Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/61b50b-fa57-438d-8697-36f2adc0d6c9/1/PIhRrwOMbgm1mwCkLcpghg_dQS4.roa
File: PIhRrwOMbgm1mwCkLcpghg_dQS4.roa (raw, json)
Hash identifier: ZbS/WuYKI/a9kSF33p+BijqtUZs9QFvuzCCc/v0IpMk=
Subject key identifier: 3C:88:51:AF:03:8C:6E:09:B5:9B:00:A4:2D:CA:60:86:0F:DD:41:2E
Certificate issuer: /CN=be8bd50deed764d7aefcfd55a04b2e2357068c6c
Certificate serial: 0185718C4613EA333F48E9351FAE48905B30
Authority key identifier: BE:8B:D5:0D:EE:D7:64:D7:AE:FC:FD:55:A0:4B:2E:23:57:06:8C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vovVDe7XZNeu_P1VoEsuI1cGjGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/61b50b-fa57-438d-8697-36f2adc0d6c9/1/PIhRrwOMbgm1mwCkLcpghg_dQS4.roa
Signing time: Mon 02 Jan 2023 08:14:56 +0000
ROA not before: Mon 02 Jan 2023 08:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210369
IP address blocks: 185.39.11.0/24 maxlen: 24
2a12:6c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:46:13:ea:33:3f:48:e9:35:1f:ae:48:90:5b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8bd50deed764d7aefcfd55a04b2e2357068c6c
Validity
Not Before: Jan 2 08:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c8851af038c6e09b59b00a42dca60860fdd412e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4d:5c:92:48:4e:65:a9:ca:82:92:ed:4a:f7:
6a:3f:d2:96:d4:fc:70:cb:0c:dc:13:a3:68:9a:15:
53:eb:ce:17:6c:7a:d6:0b:7a:0c:56:69:80:f5:89:
9f:46:c6:a7:96:ac:0b:78:e8:70:a5:29:c3:8f:05:
41:e6:e1:be:92:01:83:8e:d4:c4:66:f7:c6:19:21:
ab:c2:a2:6a:69:55:fe:75:3b:a8:63:91:2a:7c:bc:
86:91:30:79:27:e6:18:a4:c7:9e:f5:6f:1d:b7:ba:
00:2d:52:0b:57:a5:6b:c3:44:6f:83:ae:fc:c8:de:
dc:e8:2c:23:6d:1d:f6:c7:96:24:3a:da:97:e1:e1:
d4:2c:58:70:f9:46:81:02:84:9e:43:fd:32:be:fa:
00:9a:56:f7:31:1e:d5:76:53:ba:36:90:07:26:f8:
72:93:d5:ed:d6:f7:12:5f:d2:57:23:66:ef:61:7d:
44:88:4e:a4:b0:6f:bc:32:19:3f:e5:57:88:e8:c1:
13:91:a5:49:7d:d3:68:df:05:91:84:94:8c:16:41:
18:05:aa:9e:04:94:fa:90:33:8b:e3:6c:78:a7:2e:
91:a8:55:bc:7d:bb:8b:c4:f9:ad:af:4b:a0:ae:13:
aa:76:f0:c1:5e:ec:de:c5:16:ca:25:77:e6:61:e5:
3d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:88:51:AF:03:8C:6E:09:B5:9B:00:A4:2D:CA:60:86:0F:DD:41:2E
X509v3 Authority Key Identifier:
keyid:BE:8B:D5:0D:EE:D7:64:D7:AE:FC:FD:55:A0:4B:2E:23:57:06:8C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vovVDe7XZNeu_P1VoEsuI1cGjGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/61b50b-fa57-438d-8697-36f2adc0d6c9/1/PIhRrwOMbgm1mwCkLcpghg_dQS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/61b50b-fa57-438d-8697-36f2adc0d6c9/1/vovVDe7XZNeu_P1VoEsuI1cGjGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.11.0/24
IPv6:
2a12:6c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:b4:6e:d0:da:b2:f6:ae:a1:f0:66:b9:31:a7:a0:fd:a5:77:
9a:ac:98:19:f6:72:ed:1e:5d:2a:b6:8f:a3:21:b0:8d:b3:18:
aa:c6:77:40:d5:ef:a0:d5:38:56:2a:6e:1a:9f:bc:22:e9:ff:
ca:32:9f:78:7e:0a:21:68:48:1c:db:55:62:53:5d:bd:28:9e:
57:a5:30:28:62:e4:87:a0:bc:0e:c7:2c:ae:4c:3a:b3:40:5e:
33:17:42:78:76:f6:65:a9:3c:13:e1:44:5d:85:92:d6:8e:b0:
a2:4a:9c:68:a4:d7:85:7b:62:b2:95:e5:e8:1e:4c:84:03:e7:
ef:46:c0:19:ec:dd:bc:af:8c:88:fd:ed:5a:af:96:35:80:7d:
4b:14:21:66:44:3e:8c:ee:f5:84:ea:90:d1:1c:20:db:8a:18:
81:2f:ea:b6:41:9d:d1:a1:7f:de:24:ba:fe:3f:58:38:63:2c:
e7:fd:36:05:2b:52:ee:3f:48:cf:8c:9f:e5:df:db:80:81:80:
1d:ed:79:70:24:03:c0:f1:61:01:48:d7:42:06:17:36:5b:14:
9e:6a:8d:60:05:77:e7:a1:56:51:27:2c:8c:65:7f:6c:b7:87:
65:fc:74:ff:48:16:c2:bd:3f:69:8a:a8:5e:99:91:60:4d:e2:
c2:ed:ca:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxjEYT6jM/SOk1H65IkFswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGJkNTBkZWVkNzY0ZDdhZWZjZmQ1NWEwNGIyZTIzNTcw
NjhjNmMwHhcNMjMwMTAyMDgxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzg4NTFhZjAzOGM2ZTA5YjU5YjAwYTQyZGNhNjA4NjBmZGQ0MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl01ckkhOZanKgpLtSvdqP9KW1Pxw
ywzcE6NomhVT684XbHrWC3oMVmmA9YmfRsanlqwLeOhwpSnDjwVB5uG+kgGDjtTE
ZvfGGSGrwqJqaVX+dTuoY5EqfLyGkTB5J+YYpMee9W8dt7oALVILV6Vrw0Rvg678
yN7c6CwjbR32x5YkOtqX4eHULFhw+UaBAoSeQ/0yvvoAmlb3MR7VdlO6NpAHJvhy
k9Xt1vcSX9JXI2bvYX1EiE6ksG+8Mhk/5VeI6METkaVJfdNo3wWRhJSMFkEYBaqe
BJT6kDOL42x4py6RqFW8fbuLxPmtr0ugrhOqdvDBXuzexRbKJXfmYeU9qwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDyIUa8DjG4JtZsApC3KYIYP3UEuMB8GA1UdIwQY
MBaAFL6L1Q3u12TXrvz9VaBLLiNXBoxsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm92VkRlN1haTmV1X1AxVm9Fc3VJMWNHakd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy82MWI1MGItZmE1Ny00MzhkLTg2OTct
MzZmMmFkYzBkNmM5LzEvUEloUnJ3T01iZ20xbXdDa0xjcGdoZ19kUVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy82MWI1MGItZmE1Ny00MzhkLTg2OTctMzZmMmFkYzBkNmM5
LzEvdm92VkRlN1haTmV1X1AxVm9Fc3VJMWNHakd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuScLMA0E
AgACMAcDBQMqEgbAMA0GCSqGSIb3DQEBCwUAA4IBAQAAtG7Q2rL2rqHwZrkxp6D9
pXearJgZ9nLtHl0qto+jIbCNsxiqxndA1e+g1ThWKm4an7wi6f/KMp94fgohaEgc
21ViU129KJ5XpTAoYuSHoLwOxyyuTDqzQF4zF0J4dvZlqTwT4URdhZLWjrCiSpxo
pNeFe2KyleXoHkyEA+fvRsAZ7N28r4yI/e1ar5Y1gH1LFCFmRD6M7vWE6pDRHCDb
ihiBL+q2QZ3RoX/eJLr+P1g4Yyzn/TYFK1LuP0jPjJ/l39uAgYAd7XlwJAPA8WEB
SNdCBhc2WxSeao1gBXfnoVZRJyyMZX9st4dl/HT/SBbCvT9piqhemZFgTeLC7cpD
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:15 2025 by rpki-client