Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/PCR_k0kCPWTlDtPtjT63XWLAbow.roa
File: PCR_k0kCPWTlDtPtjT63XWLAbow.roa (raw, json)
Hash identifier: XvPBAeHkdLysVN3yIVGFu8CLA/Zub0s+eBVTBbXo+Z8=
Subject key identifier: 3C:24:7F:93:49:02:3D:64:E5:0E:D3:ED:8D:3E:B7:5D:62:C0:6E:8C
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0193C0A1B304F0E5682C961E8121835FCC1C
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/PCR_k0kCPWTlDtPtjT63XWLAbow.roa
Signing time: Fri 13 Dec 2024 15:27:22 +0000
ROA not before: Fri 13 Dec 2024 15:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.140.59.0/24 maxlen: 24
45.149.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:a1:b3:04:f0:e5:68:2c:96:1e:81:21:83:5f:cc:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Dec 13 15:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c247f9349023d64e50ed3ed8d3eb75d62c06e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b3:51:d5:ad:aa:45:57:b4:f8:d3:70:c4:d5:
69:56:f4:fa:c8:1b:86:ba:42:f8:96:c1:80:9e:fe:
c4:03:f2:e5:f1:c2:82:cc:d6:31:be:a9:35:a3:5f:
a3:fc:01:ee:78:a6:43:a4:04:42:80:5e:7b:af:65:
cb:84:96:ac:26:ef:bb:d4:2e:67:a9:e2:86:a2:dc:
ad:77:89:70:0b:33:c0:e3:77:39:2b:07:70:4a:c4:
a2:5f:13:f7:40:dc:aa:45:53:42:78:b8:80:3c:1d:
73:54:c6:b7:b1:7e:03:35:05:21:f5:4b:ca:16:4f:
ca:bd:85:16:7a:4a:cf:32:c5:8a:53:52:00:1c:a9:
37:ed:d8:ad:1b:a0:ee:dd:29:e7:f8:81:66:d9:9d:
b7:cc:ec:1f:06:b8:52:0e:9e:62:b8:41:78:33:47:
07:68:7f:29:5e:46:31:16:62:1d:07:07:8d:65:09:
81:c0:e2:7b:37:3c:82:26:91:61:ed:79:be:96:c6:
29:2d:5f:06:53:19:2b:54:75:15:22:7c:90:72:5a:
21:97:09:ff:bc:16:3f:12:3c:50:a7:fb:24:68:c6:
a7:25:a6:d4:dd:0c:54:ed:b3:bb:76:ee:f5:bf:47:
8e:e4:c2:5a:80:7c:d4:ba:64:f2:ef:04:8d:af:ce:
9b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:24:7F:93:49:02:3D:64:E5:0E:D3:ED:8D:3E:B7:5D:62:C0:6E:8C
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/PCR_k0kCPWTlDtPtjT63XWLAbow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.59.0/24
45.149.7.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ce:9f:32:90:10:2d:f1:4f:53:85:61:44:81:69:c3:0b:8a:
68:54:d0:62:3d:49:a2:62:e3:be:f9:1f:7c:dd:50:c7:b6:20:
45:2b:e5:35:10:ab:93:59:c8:06:52:d3:12:b1:24:a1:52:d1:
46:12:03:f5:a6:49:6d:4d:4d:7d:21:22:64:cf:b1:d8:35:52:
2b:6e:b6:9d:65:13:67:2c:98:5f:8c:aa:2a:cb:be:0c:c6:d2:
8e:26:b8:4d:be:82:e9:b4:c0:c8:db:cf:56:eb:8a:6c:77:84:
3c:c9:4d:a2:30:d6:1d:3a:0e:3a:2a:07:7f:00:2c:00:d1:fc:
c9:3a:00:23:46:0a:6e:32:97:e8:47:69:eb:ab:37:36:d1:8b:
b3:83:7b:d6:92:58:fd:fc:19:a4:d5:e3:d4:f1:21:6a:09:53:
18:70:27:bd:47:9c:1a:01:95:e4:ed:64:df:9b:ad:c7:e4:4a:
3a:8f:62:92:ed:e3:94:f4:34:93:6b:3e:62:14:78:de:37:e2:
83:eb:75:f7:d8:7a:9e:15:73:53:74:c7:26:50:6c:7b:bb:ef:
25:51:ef:24:9e:73:72:5d:65:cd:57:28:9b:f6:ba:5d:0f:40:
89:33:b7:0c:cc:56:44:6c:53:fe:b9:98:eb:66:d9:db:75:56:
b1:75:12:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPAobME8OVoLJYegSGDX8wcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjQxMjEzMTUyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzI0N2Y5MzQ5MDIzZDY0ZTUwZWQzZWQ4ZDNlYjc1ZDYyYzA2ZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbNR1a2qRVe0+NNwxNVpVvT6yBuG
ukL4lsGAnv7EA/Ll8cKCzNYxvqk1o1+j/AHueKZDpARCgF57r2XLhJasJu+71C5n
qeKGotytd4lwCzPA43c5KwdwSsSiXxP3QNyqRVNCeLiAPB1zVMa3sX4DNQUh9UvK
Fk/KvYUWekrPMsWKU1IAHKk37ditG6Du3Snn+IFm2Z23zOwfBrhSDp5iuEF4M0cH
aH8pXkYxFmIdBweNZQmBwOJ7NzyCJpFh7Xm+lsYpLV8GUxkrVHUVInyQclohlwn/
vBY/EjxQp/skaManJabU3QxU7bO7du71v0eO5MJagHzUumTy7wSNr86bwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDwkf5NJAj1k5Q7T7Y0+t11iwG6MMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvUENSX2swa0NQV1RsRHRQdGpUNjNYV0xBYm93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYw7AwQA
LZUHMA0GCSqGSIb3DQEBCwUAA4IBAQBozp8ykBAt8U9ThWFEgWnDC4poVNBiPUmi
YuO++R983VDHtiBFK+U1EKuTWcgGUtMSsSShUtFGEgP1pkltTU19ISJkz7HYNVIr
bradZRNnLJhfjKoqy74MxtKOJrhNvoLptMDI289W64psd4Q8yU2iMNYdOg46Kgd/
ACwA0fzJOgAjRgpuMpfoR2nrqzc20Yuzg3vWklj9/Bmk1ePU8SFqCVMYcCe9R5wa
AZXk7WTfm63H5Eo6j2KS7eOU9DSTaz5iFHjeN+KD63X32HqeFXNTdMcmUGx7u+8l
Ue8knnNyXWXNVyib9rpdD0CJM7cMzFZEbFP+uZjrZtnbdVaxdRIQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:55:16 2025 by rpki-client