Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/PYMUNxMRt_gy4UkRhPg6f4T0-yw.roa
File: PYMUNxMRt_gy4UkRhPg6f4T0-yw.roa (raw, json)
Hash identifier: KeExTexY+gfbtzCQln+acsSqwSPTDLTEHOpK/x95ZWU=
Subject key identifier: 3D:83:14:37:13:11:B7:F8:32:E1:49:11:84:F8:3A:7F:84:F4:FB:2C
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0194206814480AC75E00675D16955666A8DB
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/PYMUNxMRt_gy4UkRhPg6f4T0-yw.roa
Signing time: Wed 01 Jan 2025 05:47:59 +0000
ROA not before: Wed 01 Jan 2025 05:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62005
IP address blocks: 85.239.52.0/24 maxlen: 24
85.239.53.0/24 maxlen: 24
85.239.54.0/24 maxlen: 24
85.239.55.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:14:48:0a:c7:5e:00:67:5d:16:95:56:66:a8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 05:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d8314371311b7f832e1491184f83a7f84f4fb2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f8:79:e4:b7:6e:5c:67:ae:2b:eb:16:ce:12:
2f:69:6f:9d:b2:c1:14:1e:75:c4:44:ee:a0:14:5d:
c7:59:1a:64:a7:a2:7a:a8:e4:08:8b:a8:b5:5c:ac:
4d:c9:68:61:c9:30:79:49:0c:ed:05:72:3e:0e:5a:
bd:70:41:e0:62:1d:b0:b7:08:c1:84:b5:f7:8b:12:
f7:17:b2:0f:ba:2e:15:6c:6c:98:f6:ce:a9:07:f7:
13:36:cc:54:4f:d9:da:60:da:0e:6a:20:b1:06:ae:
13:24:1f:33:d2:2d:67:9e:af:fb:17:45:a9:f2:51:
05:70:2c:7c:cb:76:52:3c:28:fa:aa:38:1e:63:a1:
91:42:c8:e3:a7:b3:0c:dc:55:f5:be:be:2e:89:bb:
32:60:d0:f7:79:e8:ad:9f:d7:b5:dc:bf:91:5a:66:
69:37:a8:ad:76:1b:ba:c9:97:71:4a:19:f1:de:7d:
4c:44:39:e0:bb:0b:1a:c8:3b:86:ac:bf:07:f1:69:
a0:ed:98:eb:df:7c:8e:5f:df:da:24:0e:2f:2a:cb:
6b:de:6b:72:e9:b9:e4:8e:fa:07:f5:f8:8f:9d:78:
5b:c6:53:1e:28:e4:66:3b:b6:85:b6:50:b9:99:0b:
c4:d5:85:c4:81:4f:ad:c6:08:ad:0e:ae:9f:ee:47:
40:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:83:14:37:13:11:B7:F8:32:E1:49:11:84:F8:3A:7F:84:F4:FB:2C
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/PYMUNxMRt_gy4UkRhPg6f4T0-yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.52.0/22
Signature Algorithm: sha256WithRSAEncryption
60:df:51:64:e2:a3:d8:6e:16:33:fd:9c:60:92:69:b3:32:37:
17:b8:fd:8b:11:73:43:8e:61:ca:88:74:35:57:88:de:5e:f8:
ad:5d:c9:b3:6f:bb:39:b1:d1:99:c8:12:75:5a:bd:bd:7c:d2:
07:36:91:1c:85:3b:06:a1:4c:06:8f:c6:2a:ee:29:c9:4f:ee:
f0:b4:09:3c:5f:0c:75:8e:99:f4:7b:78:f7:0e:1d:32:a6:29:
4b:ea:07:4e:7c:b1:8d:e2:05:31:53:d6:97:c9:58:a6:39:8b:
58:6d:f7:66:d7:10:72:3c:de:50:3a:a4:a8:5a:86:d3:22:1c:
e9:6e:31:51:9b:5b:2e:d9:f8:fc:f5:3b:d0:96:7d:a0:6a:85:
42:81:f3:46:53:39:83:a0:b6:1d:d9:9a:f4:ce:c8:49:93:db:
07:f5:9d:75:fa:6e:cc:ec:d2:21:95:7c:a9:90:dd:77:9e:02:
70:0d:89:fb:c6:5e:2a:95:fd:c7:fd:b2:8d:86:45:55:35:be:
ca:05:1f:d7:90:3e:b2:2e:94:d6:37:f9:50:66:15:38:a1:89:
7b:0a:30:c4:67:34:59:fc:0f:16:33:fa:a8:b8:a9:4c:47:2f:
57:9c:7f:b8:2c:38:38:b3:5b:22:0a:80:91:91:8c:1f:77:00:
a8:30:6d:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaBRICsdeAGddFpVWZqjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjUwMTAxMDU0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDgzMTQzNzEzMTFiN2Y4MzJlMTQ5MTE4NGY4M2E3Zjg0ZjRmYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fh55LduXGeuK+sWzhIvaW+dssEU
HnXERO6gFF3HWRpkp6J6qOQIi6i1XKxNyWhhyTB5SQztBXI+Dlq9cEHgYh2wtwjB
hLX3ixL3F7IPui4VbGyY9s6pB/cTNsxUT9naYNoOaiCxBq4TJB8z0i1nnq/7F0Wp
8lEFcCx8y3ZSPCj6qjgeY6GRQsjjp7MM3FX1vr4uibsyYND3eeitn9e13L+RWmZp
N6itdhu6yZdxShnx3n1MRDnguwsayDuGrL8H8Wmg7Zjr33yOX9/aJA4vKstr3mty
6bnkjvoH9fiPnXhbxlMeKORmO7aFtlC5mQvE1YXEgU+txgitDq6f7kdANQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2DFDcTEbf4MuFJEYT4On+E9PssMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvUFlNVU54TVJ0X2d5NFVrUmhQZzZmNFQwLXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe80MA0G
CSqGSIb3DQEBCwUAA4IBAQBg31Fk4qPYbhYz/ZxgkmmzMjcXuP2LEXNDjmHKiHQ1
V4jeXvitXcmzb7s5sdGZyBJ1Wr29fNIHNpEchTsGoUwGj8Yq7inJT+7wtAk8Xwx1
jpn0e3j3Dh0ypilL6gdOfLGN4gUxU9aXyVimOYtYbfdm1xByPN5QOqSoWobTIhzp
bjFRm1su2fj89TvQln2gaoVCgfNGUzmDoLYd2Zr0zshJk9sH9Z11+m7M7NIhlXyp
kN13ngJwDYn7xl4qlf3H/bKNhkVVNb7KBR/XkD6yLpTWN/lQZhU4oYl7CjDEZzRZ
/A8WM/qouKlMRy9XnH+4LDg4s1siCoCRkYwfdwCoMG16
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:58 2025 by rpki-client