Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/8e09fe-a5c0-497d-a5bb-c277b4cf7c67/1/PNFr0tzn5mVmgKWRX8v6WyWhFqY.roa
File: PNFr0tzn5mVmgKWRX8v6WyWhFqY.roa (raw, json)
Hash identifier: IhiQ18JXnw9XRWnb1GuWhYZS+Gc1YZ7fxffoUKEWwG4=
Subject key identifier: 3C:D1:6B:D2:DC:E7:E6:65:66:80:A5:91:5F:CB:FA:5B:25:A1:16:A6
Certificate issuer: /CN=45248dc088485d78dcf81ada9a18d5ff9d2f906c
Certificate serial: 01862C48BC38D723AAEF2915D05DD0F96EC2
Authority key identifier: 45:24:8D:C0:88:48:5D:78:DC:F8:1A:DA:9A:18:D5:FF:9D:2F:90:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RSSNwIhIXXjc-BramhjV_50vkGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/8e09fe-a5c0-497d-a5bb-c277b4cf7c67/1/PNFr0tzn5mVmgKWRX8v6WyWhFqY.roa
Signing time: Tue 07 Feb 2023 14:30:09 +0000
ROA not before: Tue 07 Feb 2023 14:30:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12859
IP address blocks: 185.121.227.0/24 maxlen: 24
185.188.141.0/24 maxlen: 24
185.188.142.0/24 maxlen: 24
185.188.140.0/22 maxlen: 24
185.188.140.0/24 maxlen: 24
185.188.143.0/24 maxlen: 24
185.121.226.0/24 maxlen: 24
185.121.224.0/24 maxlen: 24
185.121.224.0/22 maxlen: 24
185.121.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2c:48:bc:38:d7:23:aa:ef:29:15:d0:5d:d0:f9:6e:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45248dc088485d78dcf81ada9a18d5ff9d2f906c
Validity
Not Before: Feb 7 14:30:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cd16bd2dce7e6656680a5915fcbfa5b25a116a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7e:b2:5d:4b:db:90:1d:1e:5f:bd:57:b3:87:
27:02:86:ad:bd:8a:45:1f:8c:90:bf:6b:f8:ec:25:
4b:bb:a5:4a:a0:27:ff:fc:01:4b:25:cd:e3:1c:bb:
7f:e1:cf:c5:5d:ff:eb:64:b5:df:52:56:75:8c:d5:
9b:e1:25:c1:33:a7:6a:5f:66:79:5d:86:3e:31:74:
89:75:4a:4b:aa:04:37:61:26:de:c9:56:46:7e:2e:
10:a4:95:39:6a:d3:cc:04:a4:60:ff:df:3a:c9:d9:
3d:6d:a2:dd:7f:2c:a1:a0:50:95:03:6d:95:2c:2c:
a5:58:78:2d:72:ba:41:29:47:96:07:0a:00:95:1a:
74:a9:7b:9e:72:04:39:f1:2d:88:4e:c3:73:55:be:
82:9b:51:98:0c:42:91:dc:7b:3f:36:87:fb:61:20:
0b:3e:f9:b4:a9:b3:d8:81:53:77:b0:48:46:7d:17:
2e:3c:74:39:65:64:38:b6:82:27:25:50:65:6e:24:
51:7c:68:ea:77:2a:a3:3a:46:3b:28:d3:df:36:91:
55:8c:3a:73:39:95:23:ca:49:94:21:f1:64:7e:11:
ed:e7:c5:be:ec:ef:65:50:10:7c:f5:fe:23:ba:0a:
8e:7c:3c:41:f6:cd:08:b5:f7:50:01:de:8a:e6:27:
a3:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D1:6B:D2:DC:E7:E6:65:66:80:A5:91:5F:CB:FA:5B:25:A1:16:A6
X509v3 Authority Key Identifier:
keyid:45:24:8D:C0:88:48:5D:78:DC:F8:1A:DA:9A:18:D5:FF:9D:2F:90:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RSSNwIhIXXjc-BramhjV_50vkGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8e09fe-a5c0-497d-a5bb-c277b4cf7c67/1/PNFr0tzn5mVmgKWRX8v6WyWhFqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8e09fe-a5c0-497d-a5bb-c277b4cf7c67/1/RSSNwIhIXXjc-BramhjV_50vkGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.224.0/22
185.188.140.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:eb:c2:be:94:5b:28:f8:6d:b4:a9:b0:66:00:ff:e5:4e:b9:
e9:6e:f0:39:58:83:31:fd:7a:8b:cc:60:62:02:f0:2c:08:e7:
7a:60:c5:99:21:84:cf:71:28:ef:1d:64:18:f5:08:02:37:5a:
2a:b3:9f:17:e7:77:9e:cc:35:a9:93:71:20:6a:4d:51:5f:e5:
36:66:3f:ef:6b:46:51:91:d2:06:a3:c4:91:fc:aa:c8:ab:58:
45:1b:f8:0b:98:8c:5e:87:3c:e8:be:af:15:a5:88:4c:24:a3:
49:03:03:0f:b1:76:f4:12:22:aa:f2:8c:7a:c1:5b:97:75:94:
1c:10:ce:a7:91:e9:af:d1:4e:b6:f5:f1:77:7a:14:9a:6f:11:
df:83:75:d1:8f:e1:12:9a:28:66:b5:5e:42:30:42:19:f0:3d:
fa:5b:8a:51:b8:20:0f:38:7e:01:83:b3:81:7c:43:fe:11:f7:
7a:b0:62:cb:14:e3:83:ca:f7:55:33:70:d6:ae:90:1c:6e:67:
91:58:e4:2f:f4:cb:95:4f:ca:bb:2b:19:63:02:ae:23:c4:b8:
fc:44:c4:60:b6:37:52:14:6b:24:03:f0:5e:99:55:a0:59:06:
0e:63:13:26:0b:bd:fa:f0:c0:4b:31:9f:e5:70:e2:e8:3a:e5:
f8:46:99:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYsSLw41yOq7ykV0F3Q+W7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MjQ4ZGMwODg0ODVkNzhkY2Y4MWFkYTlhMThkNWZmOWQy
ZjkwNmMwHhcNMjMwMjA3MTQzMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2QxNmJkMmRjZTdlNjY1NjY4MGE1OTE1ZmNiZmE1YjI1YTExNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvn6yXUvbkB0eX71Xs4cnAoatvYpF
H4yQv2v47CVLu6VKoCf//AFLJc3jHLt/4c/FXf/rZLXfUlZ1jNWb4SXBM6dqX2Z5
XYY+MXSJdUpLqgQ3YSbeyVZGfi4QpJU5atPMBKRg/986ydk9baLdfyyhoFCVA22V
LCylWHgtcrpBKUeWBwoAlRp0qXuecgQ58S2ITsNzVb6Cm1GYDEKR3Hs/Nof7YSAL
Pvm0qbPYgVN3sEhGfRcuPHQ5ZWQ4toInJVBlbiRRfGjqdyqjOkY7KNPfNpFVjDpz
OZUjykmUIfFkfhHt58W+7O9lUBB89f4jugqOfDxB9s0ItfdQAd6K5iej3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDzRa9Lc5+ZlZoClkV/L+lsloRamMB8GA1UdIwQY
MBaAFEUkjcCISF143Pga2poY1f+dL5BsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlNTTndJaElYWGpjLUJyYW1oalZfNTB2a0d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC84ZTA5ZmUtYTVjMC00OTdkLWE1YmIt
YzI3N2I0Y2Y3YzY3LzEvUE5GcjB0em41bVZtZ0tXUlg4djZXeVdoRnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC84ZTA5ZmUtYTVjMC00OTdkLWE1YmItYzI3N2I0Y2Y3YzY3
LzEvUlNTTndJaElYWGpjLUJyYW1oalZfNTB2a0d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXngAwQC
ubyMMA0GCSqGSIb3DQEBCwUAA4IBAQCu68K+lFso+G20qbBmAP/lTrnpbvA5WIMx
/XqLzGBiAvAsCOd6YMWZIYTPcSjvHWQY9QgCN1oqs58X53eezDWpk3Egak1RX+U2
Zj/va0ZRkdIGo8SR/KrIq1hFG/gLmIxehzzovq8VpYhMJKNJAwMPsXb0EiKq8ox6
wVuXdZQcEM6nkemv0U629fF3ehSabxHfg3XRj+ESmihmtV5CMEIZ8D36W4pRuCAP
OH4Bg7OBfEP+Efd6sGLLFOODyvdVM3DWrpAcbmeRWOQv9MuVT8q7KxljAq4jxLj8
RMRgtjdSFGskA/BemVWgWQYOYxMmC7368MBLMZ/lcOLoOuX4Rpmd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:40 2024 by rpki-client on console-fra.rpki-client.org