)
Hash identifier: 9AsqfzS45F+ILjQAz0Gnw2+j0nysR1Azv1ex3v4CU/U=
Subject key identifier: A4:60:D8:8A:C4:15:2F:60:54:1A:E9:4D:13:B6:39:A6:24:F4:ED:40
Certificate issuer: /CN=af934ec694af68134b7514c10dcd13857b459e38
Certificate serial: 018CC3B692208F36FBE12FE159C759969A9A
Authority key identifier: AF:93:4E:C6:94:AF:68:13:4B:75:14:C1:0D:CD:13:85:7B:45:9E:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5NOxpSvaBNLdRTBDc0ThXtFnjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/99be80-152c-4b65-8b32-0718aa8dd9a7/1/pGDYisQVL2BUGulNE7Y5piT07UA.roa
Signing time: Mon 01 Jan 2024 06:29:31 +0000
ROA not before: Mon 01 Jan 2024 06:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61193
IP address blocks: 213.232.198.0/24 maxlen: 24
2a10:dc00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:92:20:8f:36:fb:e1:2f:e1:59:c7:59:96:9a:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af934ec694af68134b7514c10dcd13857b459e38
Validity
Not Before: Jan 1 06:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a460d88ac4152f60541ae94d13b639a624f4ed40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:14:30:cd:73:35:47:72:e3:39:46:54:64:bb:
7d:ef:8b:d6:be:0c:21:0c:cf:87:61:d6:83:ba:98:
b2:1c:42:a9:54:97:e8:03:72:5f:10:d8:ec:e6:ef:
82:68:08:dc:76:90:66:34:de:1d:f1:59:18:1b:db:
96:89:68:52:39:5a:e8:40:3e:e5:9a:12:d9:76:f6:
6c:4a:62:e4:d6:59:87:2c:14:18:ef:9f:51:cd:a5:
80:a1:63:fc:17:c0:93:d4:0b:d6:2f:69:9f:35:93:
3c:b2:17:d2:4b:b9:90:7d:b8:e4:47:47:25:af:3c:
4f:89:7f:3e:fc:9a:3a:c4:98:80:7d:04:97:f4:db:
ba:c7:da:41:9c:b7:74:7f:09:81:2c:c3:fd:a6:4b:
3d:07:a6:ca:22:f1:81:57:25:49:d9:e6:95:7a:7d:
30:48:5c:5a:45:37:fe:35:8e:a4:f8:d8:8c:2a:f0:
59:b1:9c:9b:1c:90:4a:14:a4:e3:42:66:6b:8e:65:
26:59:07:1c:48:97:80:32:5b:ce:c5:42:43:c5:e5:
77:8a:84:eb:0d:5b:31:9a:4b:65:8a:0c:18:fd:e4:
b7:52:28:60:94:ff:68:da:90:77:69:1a:35:0d:2d:
ae:6e:38:12:e1:e8:74:d7:8e:d4:5f:70:2a:9b:0a:
5f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:60:D8:8A:C4:15:2F:60:54:1A:E9:4D:13:B6:39:A6:24:F4:ED:40
X509v3 Authority Key Identifier:
keyid:AF:93:4E:C6:94:AF:68:13:4B:75:14:C1:0D:CD:13:85:7B:45:9E:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5NOxpSvaBNLdRTBDc0ThXtFnjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/99be80-152c-4b65-8b32-0718aa8dd9a7/1/pGDYisQVL2BUGulNE7Y5piT07UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/99be80-152c-4b65-8b32-0718aa8dd9a7/1/r5NOxpSvaBNLdRTBDc0ThXtFnjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.198.0/24
IPv6:
2a10:dc00::/29
Signature Algorithm: sha256WithRSAEncryption
68:3e:8d:42:d6:c4:b7:cd:79:c7:87:11:23:fe:db:5b:b4:f7:
e7:bc:a7:d5:81:49:80:9e:71:aa:8a:50:5e:59:8f:81:70:5a:
fb:32:94:33:8c:39:4e:17:2f:b4:6a:02:05:1c:2c:2b:39:e3:
b2:e4:a6:6f:3d:b7:ea:dd:b1:ae:ee:45:d2:f0:d9:ad:7c:36:
56:64:3e:c9:f9:45:e3:9c:24:e1:59:15:00:e2:e6:53:45:b9:
2b:8b:d2:c7:70:1d:d0:10:ba:3f:2a:e2:4d:35:a2:f1:8e:ab:
58:c5:17:0c:8b:c9:6e:3a:0e:f2:7e:aa:51:11:36:b0:4a:64:
51:b0:d8:7a:29:96:58:93:39:39:bf:97:73:a1:88:ff:36:27:
b0:b6:ee:3b:a1:b6:12:bb:fa:ac:98:05:e0:67:25:11:23:ec:
f9:bb:b3:b3:53:12:eb:91:e2:07:8a:82:1e:4a:fa:76:62:a5:
32:5a:ee:f0:4b:df:74:b9:1a:37:63:26:d5:4d:cd:ef:46:2f:
cb:1c:9d:1b:08:ce:46:a5:63:d4:8b:0c:cf:d4:b3:99:d1:7e:
83:7b:75:ad:7a:a0:1b:61:7d:31:41:1e:82:df:ed:fa:9e:20:
2e:05:4c:0c:ce:d7:e8:c1:e2:53:e6:86:a0:38:98:a9:b8:b0:
5a:ca:70:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtpIgjzb74S/hWcdZlpqaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM0ZWM2OTRhZjY4MTM0Yjc1MTRjMTBkY2QxMzg1N2I0
NTllMzgwHhcNMjQwMTAxMDYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDYwZDg4YWM0MTUyZjYwNTQxYWU5NGQxM2I2MzlhNjI0ZjRlZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhQwzXM1R3LjOUZUZLt974vWvgwh
DM+HYdaDupiyHEKpVJfoA3JfENjs5u+CaAjcdpBmNN4d8VkYG9uWiWhSOVroQD7l
mhLZdvZsSmLk1lmHLBQY759RzaWAoWP8F8CT1AvWL2mfNZM8shfSS7mQfbjkR0cl
rzxPiX8+/Jo6xJiAfQSX9Nu6x9pBnLd0fwmBLMP9pks9B6bKIvGBVyVJ2eaVen0w
SFxaRTf+NY6k+NiMKvBZsZybHJBKFKTjQmZrjmUmWQccSJeAMlvOxUJDxeV3ioTr
DVsxmktligwY/eS3UihglP9o2pB3aRo1DS2ubjgS4eh0147UX3AqmwpfZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKRg2IrEFS9gVBrpTRO2OaYk9O1AMB8GA1UdIwQY
MBaAFK+TTsaUr2gTS3UUwQ3NE4V7RZ44MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVOT3hwU3ZhQk5MZFJUQkRjMFRoWHRGbmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85OWJlODAtMTUyYy00YjY1LThiMzIt
MDcxOGFhOGRkOWE3LzEvcEdEWWlzUVZMMkJVR3VsTkU3WTVwaVQwN1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85OWJlODAtMTUyYy00YjY1LThiMzItMDcxOGFhOGRkOWE3
LzEvcjVOT3hwU3ZhQk5MZFJUQkRjMFRoWHRGbmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1ejGMA0E
AgACMAcDBQMqENwAMA0GCSqGSIb3DQEBCwUAA4IBAQBoPo1C1sS3zXnHhxEj/ttb
tPfnvKfVgUmAnnGqilBeWY+BcFr7MpQzjDlOFy+0agIFHCwrOeOy5KZvPbfq3bGu
7kXS8NmtfDZWZD7J+UXjnCThWRUA4uZTRbkri9LHcB3QELo/KuJNNaLxjqtYxRcM
i8luOg7yfqpRETawSmRRsNh6KZZYkzk5v5dzoYj/Niewtu47obYSu/qsmAXgZyUR
I+z5u7OzUxLrkeIHioIeSvp2YqUyWu7wS990uRo3YybVTc3vRi/LHJ0bCM5GpWPU
iwzP1LOZ0X6De3WteqAbYX0xQR6C3+36niAuBUwMztfoweJT5oagOJipuLBaynCz
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:41:25 2025 by rpki-client