Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/PMMBSnJoRhCbNKWTkju3WVEtG2k.roa
File: PMMBSnJoRhCbNKWTkju3WVEtG2k.roa (raw, json)
Hash identifier: zy/IB0/VOMtghncIpHK3jpa51Bz899XIEXVygsAg/1I=
Subject key identifier: 3C:C3:01:4A:72:68:46:10:9B:34:A5:93:92:3B:B7:59:51:2D:1B:69
Certificate issuer: /CN=1fe8ee87853406cd8d04ba8e39bf7a51ffb8a3bc
Certificate serial: 018CC424DF295955EDDC4220C6A553439255
Authority key identifier: 1F:E8:EE:87:85:34:06:CD:8D:04:BA:8E:39:BF:7A:51:FF:B8:A3:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-juh4U0Bs2NBLqOOb96Uf-4o7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/PMMBSnJoRhCbNKWTkju3WVEtG2k.roa
Signing time: Mon 01 Jan 2024 08:29:59 +0000
ROA not before: Mon 01 Jan 2024 08:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201895
IP address blocks: 185.60.160.0/24 maxlen: 24
185.60.163.0/24 maxlen: 24
185.60.161.0/24 maxlen: 24
2a02:73a0:90::/48 maxlen: 48
2a02:73a0:70::/48 maxlen: 48
2a02:73a0:60::/48 maxlen: 48
2a02:73a0:50::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:df:29:59:55:ed:dc:42:20:c6:a5:53:43:92:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe8ee87853406cd8d04ba8e39bf7a51ffb8a3bc
Validity
Not Before: Jan 1 08:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cc3014a726846109b34a593923bb759512d1b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:37:f5:78:f3:e7:ad:54:3c:8f:6b:d5:5e:7f:
9b:84:e5:c7:29:89:61:94:3d:e5:69:4c:aa:65:e9:
69:d8:5f:5d:2e:12:b9:2d:0d:da:07:a3:c7:f5:ee:
e4:d6:fa:d5:1f:8a:0e:2d:38:6c:8c:b6:a6:be:5e:
37:75:1f:27:31:42:d6:38:c2:10:ad:59:63:09:37:
2b:bb:0a:e2:e2:f0:23:2c:3a:97:4e:d1:18:86:66:
df:07:48:1d:f9:f4:5c:ce:7a:a4:3f:b8:b1:71:64:
e4:d3:f5:2c:2e:19:e2:7f:e7:5e:65:49:a9:54:c8:
9c:35:74:40:7b:1d:b1:28:1c:d6:61:e8:eb:a9:5b:
73:1b:c2:be:47:ff:2e:2c:12:68:48:80:d2:be:3d:
0a:58:a5:b1:a3:00:16:c2:ed:77:d8:06:c2:05:4e:
b1:11:94:48:9c:76:6f:8d:ae:e1:ae:04:f4:95:52:
be:18:73:08:d6:30:88:1d:20:85:63:a0:5f:79:89:
be:81:15:69:dd:ea:02:73:c3:bf:16:b5:ce:f5:15:
57:03:6a:13:7f:4f:8d:79:f5:e9:29:ed:0d:01:d0:
07:fe:a3:44:82:4e:4e:3e:b6:08:b1:bb:a8:6e:81:
00:cf:d8:13:9b:6e:c2:e9:fb:95:58:13:b3:66:15:
a6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C3:01:4A:72:68:46:10:9B:34:A5:93:92:3B:B7:59:51:2D:1B:69
X509v3 Authority Key Identifier:
keyid:1F:E8:EE:87:85:34:06:CD:8D:04:BA:8E:39:BF:7A:51:FF:B8:A3:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-juh4U0Bs2NBLqOOb96Uf-4o7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/PMMBSnJoRhCbNKWTkju3WVEtG2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/H-juh4U0Bs2NBLqOOb96Uf-4o7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.160.0/23
185.60.163.0/24
IPv6:
2a02:73a0:50::/48
2a02:73a0:60::/48
2a02:73a0:70::/48
2a02:73a0:90::/48
Signature Algorithm: sha256WithRSAEncryption
92:25:76:91:3a:dc:4f:92:5b:97:29:48:c1:f3:1f:95:78:71:
0f:c3:41:1c:2c:c0:64:4f:17:f8:d0:dd:47:9e:c8:69:8f:1f:
5e:cc:7b:e9:3c:8a:38:c4:6b:bf:57:50:eb:2b:1d:60:81:4b:
84:41:0d:61:44:e2:0b:37:f0:92:e8:ef:0b:64:f1:4c:66:60:
04:38:8f:9d:b8:6b:76:31:a5:a6:c4:44:dc:e8:12:b8:2b:23:
7b:d6:5a:cc:18:89:42:63:50:0a:be:f2:f4:5e:f2:4b:28:b0:
2c:d6:09:74:6e:e6:06:b6:d9:31:10:aa:0f:2c:35:85:29:a4:
7d:ba:04:56:91:b5:35:19:5d:f5:c5:02:a7:e6:ab:cb:d9:d7:
b1:d4:a2:b5:01:17:9a:19:6e:6e:d3:81:e5:43:6c:99:6f:38:
e6:bc:59:1e:f9:b1:f2:37:2b:87:84:7e:02:a3:7f:d4:20:ad:
a3:1c:84:c4:71:cd:cb:02:f1:5d:41:6a:56:56:66:4e:56:6d:
2c:f5:dc:9e:dd:66:74:67:3f:fd:97:6f:57:d7:e2:f1:f9:99:
94:63:53:2b:84:7f:6b:3e:f3:7d:e7:40:37:40:72:3b:13:10:
d6:55:c8:8f:94:31:55:03:32:ef:16:76:09:5b:ed:3b:9e:f9:
58:50:76:2d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzEJN8pWVXt3EIgxqVTQ5JVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZThlZTg3ODUzNDA2Y2Q4ZDA0YmE4ZTM5YmY3YTUxZmZi
OGEzYmMwHhcNMjQwMTAxMDgyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2MzMDE0YTcyNjg0NjEwOWIzNGE1OTM5MjNiYjc1OTUxMmQxYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDf1ePPnrVQ8j2vVXn+bhOXHKYlh
lD3laUyqZelp2F9dLhK5LQ3aB6PH9e7k1vrVH4oOLThsjLamvl43dR8nMULWOMIQ
rVljCTcruwri4vAjLDqXTtEYhmbfB0gd+fRcznqkP7ixcWTk0/UsLhnif+deZUmp
VMicNXRAex2xKBzWYejrqVtzG8K+R/8uLBJoSIDSvj0KWKWxowAWwu132AbCBU6x
EZRInHZvja7hrgT0lVK+GHMI1jCIHSCFY6BfeYm+gRVp3eoCc8O/FrXO9RVXA2oT
f0+NefXpKe0NAdAH/qNEgk5OPrYIsbuoboEAz9gTm27C6fuVWBOzZhWmAQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDzDAUpyaEYQmzSlk5I7t1lRLRtpMB8GA1UdIwQY
MBaAFB/o7oeFNAbNjQS6jjm/elH/uKO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1qdWg0VTBCczJOQkxxT09iOTZVZi00bzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8wMDQ0MWQtODBlNC00ZDE4LTk1ODEt
NWM1ZWFiOGE5ZTNjLzEvUE1NQlNuSm9SaENiTktXVGtqdTNXVkV0RzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8wMDQ0MWQtODBlNC00ZDE4LTk1ODEtNWM1ZWFiOGE5ZTNj
LzEvSC1qdWg0VTBCczJOQkxxT09iOTZVZi00bzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQBuTygAwQA
uTyjMCoEAgACMCQDBwAqAnOgAFADBwAqAnOgAGADBwAqAnOgAHADBwAqAnOgAJAw
DQYJKoZIhvcNAQELBQADggEBAJIldpE63E+SW5cpSMHzH5V4cQ/DQRwswGRPF/jQ
3UeeyGmPH17Me+k8ijjEa79XUOsrHWCBS4RBDWFE4gs38JLo7wtk8UxmYAQ4j524
a3YxpabERNzoErgrI3vWWswYiUJjUAq+8vRe8ksosCzWCXRu5ga22TEQqg8sNYUp
pH26BFaRtTUZXfXFAqfmq8vZ17HUorUBF5oZbm7TgeVDbJlvOOa8WR75sfI3K4eE
fgKjf9QgraMchMRxzcsC8V1BalZWZk5WbSz13J7dZnRnP/2Xb1fX4vH5mZRjUyuE
f2s+833nQDdAcjsTENZVyI+UMVUDMu8Wdglb7Tue+VhQdi0=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:00:21 2025 by rpki-client