Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/PbquhIW9zV3GTwFfHVfvcLv6xJw.roa
File: PbquhIW9zV3GTwFfHVfvcLv6xJw.roa (raw, json)
Hash identifier: aemUH4PS/FSjfL3HdRU+EJA2H9Gd9sGg3EwGKTMzK9w=
Subject key identifier: 3D:BA:AE:84:85:BD:CD:5D:C6:4F:01:5F:1D:57:EF:70:BB:FA:C4:9C
Certificate issuer: /CN=a561ccb03741056715a6be4805321662d88e7e7c
Certificate serial: 019420D5F4B0059A0F233B7DB2AFFE8198C2
Authority key identifier: A5:61:CC:B0:37:41:05:67:15:A6:BE:48:05:32:16:62:D8:8E:7E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pWHMsDdBBWcVpr5IBTIWYtiOfnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/PbquhIW9zV3GTwFfHVfvcLv6xJw.roa
Signing time: Wed 01 Jan 2025 07:48:00 +0000
ROA not before: Wed 01 Jan 2025 07:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35280
IP address blocks: 185.142.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:f4:b0:05:9a:0f:23:3b:7d:b2:af:fe:81:98:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a561ccb03741056715a6be4805321662d88e7e7c
Validity
Not Before: Jan 1 07:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dbaae8485bdcd5dc64f015f1d57ef70bbfac49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4f:74:5c:fb:89:79:20:86:6e:58:35:97:23:
d1:1e:2a:4f:d7:56:16:f2:00:7a:aa:87:c3:85:43:
c1:25:0a:1b:ed:76:3f:18:f4:1f:92:67:42:24:02:
44:31:ce:aa:16:7b:d8:bc:db:b8:14:a0:b0:5d:51:
5c:b5:5b:65:78:13:43:f8:5f:f6:07:2c:3b:c1:74:
d1:80:5a:d2:11:cc:c3:4d:77:35:73:55:25:68:16:
41:4b:a0:3a:ba:10:b4:87:79:6a:e4:d1:15:ba:15:
7a:65:fb:7f:70:fd:d7:e5:b3:a7:1c:52:0c:cb:88:
ef:47:b9:3c:c7:f4:04:9a:10:68:3a:a7:ac:d1:a5:
30:2d:c0:d3:86:fc:14:8c:bc:93:3c:a9:bf:13:b5:
3e:e0:39:f6:85:3a:26:f7:26:56:14:de:e2:6d:c9:
71:c3:82:b5:c7:83:72:40:45:b9:e0:15:94:5a:7a:
25:32:35:aa:96:9e:77:4b:fa:31:42:76:50:69:d1:
f4:04:38:49:28:10:c8:cc:09:96:1f:0e:00:8a:eb:
b5:d3:1d:6e:cd:19:76:66:a9:47:a4:7a:b9:43:31:
15:0c:fc:f1:4f:53:ef:14:6b:30:fc:7c:f2:ff:f2:
a2:08:30:47:7d:f2:cf:b8:3a:84:20:f4:c3:e3:33:
39:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:BA:AE:84:85:BD:CD:5D:C6:4F:01:5F:1D:57:EF:70:BB:FA:C4:9C
X509v3 Authority Key Identifier:
keyid:A5:61:CC:B0:37:41:05:67:15:A6:BE:48:05:32:16:62:D8:8E:7E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pWHMsDdBBWcVpr5IBTIWYtiOfnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/PbquhIW9zV3GTwFfHVfvcLv6xJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/pWHMsDdBBWcVpr5IBTIWYtiOfnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.148.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:08:ee:a5:7e:e8:7d:bf:34:8d:e1:dd:98:03:4a:ab:b9:54:
76:1c:1a:e9:b0:ad:e5:d9:47:9e:73:fc:32:41:1a:c1:e8:94:
68:e5:cd:b1:a0:21:94:55:eb:b1:e1:f9:b5:e0:6b:21:1b:35:
50:ca:64:73:e8:ab:6a:41:71:59:2a:40:00:0b:9f:48:7a:7e:
55:51:8b:df:00:1b:03:24:fa:33:83:1b:fd:8c:ad:56:4d:ba:
ef:0f:f6:a7:19:d2:2d:05:04:4f:5d:03:fe:34:59:ef:38:d5:
b1:fb:a5:95:eb:ae:bc:70:bf:04:66:91:53:0f:2c:76:ac:74:
39:b0:13:c5:9d:d2:2e:02:a0:ad:1e:a4:07:2a:79:b0:a2:6f:
93:c6:df:46:20:d7:4d:7f:01:13:84:1f:2a:6b:c6:e3:d7:aa:
9d:6d:92:cd:55:3f:a9:1d:0a:80:b0:d3:5f:6c:3c:50:2b:a8:
6c:4a:02:be:ec:0b:0c:23:af:c9:f6:95:a8:70:b6:01:5e:b7:
4f:55:b3:60:fc:cb:4c:fb:1d:6f:3b:d9:1d:c5:1d:6d:78:84:
62:a1:aa:ee:63:42:ab:89:29:2a:dd:12:e0:6b:02:84:69:09:
17:06:3e:9a:4c:84:97:7a:a2:1e:95:cb:57:87:90:89:c8:67:
5d:41:8c:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1fSwBZoPIzt9sq/+gZjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NjFjY2IwMzc0MTA1NjcxNWE2YmU0ODA1MzIxNjYyZDg4
ZTdlN2MwHhcNMjUwMTAxMDc0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGJhYWU4NDg1YmRjZDVkYzY0ZjAxNWYxZDU3ZWY3MGJiZmFjNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn090XPuJeSCGblg1lyPRHipP11YW
8gB6qofDhUPBJQob7XY/GPQfkmdCJAJEMc6qFnvYvNu4FKCwXVFctVtleBND+F/2
Byw7wXTRgFrSEczDTXc1c1UlaBZBS6A6uhC0h3lq5NEVuhV6Zft/cP3X5bOnHFIM
y4jvR7k8x/QEmhBoOqes0aUwLcDThvwUjLyTPKm/E7U+4Dn2hTom9yZWFN7ibclx
w4K1x4NyQEW54BWUWnolMjWqlp53S/oxQnZQadH0BDhJKBDIzAmWHw4Aiuu10x1u
zRl2ZqlHpHq5QzEVDPzxT1PvFGsw/Hzy//KiCDBHffLPuDqEIPTD4zM5EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD26roSFvc1dxk8BXx1X73C7+sScMB8GA1UdIwQY
MBaAFKVhzLA3QQVnFaa+SAUyFmLYjn58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFdITXNEZEJCV2NWcHI1SUJUSVdZdGlPZm53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80YmM3ZmEtMDQ2Mi00Y2Y2LTkxODkt
YWU0ZTY5ODY2NGYxLzEvUGJxdWhJVzl6VjNHVHdGZkhWZnZjTHY2eEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80YmM3ZmEtMDQ2Mi00Y2Y2LTkxODktYWU0ZTY5ODY2NGYx
LzEvcFdITXNEZEJCV2NWcHI1SUJUSVdZdGlPZm53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY6UMA0G
CSqGSIb3DQEBCwUAA4IBAQC0CO6lfuh9vzSN4d2YA0qruVR2HBrpsK3l2Ueec/wy
QRrB6JRo5c2xoCGUVeux4fm14GshGzVQymRz6KtqQXFZKkAAC59Ien5VUYvfABsD
JPozgxv9jK1WTbrvD/anGdItBQRPXQP+NFnvONWx+6WV6668cL8EZpFTDyx2rHQ5
sBPFndIuAqCtHqQHKnmwom+Txt9GINdNfwEThB8qa8bj16qdbZLNVT+pHQqAsNNf
bDxQK6hsSgK+7AsMI6/J9pWocLYBXrdPVbNg/MtM+x1vO9kdxR1teIRioaruY0Kr
iSkq3RLgawKEaQkXBj6aTISXeqIelctXh5CJyGddQYzS
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:43 2025 by rpki-client