Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/ab34ad-9e9a-4289-8727-b1acd75018c3/1/pCExSDuPpylceZEh-3ghVJcWtXU.roa
File: pCExSDuPpylceZEh-3ghVJcWtXU.roa (raw, json)
Hash identifier: EmDT0awECjqFFQZyEcdl/Y2PrhZj4pSyXOCLhHqwv2c=
Subject key identifier: A4:21:31:48:3B:8F:A7:29:5C:79:91:21:FB:78:21:54:97:16:B5:75
Certificate issuer: /CN=836a73bed75aa4efa577ed90ad3562e21951d1b2
Certificate serial: 019426D9FD558EDED689D0ADBA5185F87FC0
Authority key identifier: 83:6A:73:BE:D7:5A:A4:EF:A5:77:ED:90:AD:35:62:E2:19:51:D1:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2pzvtdapO-ld-2QrTVi4hlR0bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/ab34ad-9e9a-4289-8727-b1acd75018c3/1/pCExSDuPpylceZEh-3ghVJcWtXU.roa
Signing time: Thu 02 Jan 2025 11:50:07 +0000
ROA not before: Thu 02 Jan 2025 11:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200797
IP address blocks: 185.95.212.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fd:55:8e:de:d6:89:d0:ad:ba:51:85:f8:7f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=836a73bed75aa4efa577ed90ad3562e21951d1b2
Validity
Not Before: Jan 2 11:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a42131483b8fa7295c799121fb7821549716b575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d7:88:8a:98:c3:68:a1:40:06:74:c7:a4:2f:
bc:10:81:53:db:47:59:8c:7e:81:77:96:14:2e:5e:
e6:97:6e:34:a3:dc:ca:a4:e3:9a:9a:6b:06:07:0f:
d4:e5:3b:28:bc:78:02:28:84:2f:34:3b:09:23:d4:
cb:11:dc:f9:c7:02:b9:3b:25:43:af:d2:fe:87:55:
d0:a0:73:96:7d:f1:94:1d:e0:ef:be:ef:08:d2:03:
90:13:f2:98:de:d1:17:b6:21:90:90:ba:74:f7:6e:
17:dc:27:0c:77:8a:4b:22:64:49:91:69:7e:ef:cf:
27:86:42:0a:9c:4a:bd:8f:57:82:ab:9c:6b:50:8f:
1b:2c:41:57:44:d7:41:26:b1:f3:e0:18:52:8f:83:
1b:83:89:29:5c:e1:19:a7:e4:1a:98:00:2b:83:ce:
9f:23:78:42:d9:9e:8d:2a:79:ba:9f:27:0a:e2:15:
41:0a:c6:c1:dd:91:fb:b1:97:d7:1f:e5:41:2c:17:
db:da:de:ef:b8:ea:60:c4:fe:21:3f:5e:0f:ae:1a:
22:25:b5:7d:75:7c:c2:b4:e2:f8:30:9d:42:f2:27:
61:34:6f:ae:11:bd:f3:cb:9d:1f:85:43:82:8f:30:
15:46:26:29:30:e8:6d:c3:ec:af:5b:be:f0:0a:1a:
c7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:21:31:48:3B:8F:A7:29:5C:79:91:21:FB:78:21:54:97:16:B5:75
X509v3 Authority Key Identifier:
keyid:83:6A:73:BE:D7:5A:A4:EF:A5:77:ED:90:AD:35:62:E2:19:51:D1:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2pzvtdapO-ld-2QrTVi4hlR0bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/ab34ad-9e9a-4289-8727-b1acd75018c3/1/pCExSDuPpylceZEh-3ghVJcWtXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/ab34ad-9e9a-4289-8727-b1acd75018c3/1/g2pzvtdapO-ld-2QrTVi4hlR0bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.212.0/22
Signature Algorithm: sha256WithRSAEncryption
87:22:98:7a:60:60:ac:46:9a:78:24:44:63:6a:7a:d6:a7:0c:
6d:dc:98:eb:a6:36:db:9e:78:05:da:87:4c:25:c2:79:18:c9:
0d:87:51:26:69:fe:4f:84:7a:61:ed:82:09:c7:95:23:97:55:
0e:3a:b9:bb:f0:4c:25:71:42:d5:25:05:68:28:cc:1d:82:15:
0f:d9:ac:aa:a5:5d:b4:cf:5c:1a:ff:3a:7e:6d:f1:a2:d2:8b:
95:e9:17:e1:5b:d1:28:c6:a9:8f:ea:13:fe:f7:3f:79:74:10:
92:5e:c6:60:e4:22:10:10:07:bd:fd:d8:56:75:f5:fd:81:eb:
80:b0:6f:53:63:4d:80:f4:58:3b:64:73:a8:0d:39:00:b4:ed:
89:61:a4:9e:1c:f7:9c:a4:a1:35:1d:83:6d:83:15:52:73:46:
09:e6:58:b1:a8:a6:07:d2:47:54:10:dd:9b:eb:62:1f:e8:b9:
3e:d1:8d:2f:84:93:ec:7d:0d:08:12:e9:73:ef:d9:0a:76:c1:
e1:00:0e:7d:e5:e9:ed:98:bf:90:26:86:3a:c1:62:44:7e:b7:
d0:ba:42:9b:5d:04:ed:2b:55:5d:ec:fd:c8:50:03:40:8e:f3:
e5:d6:71:07:94:98:8d:6b:7d:a8:b1:b6:e6:02:85:8d:ae:32:
67:a2:a2:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2f1Vjt7WidCtulGF+H/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNmE3M2JlZDc1YWE0ZWZhNTc3ZWQ5MGFkMzU2MmUyMTk1
MWQxYjIwHhcNMjUwMTAyMTE1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDIxMzE0ODNiOGZhNzI5NWM3OTkxMjFmYjc4MjE1NDk3MTZiNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdeIipjDaKFABnTHpC+8EIFT20dZ
jH6Bd5YULl7ml240o9zKpOOammsGBw/U5TsovHgCKIQvNDsJI9TLEdz5xwK5OyVD
r9L+h1XQoHOWffGUHeDvvu8I0gOQE/KY3tEXtiGQkLp0924X3CcMd4pLImRJkWl+
788nhkIKnEq9j1eCq5xrUI8bLEFXRNdBJrHz4BhSj4Mbg4kpXOEZp+QamAArg86f
I3hC2Z6NKnm6nycK4hVBCsbB3ZH7sZfXH+VBLBfb2t7vuOpgxP4hP14PrhoiJbV9
dXzCtOL4MJ1C8idhNG+uEb3zy50fhUOCjzAVRiYpMOhtw+yvW77wChrHowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQhMUg7j6cpXHmRIft4IVSXFrV1MB8GA1UdIwQY
MBaAFINqc77XWqTvpXftkK01YuIZUdGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJwenZ0ZGFwTy1sZC0yUXJUVmk0aGxSMGJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hYjM0YWQtOWU5YS00Mjg5LTg3Mjct
YjFhY2Q3NTAxOGMzLzEvcENFeFNEdVBweWxjZVpFaC0zZ2hWSmNXdFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hYjM0YWQtOWU5YS00Mjg5LTg3MjctYjFhY2Q3NTAxOGMz
LzEvZzJwenZ0ZGFwTy1sZC0yUXJUVmk0aGxSMGJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV/UMA0G
CSqGSIb3DQEBCwUAA4IBAQCHIph6YGCsRpp4JERjanrWpwxt3JjrpjbbnngF2odM
JcJ5GMkNh1Emaf5PhHph7YIJx5Ujl1UOOrm78EwlcULVJQVoKMwdghUP2ayqpV20
z1wa/zp+bfGi0ouV6RfhW9EoxqmP6hP+9z95dBCSXsZg5CIQEAe9/dhWdfX9geuA
sG9TY02A9Fg7ZHOoDTkAtO2JYaSeHPecpKE1HYNtgxVSc0YJ5lixqKYH0kdUEN2b
62If6Lk+0Y0vhJPsfQ0IEulz79kKdsHhAA595entmL+QJoY6wWJEfrfQukKbXQTt
K1Vd7P3IUANAjvPl1nEHlJiNa32osbbmAoWNrjJnoqKV
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:17:27 2025 by rpki-client