Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/PnafkPCamdhkcTGk5NujtOdHIqQ.roa
File: PnafkPCamdhkcTGk5NujtOdHIqQ.roa (raw, json)
Hash identifier: XHjMqtABjqUwCdcYd6TzXf8yOgosXtRcjT4dzoRau30=
Subject key identifier: 3E:76:9F:90:F0:9A:99:D8:64:71:31:A4:E4:DB:A3:B4:E7:47:22:A4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274866BE0D927E47754F2380EBFB9F9F
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/PnafkPCamdhkcTGk5NujtOdHIqQ.roa
Signing time: Thu 02 Jan 2025 13:50:43 +0000
ROA not before: Thu 02 Jan 2025 13:50:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197942
IP address blocks: 192.36.180.0/24 maxlen: 24
192.121.9.0/24 maxlen: 24
192.121.242.0/24 maxlen: 24
193.180.81.0/24 maxlen: 24
193.180.160.0/23 maxlen: 23
193.182.121.0/24 maxlen: 24
193.183.182.0/24 maxlen: 24
193.183.188.0/24 maxlen: 24
193.234.70.0/24 maxlen: 24
193.234.81.0/24 maxlen: 24
193.234.93.0/24 maxlen: 24
193.234.198.0/24 maxlen: 24
193.234.203.0/24 maxlen: 24
194.14.187.0/24 maxlen: 24
194.14.218.0/24 maxlen: 24
194.71.64.0/22 maxlen: 22
194.71.68.0/22 maxlen: 22
194.71.72.0/21 maxlen: 24
194.71.80.0/24 maxlen: 24
194.71.81.0/24 maxlen: 24
194.71.82.0/24 maxlen: 24
194.103.18.0/24 maxlen: 24
194.132.133.0/24 maxlen: 24
2a01:280:3a8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:66:be:0d:92:7e:47:75:4f:23:80:eb:fb:9f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e769f90f09a99d8647131a4e4dba3b4e74722a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d1:04:2f:7d:2c:4a:0d:45:02:3c:d0:f8:f0:
8f:80:26:b7:ea:b0:22:2f:0e:de:44:c5:3c:1e:c9:
9a:61:a6:db:e4:e4:e7:47:73:17:ad:b7:63:a1:c0:
78:da:3d:0c:9f:57:b4:c8:a5:6e:09:57:b5:a6:e4:
e6:94:dd:d0:47:92:6e:4e:18:68:44:5d:89:11:e7:
8d:f0:c7:9f:f1:d8:e2:91:3c:6c:44:6b:df:d2:4d:
8c:31:42:74:f9:cf:09:f8:32:bf:55:be:4c:83:0f:
c1:42:c5:97:69:63:b0:a9:db:26:58:86:e2:89:c5:
c8:3e:aa:3c:07:c5:17:d3:31:66:65:bc:10:74:81:
bc:50:35:db:b2:ab:d6:b3:7a:40:47:c2:ad:40:9b:
54:a0:54:ba:ba:74:91:ab:9a:11:5b:c9:3e:4e:36:
79:e1:73:86:a8:d4:44:16:d9:88:d8:04:14:62:a6:
ab:4b:45:67:d3:cf:48:f3:bc:17:5a:45:ac:e5:e0:
7d:4b:e1:94:c1:dd:67:70:b3:38:8b:c8:1b:b5:57:
35:02:9b:46:23:43:95:78:b1:1f:4c:ad:ed:44:1c:
eb:46:13:96:db:43:57:1c:52:a2:f2:13:26:fc:f6:
57:f0:e8:25:4f:1b:89:3b:3d:25:70:35:5c:0a:6a:
5b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:76:9F:90:F0:9A:99:D8:64:71:31:A4:E4:DB:A3:B4:E7:47:22:A4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/PnafkPCamdhkcTGk5NujtOdHIqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.180.0/24
192.121.9.0/24
192.121.242.0/24
193.180.81.0/24
193.180.160.0/23
193.182.121.0/24
193.183.182.0/24
193.183.188.0/24
193.234.70.0/24
193.234.81.0/24
193.234.93.0/24
193.234.198.0/24
193.234.203.0/24
194.14.187.0/24
194.14.218.0/24
194.71.64.0-194.71.82.255
194.103.18.0/24
194.132.133.0/24
IPv6:
2a01:280:3a8::/48
Signature Algorithm: sha256WithRSAEncryption
8f:e8:b3:ac:27:73:25:9b:cc:ac:8d:32:69:05:ad:a7:08:23:
cd:d6:5d:6c:95:8f:8f:fb:c1:ad:9c:fd:a5:c5:8d:f0:a1:c2:
35:ed:a2:07:74:d7:67:44:67:a9:0b:be:19:1c:54:77:ba:e3:
dc:e2:ae:2d:90:26:07:be:3c:d4:6b:81:02:10:0b:40:49:27:
87:84:4f:47:f5:7b:cc:5e:43:e7:34:61:ae:16:10:57:b9:9c:
2a:b5:b9:c3:c1:8c:72:3d:75:10:12:0a:91:2b:34:4c:b2:09:
80:c7:06:58:b5:94:c5:b0:78:83:2d:54:18:39:71:df:44:4f:
08:17:e1:9f:3c:ed:15:37:c8:5c:4b:9f:9e:d5:57:a0:ed:18:
08:ac:c0:b7:81:d0:87:ed:c4:f6:9b:13:87:13:bf:39:ae:ad:
7e:d9:24:3f:b8:30:44:e4:6f:a3:8e:25:42:1e:64:e8:dc:15:
81:ad:1c:cd:60:7e:6d:51:ae:61:e7:2b:30:85:3a:4a:01:bb:
fe:c9:fe:f5:64:68:19:d4:44:b0:c5:4c:fe:02:16:cf:80:97:
9f:44:91:6b:58:52:d4:35:1a:89:8e:8d:f7:6f:d0:5e:14:e9:
12:93:3d:54:49:23:40:83:e2:e3:df:02:d0:d6:33:5a:62:e4:
c8:79:41:75
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZQnSGa+DZJ+R3VPI4Dr+5+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTc2OWY5MGYwOWE5OWQ4NjQ3MTMxYTRlNGRiYTNiNGU3NDcyMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdEEL30sSg1FAjzQ+PCPgCa36rAi
Lw7eRMU8HsmaYabb5OTnR3MXrbdjocB42j0Mn1e0yKVuCVe1puTmlN3QR5JuThho
RF2JEeeN8Mef8djikTxsRGvf0k2MMUJ0+c8J+DK/Vb5Mgw/BQsWXaWOwqdsmWIbi
icXIPqo8B8UX0zFmZbwQdIG8UDXbsqvWs3pAR8KtQJtUoFS6unSRq5oRW8k+TjZ5
4XOGqNREFtmI2AQUYqarS0Vn089I87wXWkWs5eB9S+GUwd1ncLM4i8gbtVc1AptG
I0OVeLEfTK3tRBzrRhOW20NXHFKi8hMm/PZX8OglTxuJOz0lcDVcCmpbXQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFD52n5DwmpnYZHExpOTbo7TnRyKkMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUG5hZmtQQ2FtZGhrY1RHazVOdWp0T2RISXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB6BAIAATB0AwQAwCS0
AwQAwHkJAwQAwHnyAwQAwbRRAwQBwbSgAwQAwbZ5AwQAwbe2AwQAwbe8AwQAwepG
AwQAwepRAwQAwepdAwQAwerGAwQAwerLAwQAwg67AwQAwg7aMAwDBAbCR0ADBADC
R1IDBADCZxIDBADChIUwDwQCAAIwCQMHACoBAoADqDANBgkqhkiG9w0BAQsFAAOC
AQEAj+izrCdzJZvMrI0yaQWtpwgjzdZdbJWPj/vBrZz9pcWN8KHCNe2iB3TXZ0Rn
qQu+GRxUd7rj3OKuLZAmB7481GuBAhALQEknh4RPR/V7zF5D5zRhrhYQV7mcKrW5
w8GMcj11EBIKkSs0TLIJgMcGWLWUxbB4gy1UGDlx30RPCBfhnzztFTfIXEufntVX
oO0YCKzAt4HQh+3E9psThxO/Oa6tftkkP7gwRORvo44lQh5k6NwVga0czWB+bVGu
YecrMIU6SgG7/sn+9WRoGdREsMVM/gIWz4CXn0SRa1hS1DUaiY6N92/QXhTpEpM9
VEkjQIPi498C0NYzWmLkyHlBdQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:23 2025 by rpki-client