Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/PajenfXeHdKYmgBKI3XxHUC9GJk.roa
File: PajenfXeHdKYmgBKI3XxHUC9GJk.roa (raw, json)
Hash identifier: qL6L1SaLCo+I4lbRFATM6JBlyt1sJtKF0Hz55SM4eag=
Subject key identifier: 3D:A8:DE:9D:F5:DE:1D:D2:98:9A:00:4A:23:75:F1:1D:40:BD:18:99
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 019423D7D0DE2925038D17D764B1708DFAC7
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/PajenfXeHdKYmgBKI3XxHUC9GJk.roa
Signing time: Wed 01 Jan 2025 21:48:53 +0000
ROA not before: Wed 01 Jan 2025 21:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201525
IP address blocks: 5.149.252.0/23 maxlen: 23
79.141.166.0/23 maxlen: 23
2a01:8640:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:d0:de:29:25:03:8d:17:d7:64:b1:70:8d:fa:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Jan 1 21:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3da8de9df5de1dd2989a004a2375f11d40bd1899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ca:d2:24:e5:5a:ca:94:9a:4c:11:3b:29:fd:
53:59:ad:ab:25:e9:98:62:94:bd:87:c6:21:7e:70:
98:d7:fc:36:92:67:3d:f8:a3:7c:f8:82:01:7c:30:
99:ae:95:1a:cb:77:24:a0:98:dd:e7:c5:73:76:53:
fb:ca:b2:71:4b:04:96:c2:66:f1:d3:99:6b:af:31:
1e:4a:ef:5b:9e:81:4b:8a:16:45:ff:6e:f9:f8:9c:
de:d4:45:cc:9b:c5:d7:6e:d4:02:0e:8c:79:7d:f8:
15:d9:27:83:b2:dd:06:b8:82:e4:4a:5b:98:f6:51:
3a:c4:35:c6:be:f3:de:48:97:2f:42:eb:45:a8:15:
da:7f:23:d6:2e:fc:b0:7f:aa:2d:99:0c:c6:17:63:
ff:4b:89:33:64:8f:ed:8a:97:d7:c3:bf:e6:15:98:
47:0e:5c:e9:0c:c0:a6:34:6e:c3:58:68:43:98:82:
77:64:1b:a9:c5:42:4b:1d:37:4a:ad:f3:7d:15:64:
a7:fc:ac:52:b0:80:d0:e5:ca:82:b7:78:90:af:de:
c8:18:ae:17:8a:a5:4e:b5:df:58:20:75:a8:87:95:
02:e5:a2:ab:93:c3:a4:fc:fd:44:29:27:ba:5b:cd:
18:4a:c1:d3:68:e7:b7:71:d3:f0:1d:b6:5f:53:7b:
93:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A8:DE:9D:F5:DE:1D:D2:98:9A:00:4A:23:75:F1:1D:40:BD:18:99
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/PajenfXeHdKYmgBKI3XxHUC9GJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.252.0/23
79.141.166.0/23
IPv6:
2a01:8640:3::/48
Signature Algorithm: sha256WithRSAEncryption
2d:12:77:e3:46:46:7c:97:d7:4c:b7:3d:cc:d5:65:65:c5:6b:
40:e7:12:57:34:e6:1e:f9:0f:9f:e8:1a:5e:45:62:11:1b:1f:
f3:dd:81:cc:d9:ad:10:23:7b:9a:9d:dc:b6:8d:09:f7:de:39:
dd:1f:aa:94:a2:6f:42:c4:7c:bf:e7:f9:66:4e:92:0b:0c:a1:
f6:1c:e0:dd:d7:f8:6c:5e:2b:3e:ff:d4:e2:2c:c6:13:e2:4b:
a1:ce:8f:7c:09:4f:99:ce:dc:42:b5:22:19:07:76:84:d8:d9:
66:1d:2b:35:f6:21:0f:49:6f:5f:96:7b:fc:9c:b9:91:f2:b9:
d9:01:f4:18:8d:c7:00:0e:4d:11:52:a3:41:e3:1d:d7:e5:02:
20:f9:0e:b3:75:0a:c2:3f:bf:7f:ab:f7:7c:12:2a:b1:14:47:
d5:32:86:1f:e3:8a:2e:af:11:fa:90:ef:6a:ba:96:b8:eb:26:
06:40:08:a1:a5:6b:4d:8f:d4:d0:74:0c:1c:e4:97:f2:a7:28:
56:02:a2:a9:4f:44:d7:48:12:71:f9:1d:be:38:08:1d:3c:79:
71:bb:5c:1a:9a:6f:f3:d0:13:61:32:a8:31:7f:07:8a:19:d9:
a6:33:9a:d6:86:97:d1:0d:13:b1:e9:34:6e:3f:17:c8:77:de:
22:db:e5:06
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQj19DeKSUDjRfXZLFwjfrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjUwMTAxMjE0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGE4ZGU5ZGY1ZGUxZGQyOTg5YTAwNGEyMzc1ZjExZDQwYmQxODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8rSJOVaypSaTBE7Kf1TWa2rJemY
YpS9h8YhfnCY1/w2kmc9+KN8+IIBfDCZrpUay3ckoJjd58VzdlP7yrJxSwSWwmbx
05lrrzEeSu9bnoFLihZF/275+Jze1EXMm8XXbtQCDox5ffgV2SeDst0GuILkSluY
9lE6xDXGvvPeSJcvQutFqBXafyPWLvywf6otmQzGF2P/S4kzZI/tipfXw7/mFZhH
DlzpDMCmNG7DWGhDmIJ3ZBupxUJLHTdKrfN9FWSn/KxSsIDQ5cqCt3iQr97IGK4X
iqVOtd9YIHWoh5UC5aKrk8Ok/P1EKSe6W80YSsHTaOe3cdPwHbZfU3uTjwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFD2o3p313h3SmJoASiN18R1AvRiZMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvUGFqZW5mWGVIZEtZbWdCS0kzWHhIVUM5R0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBBZX8AwQB
T42mMA8EAgACMAkDBwAqAYZAAAMwDQYJKoZIhvcNAQELBQADggEBAC0Sd+NGRnyX
10y3PczVZWXFa0DnElc05h75D5/oGl5FYhEbH/PdgczZrRAje5qd3LaNCffeOd0f
qpSib0LEfL/n+WZOkgsMofYc4N3X+GxeKz7/1OIsxhPiS6HOj3wJT5nO3EK1IhkH
doTY2WYdKzX2IQ9Jb1+We/ycuZHyudkB9BiNxwAOTRFSo0HjHdflAiD5DrN1CsI/
v3+r93wSKrEUR9Uyhh/jii6vEfqQ72q6lrjrJgZACKGla02P1NB0DBzkl/KnKFYC
oqlPRNdIEnH5Hb44CB08eXG7XBqab/PQE2EyqDF/B4oZ2aYzmtaGl9ENE7HpNG4/
F8h33iLb5QY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:11 2025 by rpki-client