Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/70d450-80e4-44f9-99f3-21bc63f165f8/1/PNXE3f7nm-ojlPdvV_1yYpzHd1o.roa
File: PNXE3f7nm-ojlPdvV_1yYpzHd1o.roa (raw, json)
Hash identifier: TFO2XkeOQG2ZuVhhUVPTDBMBQ7rIutsnw7Dyad/B8zE=
Subject key identifier: 3C:D5:C4:DD:FE:E7:9B:EA:23:94:F7:6F:57:FD:72:62:9C:C7:77:5A
Certificate issuer: /CN=716752b91747957dccff0e71da674f329d832de3
Certificate serial: 01941F8C25D6F9CA3ED024CBD0A07EE5B680
Authority key identifier: 71:67:52:B9:17:47:95:7D:CC:FF:0E:71:DA:67:4F:32:9D:83:2D:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cWdSuRdHlX3M_w5x2mdPMp2DLeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/70d450-80e4-44f9-99f3-21bc63f165f8/1/PNXE3f7nm-ojlPdvV_1yYpzHd1o.roa
Signing time: Wed 01 Jan 2025 01:47:45 +0000
ROA not before: Wed 01 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211937
IP address blocks: 185.230.199.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:25:d6:f9:ca:3e:d0:24:cb:d0:a0:7e:e5:b6:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=716752b91747957dccff0e71da674f329d832de3
Validity
Not Before: Jan 1 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3cd5c4ddfee79bea2394f76f57fd72629cc7775a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cc:74:09:24:89:3d:d2:ce:b2:68:cb:ec:97:
d8:85:bc:dc:00:d4:b3:67:43:31:f8:fc:56:47:6e:
17:b3:f7:c6:17:e8:86:f9:98:08:56:8b:73:9e:f4:
bc:2d:e0:a1:b6:5f:98:cf:a9:28:39:a1:1c:af:9f:
20:ae:d0:44:58:8d:d6:30:3b:fc:3d:9f:a1:a2:54:
a1:94:3d:c6:ec:e0:fb:2b:e4:35:f1:5f:7b:a6:e7:
dd:c9:2b:53:75:7f:fe:e0:e4:18:a9:e3:16:94:fc:
64:5b:a9:6a:af:9d:0b:1e:b8:dc:c5:d4:a1:b6:22:
c2:43:0b:c1:b4:ed:6b:0c:58:b3:9c:8b:7b:2f:c8:
a6:db:88:2a:89:5e:87:34:12:4d:c0:a3:ce:1b:19:
8e:cd:cd:f4:56:66:b2:4c:de:3c:7d:c1:d5:1a:3c:
98:e8:47:a5:4c:01:26:2c:e2:4c:e5:e3:27:0d:b3:
b8:bb:5c:c0:a7:ec:f0:83:44:b3:60:9d:0b:fe:14:
49:e1:70:6a:d9:2d:f6:7e:ed:a1:3f:cc:a7:32:77:
a7:57:36:ae:9a:b3:aa:70:08:b6:a6:27:d0:79:fb:
2b:59:48:6a:8d:d3:8f:dc:8e:83:57:95:9a:7d:f4:
c1:d5:cf:05:fb:1d:af:bf:12:9c:64:96:c2:a8:1b:
00:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:D5:C4:DD:FE:E7:9B:EA:23:94:F7:6F:57:FD:72:62:9C:C7:77:5A
X509v3 Authority Key Identifier:
keyid:71:67:52:B9:17:47:95:7D:CC:FF:0E:71:DA:67:4F:32:9D:83:2D:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cWdSuRdHlX3M_w5x2mdPMp2DLeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/70d450-80e4-44f9-99f3-21bc63f165f8/1/PNXE3f7nm-ojlPdvV_1yYpzHd1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/70d450-80e4-44f9-99f3-21bc63f165f8/1/cWdSuRdHlX3M_w5x2mdPMp2DLeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.199.0/24
Signature Algorithm: sha256WithRSAEncryption
55:d1:c6:44:74:67:fa:fe:8c:43:f1:fb:5e:f7:31:c9:d2:d6:
b8:72:37:3f:32:d6:f7:ad:3f:4a:d2:7c:58:54:c4:02:9b:db:
c3:40:e0:27:0c:ba:73:a3:49:28:c5:71:1d:65:14:53:de:c0:
08:23:5d:ae:fb:eb:fb:32:a1:0e:e2:88:36:d8:94:53:b4:81:
c2:5a:69:77:1f:3f:de:5f:93:7d:de:0b:10:a6:7e:1c:7d:ab:
c8:e6:1d:1e:2b:ee:11:65:c2:a7:d3:ef:e7:17:1d:e1:72:11:
b1:38:e0:1e:9a:9e:d6:89:4d:b8:77:c4:59:1c:03:ee:1f:6e:
66:ac:8e:47:9f:b7:75:ee:8d:01:ac:47:00:05:69:54:85:ab:
55:79:36:e2:3c:e1:99:14:9b:ae:52:0d:90:56:96:9e:61:06:
38:e8:14:a4:4d:60:fc:ec:7b:97:82:8d:15:8d:4f:39:58:4e:
4c:b8:05:24:b8:4a:9a:65:f7:e6:ad:6d:c0:cf:6a:77:cb:94:
c8:a3:3f:70:a5:a2:07:52:c2:f7:0f:65:79:51:68:e7:2f:71:
30:33:cf:2e:40:8b:a9:ad:13:ac:a7:4b:98:ad:0a:9d:1e:58:
40:56:12:d2:76:d6:01:8b:e5:54:60:bc:ec:e5:7c:21:da:78:
bf:ce:e2:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjCXW+co+0CTL0KB+5baAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNjc1MmI5MTc0Nzk1N2RjY2ZmMGU3MWRhNjc0ZjMyOWQ4
MzJkZTMwHhcNMjUwMTAxMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Q1YzRkZGZlZTc5YmVhMjM5NGY3NmY1N2ZkNzI2MjljYzc3NzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMx0CSSJPdLOsmjL7JfYhbzcANSz
Z0Mx+PxWR24Xs/fGF+iG+ZgIVotznvS8LeChtl+Yz6koOaEcr58grtBEWI3WMDv8
PZ+holShlD3G7OD7K+Q18V97pufdyStTdX/+4OQYqeMWlPxkW6lqr50LHrjcxdSh
tiLCQwvBtO1rDFiznIt7L8im24gqiV6HNBJNwKPOGxmOzc30VmayTN48fcHVGjyY
6EelTAEmLOJM5eMnDbO4u1zAp+zwg0SzYJ0L/hRJ4XBq2S32fu2hP8ynMnenVzau
mrOqcAi2pifQefsrWUhqjdOP3I6DV5WaffTB1c8F+x2vvxKcZJbCqBsA+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzVxN3+55vqI5T3b1f9cmKcx3daMB8GA1UdIwQY
MBaAFHFnUrkXR5V9zP8OcdpnTzKdgy3jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1dkU3VSZEhsWDNNX3c1eDJtZFBNcDJETGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi83MGQ0NTAtODBlNC00NGY5LTk5ZjMt
MjFiYzYzZjE2NWY4LzEvUE5YRTNmN25tLW9qbFBkdlZfMXlZcHpIZDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi83MGQ0NTAtODBlNC00NGY5LTk5ZjMtMjFiYzYzZjE2NWY4
LzEvY1dkU3VSZEhsWDNNX3c1eDJtZFBNcDJETGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuebHMA0G
CSqGSIb3DQEBCwUAA4IBAQBV0cZEdGf6/oxD8fte9zHJ0ta4cjc/Mtb3rT9K0nxY
VMQCm9vDQOAnDLpzo0koxXEdZRRT3sAII12u++v7MqEO4og22JRTtIHCWml3Hz/e
X5N93gsQpn4cfavI5h0eK+4RZcKn0+/nFx3hchGxOOAemp7WiU24d8RZHAPuH25m
rI5Hn7d17o0BrEcABWlUhatVeTbiPOGZFJuuUg2QVpaeYQY46BSkTWD87HuXgo0V
jU85WE5MuAUkuEqaZffmrW3Az2p3y5TIoz9wpaIHUsL3D2V5UWjnL3EwM88uQIup
rROsp0uYrQqdHlhAVhLSdtYBi+VUYLzs5Xwh2ni/zuLe
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:42:24 2025 by rpki-client