Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/PJZXdpkwhKYbc-mgI8o-ftVhCug.roa
File: PJZXdpkwhKYbc-mgI8o-ftVhCug.roa (raw, json)
Hash identifier: SBqSW5ehFYdMdBJe2odGE82C7AsVO9/yZgJ8RXmPXUU=
Subject key identifier: 3C:96:57:76:99:30:84:A6:1B:73:E9:A0:23:CA:3E:7E:D5:61:0A:E8
Certificate issuer: /CN=dd5072b13880c1f1ba86fcc4c40297f5d9f43774
Certificate serial: 019428232A9DF4528A111787E5729E7E6D30
Authority key identifier: DD:50:72:B1:38:80:C1:F1:BA:86:FC:C4:C4:02:97:F5:D9:F4:37:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VBysTiAwfG6hvzExAKX9dn0N3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/PJZXdpkwhKYbc-mgI8o-ftVhCug.roa
Signing time: Thu 02 Jan 2025 17:49:40 +0000
ROA not before: Thu 02 Jan 2025 17:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200697
IP address blocks: 185.135.196.0/24 maxlen: 24
185.135.197.0/24 maxlen: 24
185.135.198.0/24 maxlen: 24
185.135.199.0/24 maxlen: 24
2a09:5f40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:2a:9d:f4:52:8a:11:17:87:e5:72:9e:7e:6d:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5072b13880c1f1ba86fcc4c40297f5d9f43774
Validity
Not Before: Jan 2 17:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c965776993084a61b73e9a023ca3e7ed5610ae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b2:bb:cb:3a:f1:44:dc:c4:3e:3f:d1:1c:92:
70:5a:26:8e:08:db:94:67:44:72:5c:49:42:c9:f8:
fd:14:9b:32:ae:96:f1:77:d5:29:ce:b5:d6:71:0e:
5c:d1:c5:3d:14:dd:ca:82:c5:b8:a7:0d:b6:dd:4f:
8a:e1:cc:95:c2:b5:11:ee:99:71:67:58:9f:e8:e7:
77:e9:2c:19:72:cc:aa:87:22:ab:fd:a8:7f:ca:45:
1b:de:93:ae:bc:af:cf:8a:ba:ab:1d:f1:44:c6:07:
33:56:47:37:8a:93:86:e0:96:94:d6:ee:cb:e0:69:
94:e3:f3:4f:a3:de:ad:33:de:cb:bc:96:15:db:ac:
7b:a6:3f:cf:45:d0:25:79:51:7a:dd:c4:05:99:96:
28:af:d9:f7:eb:b8:52:53:75:51:71:17:9a:cb:4d:
fd:5b:e0:3b:66:b0:d5:fc:8d:ef:e9:af:b3:3b:38:
02:19:86:ee:d5:1e:da:08:33:7d:b4:5d:a6:b0:01:
0d:20:5f:37:56:28:f0:ec:08:42:a7:fc:85:89:54:
c9:8b:6f:58:1d:70:99:6f:cf:c8:a7:81:03:e1:23:
b4:c2:0e:c2:39:a8:73:46:e3:99:21:5c:06:a6:2c:
81:12:0c:b7:09:96:db:cf:73:06:7b:69:cc:41:bf:
23:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:96:57:76:99:30:84:A6:1B:73:E9:A0:23:CA:3E:7E:D5:61:0A:E8
X509v3 Authority Key Identifier:
keyid:DD:50:72:B1:38:80:C1:F1:BA:86:FC:C4:C4:02:97:F5:D9:F4:37:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VBysTiAwfG6hvzExAKX9dn0N3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/PJZXdpkwhKYbc-mgI8o-ftVhCug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cbc18f-e6db-4bd6-8427-64d1bc735bac/1/3VBysTiAwfG6hvzExAKX9dn0N3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.196.0/22
IPv6:
2a09:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
c5:0d:55:42:ac:22:95:83:f1:6a:c1:ae:88:0c:87:f0:0c:e7:
cd:fb:e6:80:f7:58:73:ab:55:f0:37:10:02:d9:f7:01:1a:33:
6c:6f:a8:03:f6:fd:4d:d6:ad:22:11:37:0b:69:56:55:86:71:
be:18:33:71:ca:b3:2a:cb:4f:7c:ee:1f:3a:31:17:4c:db:a4:
ea:69:0c:cc:dc:6e:ea:01:7b:16:28:db:2d:ab:76:9e:f5:70:
ea:af:23:c1:70:79:99:51:eb:6b:ee:2c:e3:52:3d:8e:e6:b5:
bd:49:15:4c:81:e9:65:36:49:e5:97:a2:75:28:e0:77:28:bc:
13:9b:8d:71:22:03:d9:51:fd:94:ba:46:01:b6:44:ae:1d:1c:
85:81:5f:a8:5d:ea:ca:88:7a:ba:4f:42:7f:5b:fd:4e:87:a2:
6c:3f:b3:37:bb:6c:10:8e:cd:75:20:ce:c3:19:6a:4b:01:d5:
d2:ad:85:d0:4c:a9:50:ea:a1:78:e7:20:58:61:38:91:d7:5c:
a5:fc:9d:35:1f:d7:f7:57:65:1d:0c:63:1d:0d:6a:b8:9b:41:
4f:16:e4:95:55:b4:25:78:ce:1c:00:dd:d5:8a:d3:69:e9:1c:
01:cc:d7:fb:82:ac:99:29:8c:1d:a7:1f:80:a6:1d:ef:e2:81:
77:b1:14:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoIyqd9FKKEReH5XKefm0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTA3MmIxMzg4MGMxZjFiYTg2ZmNjNGM0MDI5N2Y1ZDlm
NDM3NzQwHhcNMjUwMTAyMTc0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzk2NTc3Njk5MzA4NGE2MWI3M2U5YTAyM2NhM2U3ZWQ1NjEwYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7K7yzrxRNzEPj/RHJJwWiaOCNuU
Z0RyXElCyfj9FJsyrpbxd9UpzrXWcQ5c0cU9FN3KgsW4pw223U+K4cyVwrUR7plx
Z1if6Od36SwZcsyqhyKr/ah/ykUb3pOuvK/PirqrHfFExgczVkc3ipOG4JaU1u7L
4GmU4/NPo96tM97LvJYV26x7pj/PRdAleVF63cQFmZYor9n367hSU3VRcReay039
W+A7ZrDV/I3v6a+zOzgCGYbu1R7aCDN9tF2msAENIF83Vijw7AhCp/yFiVTJi29Y
HXCZb8/Ip4ED4SO0wg7COahzRuOZIVwGpiyBEgy3CZbbz3MGe2nMQb8jFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDyWV3aZMISmG3PpoCPKPn7VYQroMB8GA1UdIwQY
MBaAFN1QcrE4gMHxuob8xMQCl/XZ9Dd0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZCeXNUaUF3Zkc2aHZ6RXhBS1g5ZG4wTjNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jYmMxOGYtZTZkYi00YmQ2LTg0Mjct
NjRkMWJjNzM1YmFjLzEvUEpaWGRwa3doS1liYy1tZ0k4by1mdFZoQ3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jYmMxOGYtZTZkYi00YmQ2LTg0MjctNjRkMWJjNzM1YmFj
LzEvM1ZCeXNUaUF3Zkc2aHZ6RXhBS1g5ZG4wTjNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYfEMA0E
AgACMAcDBQMqCV9AMA0GCSqGSIb3DQEBCwUAA4IBAQDFDVVCrCKVg/Fqwa6IDIfw
DOfN++aA91hzq1XwNxAC2fcBGjNsb6gD9v1N1q0iETcLaVZVhnG+GDNxyrMqy098
7h86MRdM26TqaQzM3G7qAXsWKNstq3ae9XDqryPBcHmZUetr7izjUj2O5rW9SRVM
gellNknll6J1KOB3KLwTm41xIgPZUf2UukYBtkSuHRyFgV+oXerKiHq6T0J/W/1O
h6JsP7M3u2wQjs11IM7DGWpLAdXSrYXQTKlQ6qF45yBYYTiR11yl/J01H9f3V2Ud
DGMdDWq4m0FPFuSVVbQleM4cAN3VitNp6RwBzNf7gqyZKYwdpx+Aph3v4oF3sRTV
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:11:44 2025 by rpki-client