Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/PFQ0W-F3XkggUuB0RC6F6fwjkwI.roa
File: PFQ0W-F3XkggUuB0RC6F6fwjkwI.roa (raw, json)
Hash identifier: xrFtiFtG2YZto20BzMXTeO0Klzkrj+OMfW0pk1vKI5Y=
Subject key identifier: 3C:54:34:5B:E1:77:5E:48:20:52:E0:74:44:2E:85:E9:FC:23:93:02
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018FBF0BA68246644489A412C3E653154958
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/PFQ0W-F3XkggUuB0RC6F6fwjkwI.roa
Signing time: Tue 28 May 2024 11:52:42 +0000
ROA not before: Tue 28 May 2024 11:52:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 37.153.132.0/24 maxlen: 24
84.247.20.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
91.250.244.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:0b:a6:82:46:64:44:89:a4:12:c3:e6:53:15:49:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: May 28 11:52:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c54345be1775e482052e074442e85e9fc239302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9e:df:8c:3e:a1:a4:75:07:4a:db:57:4a:3f:
21:d9:fa:09:60:86:79:b5:86:3a:35:df:d0:e5:93:
cc:08:09:b1:a6:5f:43:10:f1:c7:89:c4:e3:44:20:
4b:1c:04:0b:2f:0c:bf:0d:98:bc:5c:64:9a:fb:a8:
7d:85:31:54:9f:9f:42:82:4b:7c:67:e1:02:2a:a9:
8f:48:42:6d:68:0c:d9:d3:d0:10:7e:0d:fe:44:5b:
cb:0f:3b:7d:e4:fa:48:da:4a:fd:21:68:6d:e9:50:
6e:6e:49:d7:75:ad:14:2a:77:41:9b:4c:48:64:8d:
6c:8c:49:c1:bc:03:ec:35:4e:38:5f:8f:12:70:30:
66:7c:2a:3b:d3:54:04:7c:b2:e4:23:97:b3:b7:1b:
af:27:a9:08:fa:d2:c2:0e:df:5d:8e:0a:e5:bb:54:
d4:34:20:53:51:00:6c:15:59:3d:c2:34:87:f3:02:
41:b5:86:2e:7b:8c:dd:f3:f4:e0:3f:f7:8c:49:f2:
92:51:b5:c8:79:1b:97:98:cf:b1:ff:6f:4a:5e:d2:
8a:61:ec:f7:78:89:a1:b3:c1:db:6e:d0:08:d8:76:
75:9c:6b:bb:c8:58:42:6a:cb:e9:b9:cf:0d:74:93:
ff:29:ad:6d:81:17:3b:35:46:c8:77:44:bb:3b:8f:
e5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:54:34:5B:E1:77:5E:48:20:52:E0:74:44:2E:85:E9:FC:23:93:02
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/PFQ0W-F3XkggUuB0RC6F6fwjkwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
84.247.20.0/24
89.37.106.0/24
89.42.213.0/24
91.250.244.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:bb:cb:f5:58:18:d7:ca:67:ca:f3:8a:f5:15:d9:ae:d1:c2:
f2:30:ae:0e:bc:2b:da:86:4e:47:ee:64:5c:4e:68:40:68:af:
ce:6b:25:2d:d9:fd:cb:fd:28:ef:90:b4:34:8b:64:fb:2c:c4:
3c:76:20:ff:84:ed:f8:f2:d1:e8:e2:e9:d6:f7:b8:f6:6a:69:
c0:39:b1:ba:20:1f:f5:93:64:99:d6:ee:4a:49:e9:b2:c2:fd:
17:e3:43:0f:08:98:66:30:df:b3:5a:98:1f:6f:9e:97:a6:44:
8f:43:ed:4e:8c:22:aa:d5:52:c6:6d:3b:a7:f8:a8:70:dc:d2:
7b:e7:24:2c:cd:17:e2:77:e0:6e:f7:a9:11:ba:ed:ce:b2:6b:
c1:29:59:79:f6:49:8a:2f:7f:33:87:78:aa:88:31:e3:b5:9f:
10:1a:d6:c6:64:bf:0b:10:ce:1a:b6:57:18:57:32:d6:55:ff:
34:8e:c8:84:e2:d0:d9:9a:0c:8f:a4:05:d0:d9:55:fe:35:0c:
b4:65:94:7f:d6:28:f0:c4:e6:bf:34:b2:79:f4:21:57:76:1d:
02:76:85:c0:87:5a:5d:a6:eb:bf:a9:fa:00:c6:72:8e:87:af:
f3:7a:36:43:9d:2a:c0:d0:4c:eb:64:ec:e2:b0:a8:ac:56:f1:
e7:40:47:2e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+/C6aCRmREiaQSw+ZTFUlYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNTI4MTE1MjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU0MzQ1YmUxNzc1ZTQ4MjA1MmUwNzQ0NDJlODVlOWZjMjM5MzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp7fjD6hpHUHSttXSj8h2foJYIZ5
tYY6Nd/Q5ZPMCAmxpl9DEPHHicTjRCBLHAQLLwy/DZi8XGSa+6h9hTFUn59Cgkt8
Z+ECKqmPSEJtaAzZ09AQfg3+RFvLDzt95PpI2kr9IWht6VBubknXda0UKndBm0xI
ZI1sjEnBvAPsNU44X48ScDBmfCo701QEfLLkI5eztxuvJ6kI+tLCDt9djgrlu1TU
NCBTUQBsFVk9wjSH8wJBtYYue4zd8/TgP/eMSfKSUbXIeRuXmM+x/29KXtKKYez3
eImhs8HbbtAI2HZ1nGu7yFhCasvpuc8NdJP/Ka1tgRc7NUbId0S7O4/l+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDxUNFvhd15IIFLgdEQuhen8I5MCMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUEZRMFctRjNYa2dnVXVCMFJDNkY2Zndqa3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJZmEAwQA
VPcUAwQAWSVqAwQAWSrVAwQAW/r0MA0GCSqGSIb3DQEBCwUAA4IBAQAuu8v1WBjX
ymfK84r1Fdmu0cLyMK4OvCvahk5H7mRcTmhAaK/OayUt2f3L/SjvkLQ0i2T7LMQ8
diD/hO348tHo4unW97j2amnAObG6IB/1k2SZ1u5KSemywv0X40MPCJhmMN+zWpgf
b56XpkSPQ+1OjCKq1VLGbTun+Khw3NJ75yQszRfid+Bu96kRuu3OsmvBKVl59kmK
L38zh3iqiDHjtZ8QGtbGZL8LEM4atlcYVzLWVf80jsiE4tDZmgyPpAXQ2VX+NQy0
ZZR/1ijwxOa/NLJ59CFXdh0CdoXAh1pdpuu/qfoAxnKOh6/zejZDnSrA0EzrZOzi
sKisVvHnQEcu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:04 2025 by rpki-client