Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/c09f02-7510-42ea-b281-bfa03a668577/1/PFAwG9bPWf3A7ykzoL6i4gsMdc8.roa
File: PFAwG9bPWf3A7ykzoL6i4gsMdc8.roa (raw, json)
Hash identifier: +3u3ps5RhN8mpH4vTmYsQgGlxCMNNcnsw22ifgvfo8Y=
Subject key identifier: 3C:50:30:1B:D6:CF:59:FD:C0:EF:29:33:A0:BE:A2:E2:0B:0C:75:CF
Certificate issuer: /CN=a6ac6d069d8fb732f4fe92b4e13cd7dc4d393a42
Certificate serial: 01942444B58FCB6B94F44F15A0213399A0C4
Authority key identifier: A6:AC:6D:06:9D:8F:B7:32:F4:FE:92:B4:E1:3C:D7:DC:4D:39:3A:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqxtBp2PtzL0_pK04TzX3E05OkI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/c09f02-7510-42ea-b281-bfa03a668577/1/PFAwG9bPWf3A7ykzoL6i4gsMdc8.roa
Signing time: Wed 01 Jan 2025 23:47:50 +0000
ROA not before: Wed 01 Jan 2025 23:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48944
IP address blocks: 91.239.210.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:b5:8f:cb:6b:94:f4:4f:15:a0:21:33:99:a0:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6ac6d069d8fb732f4fe92b4e13cd7dc4d393a42
Validity
Not Before: Jan 1 23:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c50301bd6cf59fdc0ef2933a0bea2e20b0c75cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:04:2a:19:7f:b1:35:af:15:db:5b:11:a6:73:
05:5a:cc:54:e6:95:9e:34:a7:cf:77:cc:a7:b1:c7:
25:98:35:c2:51:24:de:5d:b1:56:d9:3a:7d:b9:fd:
df:2c:36:28:e7:78:6e:eb:1f:5f:71:d7:26:b7:8c:
5f:db:67:e4:2e:09:68:21:44:60:5b:20:d0:f5:84:
b8:87:6a:bf:33:90:65:cd:79:39:f2:bd:f3:d0:94:
80:27:c6:2a:9d:8b:dd:3c:14:b2:28:d5:da:81:18:
b4:41:a7:96:24:71:5d:08:77:dc:a8:1a:62:be:22:
f8:1f:88:ca:27:07:3e:18:c8:de:48:a9:35:63:12:
fe:8a:7e:c3:ce:f5:da:65:c7:bf:02:c9:4a:e8:c4:
87:6b:91:eb:98:9c:4b:d7:49:7d:bc:21:58:99:8b:
aa:d4:c2:1f:a7:c0:cb:31:0d:51:c0:c9:76:b4:5e:
e0:de:60:18:49:d4:84:48:7e:a8:3b:5f:95:b9:ee:
5b:9e:f5:ea:1b:68:0d:7d:7e:e4:16:c5:51:0a:b5:
28:55:4f:b2:be:a9:bc:ff:2d:25:9b:4c:33:bd:b4:
0c:fa:c8:a5:ab:08:e7:9f:1d:26:18:d5:eb:94:3c:
2f:ed:c9:c5:90:8d:e7:80:48:aa:62:95:06:5c:9a:
7f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:50:30:1B:D6:CF:59:FD:C0:EF:29:33:A0:BE:A2:E2:0B:0C:75:CF
X509v3 Authority Key Identifier:
keyid:A6:AC:6D:06:9D:8F:B7:32:F4:FE:92:B4:E1:3C:D7:DC:4D:39:3A:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqxtBp2PtzL0_pK04TzX3E05OkI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c09f02-7510-42ea-b281-bfa03a668577/1/PFAwG9bPWf3A7ykzoL6i4gsMdc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c09f02-7510-42ea-b281-bfa03a668577/1/pqxtBp2PtzL0_pK04TzX3E05OkI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.210.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:84:a7:a4:54:92:7f:67:38:bc:d9:24:cf:8d:00:90:e0:db:
ca:65:9b:39:f3:dc:b4:f2:60:53:59:dd:30:0e:93:7b:e2:b9:
f6:0d:39:47:71:70:f0:67:39:bb:df:f2:c6:9f:c8:cc:58:63:
b5:41:15:68:5b:2a:09:e2:97:4c:73:ae:75:0f:21:c7:5f:e4:
b7:57:75:38:8c:1a:2f:5b:27:2e:1d:95:79:e6:c6:14:cf:3e:
a8:71:e7:f2:80:4c:9d:af:ec:7a:84:f7:2a:bf:78:6b:bf:d8:
d1:71:5f:db:f0:4b:44:24:bf:a0:4c:0f:4f:38:82:b4:cc:33:
1d:df:dc:8e:82:2c:be:43:b2:ca:c8:55:aa:12:02:40:72:04:
f8:4b:bc:81:51:cb:4a:b5:28:ef:30:a2:18:76:cb:a3:43:64:
3e:5a:74:cb:36:a1:dd:00:5a:a5:a5:7e:17:3f:0b:58:ba:5d:
af:32:7a:59:c3:1f:18:50:12:94:6c:11:fd:77:95:00:53:6a:
61:f6:bf:40:eb:5e:8a:f6:6f:52:2e:2e:26:3f:1c:b7:e8:46:
37:50:06:9c:06:53:50:b4:7e:a8:80:5e:b3:43:7e:6b:8d:2f:
80:db:fc:63:bb:b3:e4:4d:0f:e8:6d:38:7e:2f:aa:7b:c4:93:
b3:32:f0:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRLWPy2uU9E8VoCEzmaDEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YWM2ZDA2OWQ4ZmI3MzJmNGZlOTJiNGUxM2NkN2RjNGQz
OTNhNDIwHhcNMjUwMTAxMjM0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzUwMzAxYmQ2Y2Y1OWZkYzBlZjI5MzNhMGJlYTJlMjBiMGM3NWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wQqGX+xNa8V21sRpnMFWsxU5pWe
NKfPd8ynscclmDXCUSTeXbFW2Tp9uf3fLDYo53hu6x9fcdcmt4xf22fkLgloIURg
WyDQ9YS4h2q/M5BlzXk58r3z0JSAJ8YqnYvdPBSyKNXagRi0QaeWJHFdCHfcqBpi
viL4H4jKJwc+GMjeSKk1YxL+in7DzvXaZce/AslK6MSHa5HrmJxL10l9vCFYmYuq
1MIfp8DLMQ1RwMl2tF7g3mAYSdSESH6oO1+Vue5bnvXqG2gNfX7kFsVRCrUoVU+y
vqm8/y0lm0wzvbQM+silqwjnnx0mGNXrlDwv7cnFkI3ngEiqYpUGXJp/jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxQMBvWz1n9wO8pM6C+ouILDHXPMB8GA1UdIwQY
MBaAFKasbQadj7cy9P6StOE819xNOTpCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHF4dEJwMlB0ekwwX3BLMDRUelgzRTA1T2tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9jMDlmMDItNzUxMC00MmVhLWIyODEt
YmZhMDNhNjY4NTc3LzEvUEZBd0c5YlBXZjNBN3lrem9MNmk0Z3NNZGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9jMDlmMDItNzUxMC00MmVhLWIyODEtYmZhMDNhNjY4NTc3
LzEvcHF4dEJwMlB0ekwwX3BLMDRUelgzRTA1T2tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+/SMA0G
CSqGSIb3DQEBCwUAA4IBAQCshKekVJJ/Zzi82STPjQCQ4NvKZZs589y08mBTWd0w
DpN74rn2DTlHcXDwZzm73/LGn8jMWGO1QRVoWyoJ4pdMc651DyHHX+S3V3U4jBov
WycuHZV55sYUzz6ocefygEydr+x6hPcqv3hrv9jRcV/b8EtEJL+gTA9POIK0zDMd
39yOgiy+Q7LKyFWqEgJAcgT4S7yBUctKtSjvMKIYdsujQ2Q+WnTLNqHdAFqlpX4X
PwtYul2vMnpZwx8YUBKUbBH9d5UAU2ph9r9A616K9m9SLi4mPxy36EY3UAacBlNQ
tH6ogF6zQ35rjS+A2/xju7PkTQ/obTh+L6p7xJOzMvCW
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:49:10 2025 by rpki-client