Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Pvh5fmzoyH-RFnJg3UHQVWcWP1U.roa
File: Pvh5fmzoyH-RFnJg3UHQVWcWP1U.roa (raw, json)
Hash identifier: hsN2iidrEHz8T8/ADRt3u1w9uq+mV9hDuwz9UK3RzO0=
Subject key identifier: 3E:F8:79:7E:6C:E8:C8:7F:91:16:72:60:DD:41:D0:55:67:16:3F:55
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 426D0720
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Pvh5fmzoyH-RFnJg3UHQVWcWP1U.roa
Signing time: Sat 01 Jan 2022 14:03:12 +0000
ROA not before: Sat 01 Jan 2022 14:03:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43289
IP address blocks: 192.121.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1114441504 (0x426d0720)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ef8797e6ce8c87f91167260dd41d05567163f55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:78:b3:a5:89:8a:fc:ec:04:c2:05:33:9d:fc:
53:d6:74:3a:af:7f:e6:cb:9e:31:5b:4f:20:e2:26:
ae:81:61:66:a5:2d:d0:69:bf:ec:48:f0:03:09:50:
21:02:24:51:98:07:f9:90:f3:05:6c:a6:3d:d5:b6:
08:9a:bc:fe:e3:0a:79:e6:91:ee:5b:4a:fd:54:d7:
fa:d7:7b:2c:4f:c1:d8:71:70:e3:f3:75:4c:f8:20:
4a:d3:d9:a4:67:5b:f2:ec:00:d7:21:47:39:0a:f0:
7a:ec:6c:fc:7b:13:5e:e7:e1:c3:e8:e3:91:10:eb:
3b:cc:26:ef:e6:c4:f1:b7:d9:d2:90:02:ff:86:d8:
d6:cb:b9:3c:76:87:ba:d4:99:3f:b9:7a:3c:66:ef:
c8:5b:b2:8c:4b:a5:6f:59:6a:de:43:a5:ec:6f:1d:
f5:6e:89:a6:76:e2:6c:b4:93:a9:ff:df:6c:72:1c:
6d:06:c9:aa:a1:8c:d9:89:87:9f:57:24:2d:30:5d:
6f:2f:b7:f7:6e:71:80:c1:cf:1f:2f:21:54:4a:ed:
aa:77:9c:c2:05:ca:13:b4:aa:8e:5d:2c:bd:d8:49:
78:bb:ca:da:ee:04:63:2e:a2:77:ee:92:0d:d2:04:
60:99:a8:1c:aa:b7:30:c0:94:99:58:f5:e4:a4:a5:
b8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:F8:79:7E:6C:E8:C8:7F:91:16:72:60:DD:41:D0:55:67:16:3F:55
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Pvh5fmzoyH-RFnJg3UHQVWcWP1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.87.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:46:d7:be:f6:0a:89:fa:f0:6e:bb:25:7c:d2:af:44:23:7d:
c7:f4:79:2c:6d:46:aa:cc:0e:3e:cd:e1:26:4d:b5:74:6b:d6:
ab:d6:be:13:5f:d7:21:5d:d1:8d:33:ce:87:36:97:d6:3f:00:
9d:61:cd:4d:4e:15:1a:52:31:6c:49:b3:18:cd:2e:ce:a7:dc:
86:cb:21:e2:a1:00:a4:b0:9d:52:49:99:79:92:f6:c4:c1:9e:
7c:2f:11:96:db:d6:eb:89:bf:35:88:3f:02:d7:cc:13:37:8b:
2f:7d:32:1c:5d:b7:1b:ed:39:cc:4f:20:e5:81:5e:d8:66:33:
85:54:25:99:1f:82:e3:9b:c1:18:01:77:ad:6f:93:74:f9:97:
c3:e1:d6:c4:1a:27:a3:59:6f:9c:d0:5d:4e:dd:f4:fd:14:a1:
62:b9:be:9d:4b:d3:40:84:4a:5e:a2:34:db:46:21:28:96:29:
b0:f3:0b:f2:23:0e:fb:41:d0:c8:45:8f:a1:34:6f:a2:ff:08:
57:e2:9b:d3:68:23:47:7c:d4:1a:c6:89:9d:4e:6b:0f:5e:a5:
f7:fb:b0:fd:96:95:ad:44:e3:c2:57:a5:57:6a:09:29:41:1e:
86:49:6e:b2:a0:66:29:50:ea:47:c2:63:32:9b:0e:59:73:3f:
9d:be:ba:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQm0HIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VmODc5N2U2Y2U4
Yzg3ZjkxMTY3MjYwZGQ0MWQwNTU2NzE2M2Y1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKR4s6WJivzsBMIFM538U9Z0Oq9/5sueMVtPIOImroFhZqUt
0Gm/7EjwAwlQIQIkUZgH+ZDzBWymPdW2CJq8/uMKeeaR7ltK/VTX+td7LE/B2HFw
4/N1TPggStPZpGdb8uwA1yFHOQrweuxs/HsTXufhw+jjkRDrO8wm7+bE8bfZ0pAC
/4bY1su5PHaHutSZP7l6PGbvyFuyjEulb1lq3kOl7G8d9W6JpnbibLSTqf/fbHIc
bQbJqqGM2YmHn1ckLTBdby+3925xgMHPHy8hVErtqnecwgXKE7Sqjl0svdhJeLvK
2u4EYy6id+6SDdIEYJmoHKq3MMCUmVj15KSluLECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ++Hl+bOjIf5EWcmDdQdBVZxY/VTAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L1B2aDVmbXpveUgtUkZuSmczVUhRVldjV1AxVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMB5VzANBgkqhkiG9w0BAQsFAAOC
AQEAuUbXvvYKifrwbrslfNKvRCN9x/R5LG1GqswOPs3hJk21dGvWq9a+E1/XIV3R
jTPOhzaX1j8AnWHNTU4VGlIxbEmzGM0uzqfchssh4qEApLCdUkmZeZL2xMGefC8R
ltvW64m/NYg/AtfMEzeLL30yHF23G+05zE8g5YFe2GYzhVQlmR+C45vBGAF3rW+T
dPmXw+HWxBono1lvnNBdTt30/RShYrm+nUvTQIRKXqI020YhKJYpsPML8iMO+0HQ
yEWPoTRvov8IV+Kb02gjR3zUGsaJnU5rD16l9/uw/ZaVrUTjwlelV2oJKUEehklu
sqBmKVDqR8JjMpsOWXM/nb66Aw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:02 2025 by rpki-client