Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/PFYxwOyFgEaTL6VrM9akiTyxJdw.roa
File: PFYxwOyFgEaTL6VrM9akiTyxJdw.roa (raw, json)
Hash identifier: 9ltIWn+qWyVqHEbMW2wYIskk9swbt13Vd0OqSFnWYsk=
Subject key identifier: 3C:56:31:C0:EC:85:80:46:93:2F:A5:6B:33:D6:A4:89:3C:B1:25:DC
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019422FBBB351BEB7ACEB5DC8AD70AE8D810
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/PFYxwOyFgEaTL6VrM9akiTyxJdw.roa
Signing time: Wed 01 Jan 2025 17:48:30 +0000
ROA not before: Wed 01 Jan 2025 17:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396549
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:bb:35:1b:eb:7a:ce:b5:dc:8a:d7:0a:e8:d8:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jan 1 17:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c5631c0ec858046932fa56b33d6a4893cb125dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7a:40:57:88:20:4e:7f:0f:43:07:9b:99:14:
75:5b:3a:4d:99:50:08:64:fa:c9:0a:6d:50:60:9a:
b9:97:c4:46:a3:20:1d:44:40:07:30:91:79:36:2e:
59:12:64:cb:ff:98:9c:cb:2e:48:34:60:cd:0a:de:
c8:ba:40:5b:65:08:80:f0:49:1e:13:b3:f8:00:cd:
83:69:97:02:f3:c2:02:ed:c4:1c:ae:08:73:a5:6e:
e9:43:b9:ea:22:85:ff:28:9c:c9:02:50:a2:ff:bd:
8c:f5:4a:69:6a:26:1f:3e:ea:5d:e9:ca:98:d4:c4:
e9:bb:36:ca:33:77:1d:1c:5b:e2:5d:0b:13:c4:f1:
61:16:9d:d3:83:15:39:45:62:09:37:0e:cd:c0:83:
da:eb:60:a6:fe:1f:b1:81:1a:35:c9:d4:f7:8d:4b:
80:0e:c8:03:5d:af:09:7a:e8:fa:67:2c:25:4f:b8:
47:ac:23:7c:8f:97:83:9f:8c:8c:cf:c7:9c:88:8a:
9f:11:7e:e1:33:eb:3e:49:15:18:0d:43:cb:85:c2:
ba:ce:fa:dc:46:92:10:a3:e8:fe:9f:13:2b:bf:3c:
56:73:e1:77:b1:5e:10:f3:8b:ed:27:de:f9:0a:04:
c6:14:3e:19:15:1e:a3:c7:fd:0b:84:ef:6e:9c:8c:
b9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:56:31:C0:EC:85:80:46:93:2F:A5:6B:33:D6:A4:89:3C:B1:25:DC
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/PFYxwOyFgEaTL6VrM9akiTyxJdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
92:a1:5f:08:a0:03:6b:07:74:53:3f:38:b2:45:75:7b:60:91:
ad:86:1e:01:12:40:d2:ca:f7:96:43:a9:3a:23:38:a8:a5:51:
bc:0d:1e:33:17:57:42:5c:d3:7d:60:4f:54:19:ff:27:f5:b6:
0c:24:b6:63:64:cb:ec:e6:50:51:38:a2:16:53:e4:8a:85:4a:
cd:2b:7f:0f:2c:47:15:9b:94:07:9a:68:24:54:ee:d2:3d:99:
29:5d:ab:ed:eb:f6:2a:26:33:69:4a:cf:28:e8:84:bd:a5:e7:
5c:09:2c:dd:88:d2:05:b8:13:db:62:7a:44:bc:5c:9d:da:25:
43:a9:4f:94:b7:54:23:b8:7d:e8:4c:38:04:87:57:f3:f6:4f:
2d:92:8e:85:81:c3:85:bc:57:49:aa:a1:ad:7d:5d:f1:bb:85:
c7:24:e0:1e:f7:7f:1b:2f:bb:32:00:b7:95:37:45:2c:1a:88:
e3:97:57:27:b0:21:f6:21:57:bd:ca:b6:c9:d3:cc:9a:39:1f:
7e:e7:ed:99:c8:0d:cd:91:0b:33:30:85:07:04:80:4d:cd:43:
ec:33:2c:5a:a0:0e:85:d7:46:97:79:83:42:ca:45:88:91:fb:
24:fa:51:22:7a:6b:11:17:f5:da:5a:d2:64:fb:ad:ee:5a:b4:
85:aa:c9:41
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+7s1G+t6zrXcitcK6NgQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjUwMTAxMTc0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU2MzFjMGVjODU4MDQ2OTMyZmE1NmIzM2Q2YTQ4OTNjYjEyNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXpAV4ggTn8PQwebmRR1WzpNmVAI
ZPrJCm1QYJq5l8RGoyAdREAHMJF5Ni5ZEmTL/5icyy5INGDNCt7IukBbZQiA8Eke
E7P4AM2DaZcC88IC7cQcrghzpW7pQ7nqIoX/KJzJAlCi/72M9UppaiYfPupd6cqY
1MTpuzbKM3cdHFviXQsTxPFhFp3TgxU5RWIJNw7NwIPa62Cm/h+xgRo1ydT3jUuA
DsgDXa8Jeuj6ZywlT7hHrCN8j5eDn4yMz8eciIqfEX7hM+s+SRUYDUPLhcK6zvrc
RpIQo+j+nxMrvzxWc+F3sV4Q84vtJ975CgTGFD4ZFR6jx/0LhO9unIy5owIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDxWMcDshYBGky+lazPWpIk8sSXcMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvUEZZeHdPeUZnRWFUTDZWck05YWtpVHl4SmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAJKhXwigA2sHdFM/OLJFdXtgka2GHgES
QNLK95ZDqTojOKilUbwNHjMXV0Jc031gT1QZ/yf1tgwktmNky+zmUFE4ohZT5IqF
Ss0rfw8sRxWblAeaaCRU7tI9mSldq+3r9iomM2lKzyjohL2l51wJLN2I0gW4E9ti
ekS8XJ3aJUOpT5S3VCO4fehMOASHV/P2Ty2SjoWBw4W8V0mqoa19XfG7hcck4B73
fxsvuzIAt5U3RSwaiOOXVyewIfYhV73KtsnTzJo5H37n7ZnIDc2RCzMwhQcEgE3N
Q+wzLFqgDoXXRpd5g0LKRYiR+yT6USJ6axEX9dpa0mT7re5atIWqyUE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:02 2025 by rpki-client