Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/49e974-d724-4caf-9a04-f0c9d6417ee7/1/Pam-mYZhUPxumLyTa-d41AOp2eI.roa
File: Pam-mYZhUPxumLyTa-d41AOp2eI.roa (raw, json)
Hash identifier: aCi8Qzgn/82AxyGXcRCZJe9cgue7YAZPk3yXhgftdGA=
Subject key identifier: 3D:A9:BE:99:86:61:50:FC:6E:98:BC:93:6B:E7:78:D4:03:A9:D9:E2
Certificate issuer: /CN=f505578215acee73c17fa30d0295e0d8dd7be89d
Certificate serial: 0194266A3F65AEAAD18FA6B751CFC9D49575
Authority key identifier: F5:05:57:82:15:AC:EE:73:C1:7F:A3:0D:02:95:E0:D8:DD:7B:E8:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QVXghWs7nPBf6MNApXg2N176J0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/49e974-d724-4caf-9a04-f0c9d6417ee7/1/Pam-mYZhUPxumLyTa-d41AOp2eI.roa
Signing time: Thu 02 Jan 2025 09:48:04 +0000
ROA not before: Thu 02 Jan 2025 09:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205100
IP address blocks: 185.220.100.0/24 maxlen: 24
2a0b:f4c0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:3f:65:ae:aa:d1:8f:a6:b7:51:cf:c9:d4:95:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f505578215acee73c17fa30d0295e0d8dd7be89d
Validity
Not Before: Jan 2 09:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3da9be99866150fc6e98bc936be778d403a9d9e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:21:3b:ad:03:34:d6:56:ab:89:57:00:91:e2:
de:47:20:95:5c:86:83:68:38:8b:27:26:bc:9a:1a:
07:75:f3:95:4d:6d:f0:ab:6a:b2:af:4e:a0:7c:1a:
8c:21:1b:89:53:df:45:f1:1e:e8:2a:95:9d:00:a4:
7b:5c:47:b4:6c:b3:21:85:e4:79:07:de:ff:32:59:
71:61:82:30:44:da:69:db:ca:39:f9:da:46:b8:7a:
17:75:4c:e7:72:0d:33:7e:62:48:a9:ef:73:0e:89:
ee:d8:22:36:56:06:73:43:1d:24:a8:93:c4:b1:fa:
1e:99:da:68:51:c3:df:28:7c:2a:e9:9e:21:4f:9c:
26:ea:f9:24:e5:01:a0:bd:5b:00:9a:79:3b:05:11:
87:58:1d:fc:91:6c:bc:c0:82:cf:50:8c:d4:74:4e:
ab:ea:0b:0e:56:29:29:35:25:56:50:61:8d:ed:62:
4c:eb:38:3f:a5:f5:f1:db:be:96:bb:70:5e:8f:5f:
c8:d7:a1:a8:2e:a9:15:3b:47:15:d5:ee:36:03:75:
52:66:0f:ca:d0:72:2a:b5:b3:58:60:c1:40:4c:68:
88:ce:9f:71:cf:00:91:98:31:74:cc:48:dd:0d:82:
68:f9:fa:09:f6:30:65:2d:30:1e:d4:43:ba:df:ae:
0e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A9:BE:99:86:61:50:FC:6E:98:BC:93:6B:E7:78:D4:03:A9:D9:E2
X509v3 Authority Key Identifier:
keyid:F5:05:57:82:15:AC:EE:73:C1:7F:A3:0D:02:95:E0:D8:DD:7B:E8:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QVXghWs7nPBf6MNApXg2N176J0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/49e974-d724-4caf-9a04-f0c9d6417ee7/1/Pam-mYZhUPxumLyTa-d41AOp2eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/49e974-d724-4caf-9a04-f0c9d6417ee7/1/9QVXghWs7nPBf6MNApXg2N176J0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.100.0/24
IPv6:
2a0b:f4c0::/32
Signature Algorithm: sha256WithRSAEncryption
17:88:14:06:52:82:59:80:dd:d1:9f:0b:22:df:99:aa:76:6f:
e5:54:3f:86:64:be:e4:58:c6:4d:23:2c:ba:fc:07:e0:f6:aa:
46:90:39:90:3a:e0:af:00:a4:a2:e1:ee:e5:f0:20:fd:4c:61:
66:a6:68:9d:a4:87:18:6e:62:6d:5d:dd:c8:99:7b:d2:95:5d:
35:11:a8:37:0a:c0:19:90:a0:e1:06:3e:7b:ef:aa:33:58:1d:
41:42:e4:00:58:07:b3:54:ac:7c:1c:95:77:f1:e5:e8:73:00:
52:b5:16:14:f0:e1:b5:85:5f:8e:ce:e5:a5:b6:bb:bc:b1:1e:
57:b4:9d:a6:5c:4b:23:3a:c0:4c:77:83:ce:7d:b4:a1:49:2c:
9f:8c:51:f6:ec:aa:b5:e3:37:58:38:30:76:c5:e2:06:ce:13:
d3:6b:5d:c5:79:c2:26:98:93:6d:41:88:78:33:60:5d:64:b8:
b5:e1:90:6a:12:12:38:a1:77:62:42:92:6b:fb:f0:dd:4b:8c:
1b:b3:c1:6c:db:a0:87:f1:8f:e4:5b:3c:d1:c3:82:06:c8:a8:
b2:04:c4:25:08:23:8c:25:ae:56:13:77:f4:46:99:bd:11:04:
40:a4:9b:75:51:9b:8a:d1:f7:9c:08:70:28:59:08:be:da:d7:
b8:1d:f4:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQmaj9lrqrRj6a3Uc/J1JV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MDU1NzgyMTVhY2VlNzNjMTdmYTMwZDAyOTVlMGQ4ZGQ3
YmU4OWQwHhcNMjUwMTAyMDk0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGE5YmU5OTg2NjE1MGZjNmU5OGJjOTM2YmU3NzhkNDAzYTlkOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCE7rQM01lariVcAkeLeRyCVXIaD
aDiLJya8mhoHdfOVTW3wq2qyr06gfBqMIRuJU99F8R7oKpWdAKR7XEe0bLMhheR5
B97/MllxYYIwRNpp28o5+dpGuHoXdUzncg0zfmJIqe9zDonu2CI2VgZzQx0kqJPE
sfoemdpoUcPfKHwq6Z4hT5wm6vkk5QGgvVsAmnk7BRGHWB38kWy8wILPUIzUdE6r
6gsOVikpNSVWUGGN7WJM6zg/pfXx276Wu3Bej1/I16GoLqkVO0cV1e42A3VSZg/K
0HIqtbNYYMFATGiIzp9xzwCRmDF0zEjdDYJo+foJ9jBlLTAe1EO6364OfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD2pvpmGYVD8bpi8k2vneNQDqdniMB8GA1UdIwQY
MBaAFPUFV4IVrO5zwX+jDQKV4Njde+idMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVFWWGdoV3M3blBCZjZNTkFwWGcyTjE3NkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy80OWU5NzQtZDcyNC00Y2FmLTlhMDQt
ZjBjOWQ2NDE3ZWU3LzEvUGFtLW1ZWmhVUHh1bUx5VGEtZDQxQU9wMmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy80OWU5NzQtZDcyNC00Y2FmLTlhMDQtZjBjOWQ2NDE3ZWU3
LzEvOVFWWGdoV3M3blBCZjZNTkFwWGcyTjE3NkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudxkMA0E
AgACMAcDBQAqC/TAMA0GCSqGSIb3DQEBCwUAA4IBAQAXiBQGUoJZgN3Rnwsi35mq
dm/lVD+GZL7kWMZNIyy6/Afg9qpGkDmQOuCvAKSi4e7l8CD9TGFmpmidpIcYbmJt
Xd3ImXvSlV01Eag3CsAZkKDhBj5776ozWB1BQuQAWAezVKx8HJV38eXocwBStRYU
8OG1hV+OzuWltru8sR5XtJ2mXEsjOsBMd4POfbShSSyfjFH27Kq14zdYODB2xeIG
zhPTa13FecImmJNtQYh4M2BdZLi14ZBqEhI4oXdiQpJr+/DdS4wbs8Fs26CH8Y/k
WzzRw4IGyKiyBMQlCCOMJa5WE3f0Rpm9EQRApJt1UZuK0fecCHAoWQi+2te4HfQu
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:25:45 2025 by rpki-client