Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/3e9394-e271-49ab-b37b-ea38420b2579/1/Pjo3RDAsopUeM78b85_QPN1-7VI.roa
File: Pjo3RDAsopUeM78b85_QPN1-7VI.roa (raw, json)
Hash identifier: I/2zLP79cKW8Js/ksFDd8QdVZcG00HVdVbP2kBa1g/Y=
Subject key identifier: 3E:3A:37:44:30:2C:A2:95:1E:33:BF:1B:F3:9F:D0:3C:DD:7E:ED:52
Certificate issuer: /CN=1000c0d7a59ac2f59804e7c3515f14cd2fd50d97
Certificate serial: 01942826FB1AB3A0C04E52E0E3C20CA32BC3
Authority key identifier: 10:00:C0:D7:A5:9A:C2:F5:98:04:E7:C3:51:5F:14:CD:2F:D5:0D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EADA16WawvWYBOfDUV8UzS_VDZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/3e9394-e271-49ab-b37b-ea38420b2579/1/Pjo3RDAsopUeM78b85_QPN1-7VI.roa
Signing time: Thu 02 Jan 2025 17:53:50 +0000
ROA not before: Thu 02 Jan 2025 17:53:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204793
IP address blocks: 185.136.116.0/22 maxlen: 22
2a06:fc40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:fb:1a:b3:a0:c0:4e:52:e0:e3:c2:0c:a3:2b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1000c0d7a59ac2f59804e7c3515f14cd2fd50d97
Validity
Not Before: Jan 2 17:53:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e3a3744302ca2951e33bf1bf39fd03cdd7eed52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ec:b6:2a:56:9f:ac:08:92:42:f4:33:48:84:
31:de:d8:0f:4d:c0:aa:ee:99:1e:28:41:34:85:16:
12:7a:ce:0c:f3:9b:b9:b9:61:1b:da:21:cf:69:18:
38:68:39:cc:d2:42:c4:77:bc:ee:bc:b9:6a:47:a6:
a0:00:d7:4d:8e:53:87:61:84:17:69:8b:04:12:8b:
74:44:6e:af:30:ff:7d:15:83:82:66:50:e6:12:a1:
02:6b:08:f3:e7:d0:f6:18:d5:dc:15:87:19:95:b2:
1a:73:ba:0b:0a:d8:26:fa:b7:93:4b:3d:37:85:79:
fa:f9:4a:47:6e:bb:3d:5c:2f:56:93:7d:5b:5d:a4:
cf:68:85:3f:9d:63:13:a8:47:94:2d:57:c0:ed:a2:
77:09:43:6e:3d:aa:65:4b:ba:db:ab:ca:75:e9:7e:
35:4f:9b:44:7d:0d:64:b3:5e:d4:e3:5b:94:24:ec:
bd:73:7c:4d:83:13:5b:1e:88:98:d1:9b:f9:9f:76:
60:19:b7:32:99:35:17:d7:3e:c7:48:7c:3d:42:56:
24:f1:f8:c4:69:65:c5:25:1e:5f:cb:7d:95:48:c9:
34:c3:f0:48:ca:99:84:29:f0:0a:59:f3:3e:12:f5:
28:86:e2:2d:61:ad:f8:71:d6:aa:47:8a:70:97:13:
d4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:3A:37:44:30:2C:A2:95:1E:33:BF:1B:F3:9F:D0:3C:DD:7E:ED:52
X509v3 Authority Key Identifier:
keyid:10:00:C0:D7:A5:9A:C2:F5:98:04:E7:C3:51:5F:14:CD:2F:D5:0D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EADA16WawvWYBOfDUV8UzS_VDZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/3e9394-e271-49ab-b37b-ea38420b2579/1/Pjo3RDAsopUeM78b85_QPN1-7VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/3e9394-e271-49ab-b37b-ea38420b2579/1/EADA16WawvWYBOfDUV8UzS_VDZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.116.0/22
IPv6:
2a06:fc40::/29
Signature Algorithm: sha256WithRSAEncryption
8f:70:58:4d:73:fe:b3:3e:f0:4a:66:2d:30:47:f0:72:20:37:
d9:0c:34:10:68:0c:56:e3:64:b8:6c:d5:27:e2:40:42:34:e6:
a9:cb:0a:f1:64:9e:34:1d:9b:56:11:08:36:ac:41:9a:5f:84:
e7:50:93:21:90:b2:e7:98:d8:3c:6a:8d:88:51:6d:55:3d:95:
e9:1c:14:05:9a:18:9e:f1:85:b7:4c:60:f2:52:fe:2c:d8:5d:
4c:a6:5f:51:b4:89:58:a1:93:99:d8:b3:78:50:91:39:03:57:
31:32:19:39:cb:08:6f:06:60:df:47:9b:d4:ca:38:7d:08:f9:
18:aa:ee:7d:47:f5:a2:0b:36:c2:bd:37:62:0c:57:9a:93:cf:
35:d8:06:3e:62:b4:29:a1:2b:2a:e0:9c:a9:e4:75:a0:80:bb:
a7:2e:e2:35:1f:fa:eb:d7:d9:53:17:53:1e:a3:81:b5:d9:07:
11:bd:bf:e0:32:b9:b1:1a:43:ea:bd:3c:b6:77:9e:0c:13:ed:
0d:de:75:24:34:21:f7:ec:72:4a:48:ea:70:ce:97:9f:a5:55:
ad:a2:f2:42:f4:af:8d:d1:b9:ab:7a:04:58:0a:80:eb:77:88:
68:31:b8:b9:a4:a2:d4:79:d6:5c:b0:29:d3:fc:52:59:65:7a:
12:6a:f7:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoJvsas6DATlLg48IMoyvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDBjMGQ3YTU5YWMyZjU5ODA0ZTdjMzUxNWYxNGNkMmZk
NTBkOTcwHhcNMjUwMTAyMTc1MzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTNhMzc0NDMwMmNhMjk1MWUzM2JmMWJmMzlmZDAzY2RkN2VlZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuy2KlafrAiSQvQzSIQx3tgPTcCq
7pkeKEE0hRYSes4M85u5uWEb2iHPaRg4aDnM0kLEd7zuvLlqR6agANdNjlOHYYQX
aYsEEot0RG6vMP99FYOCZlDmEqECawjz59D2GNXcFYcZlbIac7oLCtgm+reTSz03
hXn6+UpHbrs9XC9Wk31bXaTPaIU/nWMTqEeULVfA7aJ3CUNuPaplS7rbq8p16X41
T5tEfQ1ks17U41uUJOy9c3xNgxNbHoiY0Zv5n3ZgGbcymTUX1z7HSHw9QlYk8fjE
aWXFJR5fy32VSMk0w/BIypmEKfAKWfM+EvUohuItYa34cdaqR4pwlxPUowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD46N0QwLKKVHjO/G/Of0Dzdfu1SMB8GA1UdIwQY
MBaAFBAAwNelmsL1mATnw1FfFM0v1Q2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFEQTE2V2F3dldZQk9mRFVWOFV6U19WRFpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8zZTkzOTQtZTI3MS00OWFiLWIzN2It
ZWEzODQyMGIyNTc5LzEvUGpvM1JEQXNvcFVlTTc4Yjg1X1FQTjEtN1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8zZTkzOTQtZTI3MS00OWFiLWIzN2ItZWEzODQyMGIyNTc5
LzEvRUFEQTE2V2F3dldZQk9mRFVWOFV6U19WRFpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYh0MA0E
AgACMAcDBQMqBvxAMA0GCSqGSIb3DQEBCwUAA4IBAQCPcFhNc/6zPvBKZi0wR/By
IDfZDDQQaAxW42S4bNUn4kBCNOapywrxZJ40HZtWEQg2rEGaX4TnUJMhkLLnmNg8
ao2IUW1VPZXpHBQFmhie8YW3TGDyUv4s2F1Mpl9RtIlYoZOZ2LN4UJE5A1cxMhk5
ywhvBmDfR5vUyjh9CPkYqu59R/WiCzbCvTdiDFeak8812AY+YrQpoSsq4Jyp5HWg
gLunLuI1H/rr19lTF1Meo4G12QcRvb/gMrmxGkPqvTy2d54ME+0N3nUkNCH37HJK
SOpwzpefpVWtovJC9K+N0bmregRYCoDrd4hoMbi5pKLUedZcsCnT/FJZZXoSavcj
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:52 2025 by rpki-client