Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/PDXR81HWxc4LmZz0o4rlzuBkq-k.roa
File: PDXR81HWxc4LmZz0o4rlzuBkq-k.roa (raw, json)
Hash identifier: pGbVknYLItFYYXOLGoW5IyrgdhcVtFImvBhB0wZtkqs=
Subject key identifier: 3C:35:D1:F3:51:D6:C5:CE:0B:99:9C:F4:A3:8A:E5:CE:E0:64:AB:E9
Certificate issuer: /CN=5f1a427072b31d44784c375dfae42278e71fa836
Certificate serial: 019424B400B7AD1DBA5BC1CA5436DC4A7B31
Authority key identifier: 5F:1A:42:70:72:B3:1D:44:78:4C:37:5D:FA:E4:22:78:E7:1F:A8:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XxpCcHKzHUR4TDdd-uQieOcfqDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/PDXR81HWxc4LmZz0o4rlzuBkq-k.roa
Signing time: Thu 02 Jan 2025 01:49:23 +0000
ROA not before: Thu 02 Jan 2025 01:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 270164
IP address blocks: 185.236.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b4:00:b7:ad:1d:ba:5b:c1:ca:54:36:dc:4a:7b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1a427072b31d44784c375dfae42278e71fa836
Validity
Not Before: Jan 2 01:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c35d1f351d6c5ce0b999cf4a38ae5cee064abe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c2:a5:ba:e1:37:05:54:f0:d0:09:6c:1d:e7:
33:0c:2e:cc:24:8c:01:81:46:1d:07:17:57:60:03:
8e:dd:3f:27:22:5a:12:f0:c1:3f:2e:ea:ad:f1:8d:
0d:5c:5d:8d:00:07:ca:30:f3:c3:32:b3:b2:1b:16:
9a:ca:52:cb:ab:66:9e:73:52:04:09:6a:ff:4e:d1:
1c:ca:95:57:87:01:a4:0c:8e:03:ac:d6:f4:32:c5:
a7:ba:50:9a:67:dc:f3:58:6c:5a:d0:40:4f:72:87:
70:22:c0:42:af:b8:c4:88:4e:21:cb:18:f4:20:6d:
49:ab:4e:a5:fa:02:96:37:7a:21:7d:79:80:46:5d:
12:2f:5c:27:c0:d5:92:78:e4:80:cc:9e:d8:52:b4:
80:83:de:20:cc:7c:3c:f5:10:56:31:9e:4c:c2:f1:
8b:88:3d:ef:f2:4d:19:c5:c1:cb:d1:3f:3e:d3:01:
5d:b0:48:53:55:11:1a:7a:77:a0:e1:e4:f1:2c:a1:
14:93:06:a7:fe:18:b9:64:2d:59:b9:df:c7:4a:04:
c2:cd:5a:c8:21:55:16:cf:ac:73:d2:a8:24:85:1a:
42:cd:5a:28:58:ae:b8:9b:6b:94:e5:51:a1:ef:c5:
95:ed:f0:5a:56:e7:47:e8:3c:17:19:c6:60:19:a4:
65:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:35:D1:F3:51:D6:C5:CE:0B:99:9C:F4:A3:8A:E5:CE:E0:64:AB:E9
X509v3 Authority Key Identifier:
keyid:5F:1A:42:70:72:B3:1D:44:78:4C:37:5D:FA:E4:22:78:E7:1F:A8:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XxpCcHKzHUR4TDdd-uQieOcfqDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/PDXR81HWxc4LmZz0o4rlzuBkq-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/XxpCcHKzHUR4TDdd-uQieOcfqDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.181.0/24
Signature Algorithm: sha256WithRSAEncryption
19:b1:4d:80:0c:aa:04:9b:68:97:3d:02:8f:93:da:77:91:26:
99:b6:2e:87:7f:f5:c5:0c:c8:bf:40:36:69:9a:a2:64:aa:1c:
4b:f7:ee:56:4c:78:86:e9:5c:5a:e3:5e:8d:28:ed:cf:68:35:
2b:ee:e9:ce:5f:07:d3:4b:1f:e6:e0:90:58:b4:d1:1a:72:9a:
72:de:6f:e2:17:21:06:f5:80:c4:45:c4:dd:81:65:e0:2f:d1:
cd:3f:b8:21:38:72:f1:c7:8b:48:67:9e:d1:b5:ff:5a:67:82:
63:57:2a:c3:c5:11:9a:d8:8a:df:cf:3d:c7:8a:57:e8:3a:8f:
b8:db:c5:03:a9:2b:b4:2a:98:27:9b:73:f1:36:ec:3b:43:84:
bc:08:ce:ba:3d:c5:a0:76:e5:92:e9:de:8c:dc:99:e0:fb:81:
28:2c:cc:a1:7a:44:89:5b:29:db:5e:fd:61:8d:1f:8c:b3:95:
2e:03:08:36:ce:61:a2:47:fa:97:54:67:04:12:9c:44:7e:c5:
94:90:73:13:7e:27:3c:6a:7d:9b:de:3c:f4:8c:c9:9d:81:aa:
bf:a1:58:d9:dd:8b:b7:d0:a2:6a:5c:cb:80:8f:aa:4d:4b:9f:
4b:45:4c:ae:e3:39:ac:09:b6:71:8b:29:42:31:ee:c6:9b:6d:
92:eb:c7:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQktAC3rR26W8HKVDbcSnsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWE0MjcwNzJiMzFkNDQ3ODRjMzc1ZGZhZTQyMjc4ZTcx
ZmE4MzYwHhcNMjUwMTAyMDE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzM1ZDFmMzUxZDZjNWNlMGI5OTljZjRhMzhhZTVjZWUwNjRhYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsKluuE3BVTw0AlsHeczDC7MJIwB
gUYdBxdXYAOO3T8nIloS8ME/Luqt8Y0NXF2NAAfKMPPDMrOyGxaaylLLq2aec1IE
CWr/TtEcypVXhwGkDI4DrNb0MsWnulCaZ9zzWGxa0EBPcodwIsBCr7jEiE4hyxj0
IG1Jq06l+gKWN3ohfXmARl0SL1wnwNWSeOSAzJ7YUrSAg94gzHw89RBWMZ5MwvGL
iD3v8k0ZxcHL0T8+0wFdsEhTVREaeneg4eTxLKEUkwan/hi5ZC1Zud/HSgTCzVrI
IVUWz6xz0qgkhRpCzVooWK64m2uU5VGh78WV7fBaVudH6DwXGcZgGaRllQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDw10fNR1sXOC5mc9KOK5c7gZKvpMB8GA1UdIwQY
MBaAFF8aQnBysx1EeEw3XfrkInjnH6g2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHhwQ2NIS3pIVVI0VERkZC11UWllT2NmcURZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8wNzdmNjQtYjg0My00NjlmLTg1NDct
ZGQyMGJiMjA4YmJhLzEvUERYUjgxSFd4YzRMbVp6MG80cmx6dUJrcS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8wNzdmNjQtYjg0My00NjlmLTg1NDctZGQyMGJiMjA4YmJh
LzEvWHhwQ2NIS3pIVVI0VERkZC11UWllT2NmcURZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuey1MA0G
CSqGSIb3DQEBCwUAA4IBAQAZsU2ADKoEm2iXPQKPk9p3kSaZti6Hf/XFDMi/QDZp
mqJkqhxL9+5WTHiG6Vxa416NKO3PaDUr7unOXwfTSx/m4JBYtNEacppy3m/iFyEG
9YDERcTdgWXgL9HNP7ghOHLxx4tIZ57Rtf9aZ4JjVyrDxRGa2Irfzz3HilfoOo+4
28UDqSu0Kpgnm3PxNuw7Q4S8CM66PcWgduWS6d6M3Jng+4EoLMyhekSJWynbXv1h
jR+Ms5UuAwg2zmGiR/qXVGcEEpxEfsWUkHMTfic8an2b3jz0jMmdgaq/oVjZ3Yu3
0KJqXMuAj6pNS59LRUyu4zmsCbZxiylCMe7Gm22S68fg
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:54:43 2025 by rpki-client