Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/PXD5OfkeTSRX7DRCsAmDPWQVK6s.roa
File: PXD5OfkeTSRX7DRCsAmDPWQVK6s.roa (raw, json)
Hash identifier: VE7CWpwLT/c8coAf0dD/6JNtBiZsAxjQq109mV9NjNY=
Subject key identifier: 3D:70:F9:39:F9:1E:4D:24:57:EC:34:42:B0:09:83:3D:64:15:2B:AB
Certificate issuer: /CN=c518644ac461ddd2cf4bc5ad5c2b4262535c38c8
Certificate serial: 018582A443FC1F9CF9AED4210800B8A65C70
Authority key identifier: C5:18:64:4A:C4:61:DD:D2:CF:4B:C5:AD:5C:2B:42:62:53:5C:38:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xRhkSsRh3dLPS8WtXCtCYlNcOMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/PXD5OfkeTSRX7DRCsAmDPWQVK6s.roa
Signing time: Thu 05 Jan 2023 15:54:41 +0000
ROA not before: Thu 05 Jan 2023 15:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39758
IP address blocks: 93.113.25.0/24 maxlen: 24
77.81.138.0/24 maxlen: 24
77.81.137.0/24 maxlen: 24
89.36.21.0/24 maxlen: 24
193.203.204.0/23 maxlen: 23
93.113.212.0/24 maxlen: 24
46.102.232.0/23 maxlen: 23
93.115.248.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:82:a4:43:fc:1f:9c:f9:ae:d4:21:08:00:b8:a6:5c:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c518644ac461ddd2cf4bc5ad5c2b4262535c38c8
Validity
Not Before: Jan 5 15:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d70f939f91e4d2457ec3442b009833d64152bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5a:2c:94:ff:69:81:f3:da:be:91:74:0a:59:
11:ac:b9:de:86:00:77:1f:dd:85:df:5f:fd:ef:fc:
3a:64:5e:35:bf:85:02:a5:34:7c:79:b4:0f:54:e5:
38:fc:58:e8:50:8c:c3:38:4a:b9:8e:63:6d:c4:34:
1b:d6:23:64:5a:b7:f5:6e:91:95:7a:c3:1f:df:23:
7f:dc:a2:d7:ca:d1:18:07:03:62:62:dd:66:cc:c6:
3d:a2:bf:d5:72:6d:63:ba:4b:7b:3e:75:9a:68:45:
e1:dc:83:6c:90:f9:e2:02:18:66:18:5a:80:c8:02:
08:bd:f6:6c:82:78:61:3e:84:a6:08:06:f5:ea:d0:
8a:56:71:5d:1d:bc:14:41:b0:c5:5e:36:8a:27:0d:
9a:38:05:23:69:f9:ae:57:5f:73:36:5f:58:bc:ce:
9d:af:a9:6c:ec:e6:24:49:c1:5d:24:cd:b9:4b:bd:
01:ee:b1:17:42:ea:64:f3:a5:a9:21:09:3e:f5:77:
7e:d5:0a:9a:52:3e:31:b9:35:93:a8:11:9f:23:28:
c8:61:fb:80:90:7d:b6:b6:47:2b:41:bd:69:76:41:
86:63:3b:d9:7a:57:8e:ee:86:91:7c:35:9c:47:b1:
76:a0:8d:08:e2:a2:31:5d:f6:d5:db:61:cf:d4:05:
7a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:70:F9:39:F9:1E:4D:24:57:EC:34:42:B0:09:83:3D:64:15:2B:AB
X509v3 Authority Key Identifier:
keyid:C5:18:64:4A:C4:61:DD:D2:CF:4B:C5:AD:5C:2B:42:62:53:5C:38:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRhkSsRh3dLPS8WtXCtCYlNcOMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/PXD5OfkeTSRX7DRCsAmDPWQVK6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/xRhkSsRh3dLPS8WtXCtCYlNcOMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.232.0/23
77.81.137.0-77.81.138.255
89.36.21.0/24
93.113.25.0/24
93.113.212.0/24
93.115.248.0/22
193.203.204.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:af:c7:1b:c9:b1:c7:a9:5a:b4:d8:24:7d:79:ad:bc:2c:c6:
a4:fc:ca:08:e0:ff:f3:ba:f6:2b:2e:5f:93:bc:d6:a6:02:2f:
f7:bf:8f:75:38:a4:18:94:b7:f9:36:37:7f:b0:3f:6d:91:37:
38:30:f1:b3:b9:9f:10:05:04:02:c3:84:a5:51:04:05:2c:31:
e9:17:f5:0f:49:c5:20:47:63:88:52:42:d4:25:55:42:7d:ed:
b9:10:75:39:8e:8b:ad:fe:91:84:9f:2c:97:ab:60:22:12:7b:
34:73:ec:00:ae:11:14:e5:2e:c4:9f:6b:8f:eb:0e:be:e8:cf:
b4:bb:bb:a3:f1:8f:85:0d:12:e9:e7:6d:c7:03:55:8f:94:cb:
25:ff:a6:df:a9:83:6e:e5:6e:34:3f:9d:c8:47:e8:01:5e:e3:
48:46:a4:76:4c:bd:cf:3f:2a:aa:be:42:99:b2:72:b1:c4:78:
62:4b:03:8b:e9:29:ca:52:0c:ed:d6:26:b2:e4:bf:7b:c4:ad:
54:6c:57:70:17:65:e2:62:53:77:6f:eb:23:24:3a:fb:ef:7d:
d5:b2:2e:38:36:02:51:d9:c8:90:b0:e1:a6:5d:00:e9:ad:68:
f9:81:10:0f:d7:43:a1:75:51:83:d5:ac:ec:11:5c:c9:e6:0a:
89:51:81:a8
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYWCpEP8H5z5rtQhCAC4plxwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTg2NDRhYzQ2MWRkZDJjZjRiYzVhZDVjMmI0MjYyNTM1
YzM4YzgwHhcNMjMwMTA1MTU1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDcwZjkzOWY5MWU0ZDI0NTdlYzM0NDJiMDA5ODMzZDY0MTUyYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1oslP9pgfPavpF0ClkRrLnehgB3
H92F31/97/w6ZF41v4UCpTR8ebQPVOU4/FjoUIzDOEq5jmNtxDQb1iNkWrf1bpGV
esMf3yN/3KLXytEYBwNiYt1mzMY9or/Vcm1jukt7PnWaaEXh3INskPniAhhmGFqA
yAIIvfZsgnhhPoSmCAb16tCKVnFdHbwUQbDFXjaKJw2aOAUjafmuV19zNl9YvM6d
r6ls7OYkScFdJM25S70B7rEXQupk86WpIQk+9Xd+1QqaUj4xuTWTqBGfIyjIYfuA
kH22tkcrQb1pdkGGYzvZeleO7oaRfDWcR7F2oI0I4qIxXfbV22HP1AV6OQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFD1w+Tn5Hk0kV+w0QrAJgz1kFSurMB8GA1UdIwQY
MBaAFMUYZErEYd3Sz0vFrVwrQmJTXDjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJoa1NzUmgzZExQUzhXdFhDdENZbE5jT01nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZGY4NzUtMmEyMy00ZmU4LWIxZjAt
Y2ViZGVkMzZmODc4LzEvUFhENU9ma2VUU1JYN0RSQ3NBbURQV1FWSzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZGY4NzUtMmEyMy00ZmU4LWIxZjAtY2ViZGVkMzZmODc4
LzEveFJoa1NzUmgzZExQUzhXdFhDdENZbE5jT01nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBLmboMAwD
BABNUYkDBABNUYoDBABZJBUDBABdcRkDBABdcdQDBAJdc/gDBAHBy8wwDQYJKoZI
hvcNAQELBQADggEBAKuvxxvJscepWrTYJH15rbwsxqT8ygjg//O69isuX5O81qYC
L/e/j3U4pBiUt/k2N3+wP22RNzgw8bO5nxAFBALDhKVRBAUsMekX9Q9JxSBHY4hS
QtQlVUJ97bkQdTmOi63+kYSfLJerYCISezRz7ACuERTlLsSfa4/rDr7oz7S7u6Px
j4UNEunnbccDVY+UyyX/pt+pg27lbjQ/nchH6AFe40hGpHZMvc8/Kqq+QpmycrHE
eGJLA4vpKcpSDO3WJrLkv3vErVRsV3AXZeJiU3dv6yMkOvvvfdWyLjg2AlHZyJCw
4aZdAOmtaPmBEA/XQ6F1UYPVrOwRXMnmColRgag=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:27:06 2025 by rpki-client