Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/30uzQGt2sOP8IgaSYaMTDquW3Z0.roa
File: 30uzQGt2sOP8IgaSYaMTDquW3Z0.roa (raw, json)
Hash identifier: P6F3XLSWCNAXZxqOxgAo6zkRmbGUu0m7JhEJGVuwo+Y=
Subject key identifier: DF:4B:B3:40:6B:76:B0:E3:FC:22:06:92:61:A3:13:0E:AB:96:DD:9D
Certificate issuer: /CN=3cd37ec23719b2f142f46e6f3317664034adf598
Certificate serial: 019425214185E95A886691D1A9C35A606051
Authority key identifier: 3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/30uzQGt2sOP8IgaSYaMTDquW3Z0.roa
Signing time: Thu 02 Jan 2025 03:48:43 +0000
ROA not before: Thu 02 Jan 2025 03:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47554
IP address blocks: 185.170.236.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:41:85:e9:5a:88:66:91:d1:a9:c3:5a:60:60:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cd37ec23719b2f142f46e6f3317664034adf598
Validity
Not Before: Jan 2 03:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df4bb3406b76b0e3fc22069261a3130eab96dd9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5c:67:d9:8d:4a:22:41:7b:a7:d5:9e:7a:b3:
e8:b8:61:f6:af:62:40:5a:ac:ec:3f:4f:8d:1d:a8:
dc:6f:ba:a7:ae:e4:fc:de:bb:d9:52:7c:90:93:82:
15:f1:21:40:de:2d:a6:4d:64:78:03:77:af:f6:70:
59:d9:de:70:8b:21:94:e4:f0:fa:ac:0b:b5:1e:55:
a3:eb:f7:a5:95:cb:93:d4:2c:49:a2:4f:1c:a4:19:
6e:2b:c7:cc:88:b4:dc:d5:a6:3f:f5:f8:fe:f3:cd:
21:b1:de:5b:be:ea:4c:0e:34:98:fd:14:19:c6:2d:
87:26:80:bc:1c:b4:39:37:a4:b9:8e:d5:38:61:49:
59:d0:f1:4b:c0:09:d7:59:54:26:e7:64:0a:de:11:
1e:52:46:75:51:5f:9c:f8:8b:9d:2e:96:6f:26:90:
de:47:76:90:62:9b:3b:2d:dd:f5:93:3c:01:fa:0e:
a9:d7:dd:a4:72:29:d1:3d:76:40:58:68:7c:0b:c3:
7a:10:a9:30:0d:cc:9e:1b:ea:65:80:32:df:21:cd:
d0:1a:e3:4b:06:a3:b9:9c:ac:06:6e:58:65:a6:84:
ce:e1:da:d4:70:20:df:fb:1f:e2:32:d5:15:09:b9:
b1:70:b8:a2:ba:94:d7:9e:36:87:39:99:33:cf:f8:
58:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:4B:B3:40:6B:76:B0:E3:FC:22:06:92:61:A3:13:0E:AB:96:DD:9D
X509v3 Authority Key Identifier:
keyid:3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/30uzQGt2sOP8IgaSYaMTDquW3Z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.236.0/22
Signature Algorithm: sha256WithRSAEncryption
20:5b:02:dd:7d:1d:63:1e:e1:c1:b3:69:5a:3b:6b:09:82:df:
5b:46:d6:ca:a4:33:4c:ed:f3:e6:62:c6:51:43:ac:38:52:2d:
b8:44:b5:ca:5d:cf:00:11:38:5d:c0:1a:6f:e9:8f:43:d7:7b:
14:b2:ec:37:24:be:4c:b0:ce:3e:7f:58:f8:98:f1:0e:55:ee:
4f:cb:81:02:b8:37:dc:c4:c1:64:8b:c5:38:2a:0d:79:22:f2:
18:f7:79:08:18:f3:d1:0c:f1:d6:2f:88:b1:7f:0e:c6:f4:eb:
1a:49:fc:62:dc:db:52:07:3f:8e:b9:b7:ab:36:d7:76:4c:ee:
28:e8:98:fe:34:b0:8f:1a:b5:76:13:9e:92:f4:6c:65:72:7d:
42:9c:2b:e7:06:16:63:fa:1b:97:a5:04:ab:8d:35:7c:5f:ce:
47:d4:0b:a2:31:52:12:73:17:26:af:11:04:44:7d:7d:2c:3e:
92:ab:4a:ca:b4:98:af:13:f8:8c:cc:d1:01:00:ed:ff:bd:4d:
c0:62:01:e1:0f:5c:09:34:36:79:41:29:55:17:74:c7:d6:43:
e3:dd:f7:9d:1a:c1:09:78:14:b3:30:36:46:27:42:54:40:e0:
a8:fe:0e:c5:e1:09:8a:84:e7:34:7e:1a:cb:9d:60:22:16:e5:
6e:03:b5:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIUGF6VqIZpHRqcNaYGBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDM3ZWMyMzcxOWIyZjE0MmY0NmU2ZjMzMTc2NjQwMzRh
ZGY1OTgwHhcNMjUwMTAyMDM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjRiYjM0MDZiNzZiMGUzZmMyMjA2OTI2MWEzMTMwZWFiOTZkZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylxn2Y1KIkF7p9WeerPouGH2r2JA
WqzsP0+NHajcb7qnruT83rvZUnyQk4IV8SFA3i2mTWR4A3ev9nBZ2d5wiyGU5PD6
rAu1HlWj6/ellcuT1CxJok8cpBluK8fMiLTc1aY/9fj+880hsd5bvupMDjSY/RQZ
xi2HJoC8HLQ5N6S5jtU4YUlZ0PFLwAnXWVQm52QK3hEeUkZ1UV+c+IudLpZvJpDe
R3aQYps7Ld31kzwB+g6p192kcinRPXZAWGh8C8N6EKkwDcyeG+plgDLfIc3QGuNL
BqO5nKwGblhlpoTO4drUcCDf+x/iMtUVCbmxcLiiupTXnjaHOZkzz/hY5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9Ls0BrdrDj/CIGkmGjEw6rlt2dMB8GA1UdIwQY
MBaAFDzTfsI3GbLxQvRubzMXZkA0rfWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYt
YTkzODhmMzFiNDdlLzEvMzB1elFHdDJzT1A4SWdhU1lhTVREcXVXM1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYtYTkzODhmMzFiNDdl
LzEvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuarsMA0G
CSqGSIb3DQEBCwUAA4IBAQAgWwLdfR1jHuHBs2laO2sJgt9bRtbKpDNM7fPmYsZR
Q6w4Ui24RLXKXc8AEThdwBpv6Y9D13sUsuw3JL5MsM4+f1j4mPEOVe5Py4ECuDfc
xMFki8U4Kg15IvIY93kIGPPRDPHWL4ixfw7G9OsaSfxi3NtSBz+OuberNtd2TO4o
6Jj+NLCPGrV2E56S9Gxlcn1CnCvnBhZj+huXpQSrjTV8X85H1AuiMVIScxcmrxEE
RH19LD6Sq0rKtJivE/iMzNEBAO3/vU3AYgHhD1wJNDZ5QSlVF3TH1kPj3fedGsEJ
eBSzMDZGJ0JUQOCo/g7F4QmKhOc0fhrLnWAiFuVuA7Vo
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:03:41 2025 by rpki-client