Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/PVF7wnGzCTMj-DMi0Yh7tJoQV50.roa
File: PVF7wnGzCTMj-DMi0Yh7tJoQV50.roa (raw, json)
Hash identifier: ifNzodbn64RIKDxyUKgvxQYTPT/TGzAFj9xlomWoMYM=
Subject key identifier: 3D:51:7B:C2:71:B3:09:33:23:F8:33:22:D1:88:7B:B4:9A:10:57:9D
Certificate issuer: /CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
Certificate serial: 0194F0FA9106944CC152C41C76537592B2DF
Authority key identifier: 54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/PVF7wnGzCTMj-DMi0Yh7tJoQV50.roa
Signing time: Mon 10 Feb 2025 17:49:00 +0000
ROA not before: Mon 10 Feb 2025 17:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211557
IP address blocks: 185.23.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f0:fa:91:06:94:4c:c1:52:c4:1c:76:53:75:92:b2:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543c5c34a62ffbed8fc0f0ec01b42c0c50ee7ef7
Validity
Not Before: Feb 10 17:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d517bc271b3093323f83322d1887bb49a10579d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:40:d5:1a:15:02:75:b5:e1:df:6b:df:56:ef:
c3:71:5b:bb:b5:fb:a5:85:fe:df:5b:15:d4:f2:fc:
c7:fc:db:ba:e8:be:bb:48:08:3a:26:f1:98:19:7f:
49:b1:25:bf:85:46:f5:bd:2f:90:1f:43:64:73:06:
fd:05:d8:2c:71:93:a5:95:0a:29:b8:86:55:ae:3e:
b3:b5:c1:4c:f0:7f:be:0a:ba:4c:9e:25:32:5b:60:
d3:6d:75:18:00:e1:7e:12:ec:30:4b:6e:95:30:32:
8f:66:13:f7:e4:0d:64:ea:91:c4:f5:06:c8:5e:5c:
35:5e:37:27:cb:75:14:e6:51:27:47:e9:b6:a1:01:
79:af:25:47:21:5a:b3:f8:25:60:5d:e6:df:70:07:
05:e6:9e:ea:00:2f:de:28:09:39:f9:7e:ca:81:c5:
a5:69:45:9d:be:8c:0e:2f:7e:d9:b2:b8:c5:6b:1c:
18:49:a6:0d:bb:16:3f:9a:17:dd:b2:d0:64:ab:e0:
ed:77:b3:57:13:95:87:8a:2d:a2:cb:41:34:d1:84:
9a:d1:b7:f2:78:9f:15:b3:f8:d3:a5:b7:54:4a:c7:
dd:11:9b:b9:13:8e:c8:c2:0a:ef:fb:f9:ab:62:d7:
11:78:83:35:6d:f5:f2:dc:19:c4:ac:8a:b3:bf:ab:
61:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:51:7B:C2:71:B3:09:33:23:F8:33:22:D1:88:7B:B4:9A:10:57:9D
X509v3 Authority Key Identifier:
keyid:54:3C:5C:34:A6:2F:FB:ED:8F:C0:F0:EC:01:B4:2C:0C:50:EE:7E:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDxcNKYv--2PwPDsAbQsDFDufvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/PVF7wnGzCTMj-DMi0Yh7tJoQV50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/16e022-4da8-4684-85e6-f4f1f93e0467/1/VDxcNKYv--2PwPDsAbQsDFDufvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.17.0/24
Signature Algorithm: sha256WithRSAEncryption
01:60:67:14:96:65:3f:9d:bd:d0:1b:63:82:44:3d:ac:4b:70:
e7:0a:19:20:8a:07:2e:fe:09:be:9a:9b:67:8f:e2:4c:cc:86:
fe:1a:e8:dc:b2:86:bf:a7:71:76:41:38:26:4a:f6:cc:6b:15:
76:76:7c:cb:f7:9b:a6:7f:be:7a:fb:dc:82:8b:7a:bb:9e:13:
bf:3d:2e:31:4b:3d:65:ec:36:c5:3d:b5:e4:da:f8:0f:ba:5f:
b6:88:68:65:c3:d3:bc:41:4b:d9:d4:05:2c:e2:6d:80:8d:2e:
da:bb:ac:e4:c6:37:f5:ea:f0:dc:36:fb:5c:d2:52:06:48:a5:
64:34:5e:8c:fe:ef:b7:3b:c2:0d:07:0b:6c:1f:ad:09:da:3f:
c5:b8:0d:08:a6:48:5f:da:92:dd:87:b8:8d:b3:12:c3:80:dd:
a9:5e:83:70:5d:02:26:6d:62:78:ab:96:97:f1:1b:7a:cb:52:
41:f3:ac:16:0c:9b:eb:ec:49:70:0c:5d:af:16:2a:ce:d1:1b:
3f:d5:9b:a1:6d:22:bc:25:3c:99:00:d6:20:2c:ee:9d:ec:f5:
2f:21:27:d1:e5:c0:48:2c:08:4f:ef:68:1e:46:28:0d:69:99:
a5:80:46:1a:c1:79:c8:89:9b:62:c5:69:a9:c2:ff:f9:c0:78:
fa:ad:8e:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTw+pEGlEzBUsQcdlN1krLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2M1YzM0YTYyZmZiZWQ4ZmMwZjBlYzAxYjQyYzBjNTBl
ZTdlZjcwHhcNMjUwMjEwMTc0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDUxN2JjMjcxYjMwOTMzMjNmODMzMjJkMTg4N2JiNDlhMTA1NzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokDVGhUCdbXh32vfVu/DcVu7tful
hf7fWxXU8vzH/Nu66L67SAg6JvGYGX9JsSW/hUb1vS+QH0Nkcwb9BdgscZOllQop
uIZVrj6ztcFM8H++CrpMniUyW2DTbXUYAOF+EuwwS26VMDKPZhP35A1k6pHE9QbI
Xlw1Xjcny3UU5lEnR+m2oQF5ryVHIVqz+CVgXebfcAcF5p7qAC/eKAk5+X7KgcWl
aUWdvowOL37ZsrjFaxwYSaYNuxY/mhfdstBkq+Dtd7NXE5WHii2iy0E00YSa0bfy
eJ8Vs/jTpbdUSsfdEZu5E47Iwgrv+/mrYtcReIM1bfXy3BnErIqzv6th/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1Re8JxswkzI/gzItGIe7SaEFedMB8GA1UdIwQY
MBaAFFQ8XDSmL/vtj8Dw7AG0LAxQ7n73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkR4Y05LWXYtLTJQd1BEc0FiUXNERkR1ZnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8xNmUwMjItNGRhOC00Njg0LTg1ZTYt
ZjRmMWY5M2UwNDY3LzEvUFZGN3duR3pDVE1qLURNaTBZaDd0Sm9RVjUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8xNmUwMjItNGRhOC00Njg0LTg1ZTYtZjRmMWY5M2UwNDY3
LzEvVkR4Y05LWXYtLTJQd1BEc0FiUXNERkR1ZnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRcRMA0G
CSqGSIb3DQEBCwUAA4IBAQABYGcUlmU/nb3QG2OCRD2sS3DnChkgigcu/gm+mptn
j+JMzIb+Gujcsoa/p3F2QTgmSvbMaxV2dnzL95umf756+9yCi3q7nhO/PS4xSz1l
7DbFPbXk2vgPul+2iGhlw9O8QUvZ1AUs4m2AjS7au6zkxjf16vDcNvtc0lIGSKVk
NF6M/u+3O8INBwtsH60J2j/FuA0Ipkhf2pLdh7iNsxLDgN2pXoNwXQImbWJ4q5aX
8Rt6y1JB86wWDJvr7ElwDF2vFirO0Rs/1ZuhbSK8JTyZANYgLO6d7PUvISfR5cBI
LAhP72geRigNaZmlgEYawXnIiZtixWmpwv/5wHj6rY5s
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:18:44 2025 by rpki-client