Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/PvNZ3UHllSHx7gIVkQsXWoR7qqI.roa
File: PvNZ3UHllSHx7gIVkQsXWoR7qqI.roa (raw, json)
Hash identifier: u1PhDJHJJB0wkXJRV8pVs1qFcSNSIBrlkL+PfiZAWWE=
Subject key identifier: 3E:F3:59:DD:41:E5:95:21:F1:EE:02:15:91:0B:17:5A:84:7B:AA:A2
Certificate issuer: /CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Certificate serial: 0194457ABCB480C7310DADCCDE8DA76C0380
Authority key identifier: 24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/PvNZ3UHllSHx7gIVkQsXWoR7qqI.roa
Signing time: Wed 08 Jan 2025 10:34:19 +0000
ROA not before: Wed 08 Jan 2025 10:34:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 37.153.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:7a:bc:b4:80:c7:31:0d:ad:cc:de:8d:a7:6c:03:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Validity
Not Before: Jan 8 10:34:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ef359dd41e59521f1ee0215910b175a847baaa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:f2:03:4d:70:37:4b:b7:86:b7:12:89:e6:3b:
6a:27:23:4f:dd:da:18:0e:54:68:fb:5c:ee:38:07:
57:51:d1:03:7a:de:65:9a:a9:ea:a5:5d:7d:b9:90:
97:1f:56:35:fe:50:e5:74:dc:b7:3e:e1:c3:04:99:
10:fb:5f:6d:a4:b9:d7:b3:e6:ad:9a:80:aa:b7:1c:
02:c8:78:71:90:f6:d4:08:44:cc:b2:0c:b8:e0:0a:
49:9f:01:66:a3:54:47:ce:c4:1a:be:e4:2a:e6:d0:
53:84:89:b5:92:c9:09:aa:79:16:0f:5d:a9:89:2f:
43:b6:13:2d:23:f2:d2:ca:3f:b9:00:c9:80:9c:44:
ac:07:36:85:f2:f5:2c:25:d8:2f:4b:7f:90:04:f2:
c0:db:4d:92:12:78:ea:68:3a:bc:f8:25:b8:5a:09:
fe:72:6e:c9:d5:ab:3e:88:7a:e9:82:b1:0e:65:09:
3c:1b:7b:96:f6:d9:66:04:19:e1:28:7a:6a:d3:5d:
30:1e:3c:89:09:ab:6d:a2:8a:45:f8:2d:84:f3:fd:
48:39:f5:d3:6c:1d:3f:7f:44:fa:7a:ff:1b:3b:4f:
92:3a:9f:31:b7:ac:b9:6c:d7:23:bf:cc:08:ea:06:
98:d0:03:f4:d2:a3:91:d4:72:f1:37:7d:4f:f5:29:
da:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F3:59:DD:41:E5:95:21:F1:EE:02:15:91:0B:17:5A:84:7B:AA:A2
X509v3 Authority Key Identifier:
keyid:24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/PvNZ3UHllSHx7gIVkQsXWoR7qqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/JBW_nGHIXbfJmsTN95JX55l6t3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.153.0/24
Signature Algorithm: sha256WithRSAEncryption
08:a6:84:ea:34:50:14:b3:a9:41:a4:a1:26:75:96:e0:49:7b:
f8:84:73:dd:a3:b6:36:a9:eb:99:01:17:a5:10:e9:d6:a7:20:
d9:b1:e2:da:c4:c4:38:ca:4c:7d:d1:f2:31:dd:0a:1c:22:d2:
36:62:f7:65:2c:11:47:12:4a:24:82:a7:2b:69:21:f6:79:37:
3e:5c:66:74:88:89:7b:8d:9c:7f:5d:30:1a:f6:d0:0d:46:c9:
75:4a:a6:ee:39:27:a3:d0:9f:84:88:28:60:42:35:2b:29:e5:
32:ec:0f:b3:4c:a4:5d:2f:93:11:c9:e2:0a:6a:12:fc:c8:8b:
11:7f:1d:3c:7f:f5:f5:79:10:8e:72:c7:f1:16:51:0d:57:61:
30:77:9c:5c:d7:b5:9d:d4:7b:91:6d:7c:f9:86:a0:5b:49:62:
09:f2:5c:80:75:0a:e0:e1:4f:44:9d:7b:f2:aa:57:2a:0b:8e:
07:7a:99:90:e1:3a:d1:d8:2c:1c:d0:6a:63:de:3b:7a:cc:6b:
df:63:3d:16:f2:e6:eb:3a:58:7f:5f:83:4e:92:4c:64:57:17:
0e:a5:23:5d:55:12:5e:f7:d4:38:c0:20:ac:3b:05:8d:91:b0:
5f:dc:ff:2c:ff:33:de:59:29:36:82:b1:a4:f4:0c:6a:00:d0:
c9:26:5e:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRFery0gMcxDa3M3o2nbAOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTViZjljNjFjODVkYjdjOTlhYzRjZGY3OTI1N2U3OTk3
YWI3N2MwHhcNMjUwMTA4MTAzNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWYzNTlkZDQxZTU5NTIxZjFlZTAyMTU5MTBiMTc1YTg0N2JhYWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9fIDTXA3S7eGtxKJ5jtqJyNP3doY
DlRo+1zuOAdXUdEDet5lmqnqpV19uZCXH1Y1/lDldNy3PuHDBJkQ+19tpLnXs+at
moCqtxwCyHhxkPbUCETMsgy44ApJnwFmo1RHzsQavuQq5tBThIm1kskJqnkWD12p
iS9DthMtI/LSyj+5AMmAnESsBzaF8vUsJdgvS3+QBPLA202SEnjqaDq8+CW4Wgn+
cm7J1as+iHrpgrEOZQk8G3uW9tlmBBnhKHpq010wHjyJCattoopF+C2E8/1IOfXT
bB0/f0T6ev8bO0+SOp8xt6y5bNcjv8wI6gaY0AP00qOR1HLxN31P9SnaEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD7zWd1B5ZUh8e4CFZELF1qEe6qiMB8GA1UdIwQY
MBaAFCQVv5xhyF23yZrEzfeSV+eZerd8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMt
NmExOGRjODgxNmRiLzEvUHZOWjNVSGxsU0h4N2dJVmtRc1hXb1I3cXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMtNmExOGRjODgxNmRi
LzEvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZmZMA0G
CSqGSIb3DQEBCwUAA4IBAQAIpoTqNFAUs6lBpKEmdZbgSXv4hHPdo7Y2qeuZARel
EOnWpyDZseLaxMQ4ykx90fIx3QocItI2YvdlLBFHEkokgqcraSH2eTc+XGZ0iIl7
jZx/XTAa9tANRsl1SqbuOSej0J+EiChgQjUrKeUy7A+zTKRdL5MRyeIKahL8yIsR
fx08f/X1eRCOcsfxFlENV2Ewd5xc17Wd1HuRbXz5hqBbSWIJ8lyAdQrg4U9EnXvy
qlcqC44HepmQ4TrR2Cwc0Gpj3jt6zGvfYz0W8ubrOlh/X4NOkkxkVxcOpSNdVRJe
99Q4wCCsOwWNkbBf3P8s/zPeWSk2grGk9AxqANDJJl69
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:13:06 2025 by rpki-client