Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/PDkI417cWn_abbXt0o9HD-0vD6g.roa
File: PDkI417cWn_abbXt0o9HD-0vD6g.roa (raw, json)
Hash identifier: mxVaLWpnhSe1agkXL4xYhLyldi4/weSHgH61n+a6Rqk=
Subject key identifier: 3C:39:08:E3:5E:DC:5A:7F:DA:6D:B5:ED:D2:8F:47:0F:ED:2F:0F:A8
Certificate issuer: /CN=493289256e3388777d95e4d531567ce3672a149a
Certificate serial: 019421B1CC9B057CC5A7E1E7AD1F2571DE75
Authority key identifier: 49:32:89:25:6E:33:88:77:7D:95:E4:D5:31:56:7C:E3:67:2A:14:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STKJJW4ziHd9leTVMVZ842cqFJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/PDkI417cWn_abbXt0o9HD-0vD6g.roa
Signing time: Wed 01 Jan 2025 11:48:07 +0000
ROA not before: Wed 01 Jan 2025 11:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24971
IP address blocks: 185.85.164.0/22 maxlen: 22
194.145.180.0/22 maxlen: 22
2a03:7460::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:cc:9b:05:7c:c5:a7:e1:e7:ad:1f:25:71:de:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=493289256e3388777d95e4d531567ce3672a149a
Validity
Not Before: Jan 1 11:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c3908e35edc5a7fda6db5edd28f470fed2f0fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:05:22:4b:6a:bb:77:47:d6:c9:9a:8d:f0:09:
5b:32:c2:84:fe:77:d1:87:bf:4b:f6:b5:d9:85:dd:
ea:4d:34:22:e5:50:9b:b8:41:06:a8:d1:ad:c5:c2:
36:00:24:71:16:1c:0e:e7:61:b7:18:d3:36:4a:f8:
98:c2:67:15:af:9f:e1:7c:ab:e9:45:68:43:df:54:
64:b8:0b:12:57:28:0e:77:b7:5f:b6:76:ed:2d:23:
d8:17:6f:4a:66:8f:2a:75:c6:3a:68:d7:70:bb:f8:
a7:95:a9:2c:3f:53:ea:93:25:5b:9f:11:70:c6:09:
01:10:de:c9:35:61:13:cf:b5:52:5f:8c:b3:b8:98:
29:9b:74:cd:98:73:6b:b2:88:ce:e9:5b:10:d7:6a:
47:e1:1f:df:42:0d:04:99:4d:af:06:91:91:74:ee:
2d:e1:64:e2:13:41:d1:2c:aa:27:7c:0f:a1:cc:d6:
fb:e4:18:3c:ae:ea:64:e9:3d:74:42:cf:37:39:10:
3e:51:da:4b:18:83:6e:79:57:50:fe:98:9a:ec:fc:
89:26:71:37:02:44:75:ae:7f:1d:36:2d:f7:94:39:
cf:a8:53:63:ad:d8:b1:0d:a0:d0:27:d5:cf:7d:08:
3b:fb:8b:ac:50:ab:4a:b4:74:a2:b1:4e:ab:87:8b:
28:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:39:08:E3:5E:DC:5A:7F:DA:6D:B5:ED:D2:8F:47:0F:ED:2F:0F:A8
X509v3 Authority Key Identifier:
keyid:49:32:89:25:6E:33:88:77:7D:95:E4:D5:31:56:7C:E3:67:2A:14:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STKJJW4ziHd9leTVMVZ842cqFJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/PDkI417cWn_abbXt0o9HD-0vD6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/7ae133-d0b6-4b68-8f61-d4d9a2e60e64/1/STKJJW4ziHd9leTVMVZ842cqFJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.164.0/22
194.145.180.0/22
IPv6:
2a03:7460::/32
Signature Algorithm: sha256WithRSAEncryption
70:d8:02:dd:47:16:73:c6:73:54:63:3d:44:8e:55:05:b1:a8:
a4:cb:cb:01:47:8e:17:47:ad:03:2e:75:a9:f1:1c:df:7a:9c:
b5:f3:24:83:8d:a7:cf:5d:56:c6:56:80:33:3d:cc:5c:e9:a5:
78:d1:1c:84:a5:cc:7b:a9:99:d2:2e:34:a5:5f:9c:e5:11:18:
04:ed:fc:a6:12:2e:20:67:68:91:26:70:69:e7:e7:62:fb:4b:
85:75:20:10:68:1d:de:49:a6:37:e0:d5:a9:5a:b0:92:91:bb:
a6:ac:8d:27:ae:9a:06:4f:66:db:78:30:e4:2b:1c:e0:1f:14:
be:e3:d6:e9:8c:fa:48:51:65:b9:04:df:73:cb:8a:3f:db:c5:
e4:06:13:f6:bc:e8:22:53:42:c6:b5:fa:93:39:1c:3d:88:19:
0e:63:fa:b7:86:b1:dd:6e:c7:16:41:3a:a8:ea:7a:b4:cf:66:
40:65:22:98:ca:f3:db:9f:9b:bf:8c:ed:72:f2:93:a1:40:8b:
8d:ec:bb:70:3d:fe:e9:6c:b2:72:88:86:50:05:48:2a:f4:19:
e0:3b:cf:eb:eb:1a:24:b8:5a:aa:54:c5:4b:9e:13:87:48:dd:
15:f5:0a:27:04:13:1b:e3:8b:e5:2f:1b:cc:e0:8d:02:60:14:
f9:5a:ac:dc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhscybBXzFp+HnrR8lcd51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MzI4OTI1NmUzMzg4Nzc3ZDk1ZTRkNTMxNTY3Y2UzNjcy
YTE0OWEwHhcNMjUwMTAxMTE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzM5MDhlMzVlZGM1YTdmZGE2ZGI1ZWRkMjhmNDcwZmVkMmYwZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4wUiS2q7d0fWyZqN8AlbMsKE/nfR
h79L9rXZhd3qTTQi5VCbuEEGqNGtxcI2ACRxFhwO52G3GNM2SviYwmcVr5/hfKvp
RWhD31RkuAsSVygOd7dftnbtLSPYF29KZo8qdcY6aNdwu/inlaksP1PqkyVbnxFw
xgkBEN7JNWETz7VSX4yzuJgpm3TNmHNrsojO6VsQ12pH4R/fQg0EmU2vBpGRdO4t
4WTiE0HRLKonfA+hzNb75Bg8rupk6T10Qs83ORA+UdpLGINueVdQ/pia7PyJJnE3
AkR1rn8dNi33lDnPqFNjrdixDaDQJ9XPfQg7+4usUKtKtHSisU6rh4sovQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDw5CONe3Fp/2m217dKPRw/tLw+oMB8GA1UdIwQY
MBaAFEkyiSVuM4h3fZXk1TFWfONnKhSaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RLSkpXNHppSGQ5bGVUVk1WWjg0MmNxRkpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83YWUxMzMtZDBiNi00YjY4LThmNjEt
ZDRkOWEyZTYwZTY0LzEvUERrSTQxN2NXbl9hYmJYdDBvOUhELTB2RDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83YWUxMzMtZDBiNi00YjY4LThmNjEtZDRkOWEyZTYwZTY0
LzEvU1RLSkpXNHppSGQ5bGVUVk1WWjg0MmNxRkpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVWkAwQC
wpG0MA0EAgACMAcDBQAqA3RgMA0GCSqGSIb3DQEBCwUAA4IBAQBw2ALdRxZzxnNU
Yz1EjlUFsaiky8sBR44XR60DLnWp8Rzfepy18ySDjafPXVbGVoAzPcxc6aV40RyE
pcx7qZnSLjSlX5zlERgE7fymEi4gZ2iRJnBp5+di+0uFdSAQaB3eSaY34NWpWrCS
kbumrI0nrpoGT2bbeDDkKxzgHxS+49bpjPpIUWW5BN9zy4o/28XkBhP2vOgiU0LG
tfqTORw9iBkOY/q3hrHdbscWQTqo6nq0z2ZAZSKYyvPbn5u/jO1y8pOhQIuN7Ltw
Pf7pbLJyiIZQBUgq9BngO8/r6xokuFqqVMVLnhOHSN0V9QonBBMb44vlLxvM4I0C
YBT5Wqzc
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:08:16 2025 by rpki-client