Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/76f921-6217-4e95-b445-10cd20fab386/1/PyQ8fu5pDLbvLBuzcMMxIAkMsmo.roa
File: PyQ8fu5pDLbvLBuzcMMxIAkMsmo.roa (raw, json)
Hash identifier: mZg5dPb6uDIAF/lQgfs5kl+MW8uT39zjW3CSCFzbS/c=
Subject key identifier: 3F:24:3C:7E:EE:69:0C:B6:EF:2C:1B:B3:70:C3:31:20:09:0C:B2:6A
Certificate issuer: /CN=150b7ff9bc1962ebcec0be435ccc272d751a1c16
Certificate serial: 019421B210F5E6C477BAA6ACC6F960364EA6
Authority key identifier: 15:0B:7F:F9:BC:19:62:EB:CE:C0:BE:43:5C:CC:27:2D:75:1A:1C:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FQt_-bwZYuvOwL5DXMwnLXUaHBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/76f921-6217-4e95-b445-10cd20fab386/1/PyQ8fu5pDLbvLBuzcMMxIAkMsmo.roa
Signing time: Wed 01 Jan 2025 11:48:25 +0000
ROA not before: Wed 01 Jan 2025 11:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197825
IP address blocks: 176.10.56.0/24 maxlen: 24
176.10.57.0/24 maxlen: 24
176.10.58.0/24 maxlen: 24
176.10.59.0/24 maxlen: 24
176.10.60.0/24 maxlen: 24
176.10.61.0/24 maxlen: 24
176.10.62.0/24 maxlen: 24
176.10.63.0/24 maxlen: 24
2a06:2080::/32 maxlen: 32
2a06:2081::/32 maxlen: 32
2a06:2082::/32 maxlen: 32
2a06:2083::/32 maxlen: 32
2a06:2084::/32 maxlen: 32
2a06:2085::/32 maxlen: 32
2a06:2086::/32 maxlen: 32
2a06:2087::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:10:f5:e6:c4:77:ba:a6:ac:c6:f9:60:36:4e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=150b7ff9bc1962ebcec0be435ccc272d751a1c16
Validity
Not Before: Jan 1 11:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f243c7eee690cb6ef2c1bb370c33120090cb26a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f1:59:c5:55:82:23:88:c7:2a:30:b3:0b:5f:
e4:4e:51:23:43:97:a8:85:e9:ba:8d:65:55:be:c3:
a3:c8:97:24:99:1a:82:1e:1a:ea:27:a8:d5:c1:a8:
11:b6:05:51:41:6d:90:91:6b:8f:78:bf:65:19:bd:
55:fc:d4:29:56:30:1a:a7:44:0b:3b:c5:39:4d:86:
55:23:3b:ad:99:e7:43:27:5a:53:79:38:14:73:02:
21:28:3b:65:60:d0:2c:cd:3b:e2:cf:d3:28:7b:13:
f3:c0:dd:d6:91:0c:16:a7:c4:61:3e:1f:40:e1:58:
bb:9e:b5:cb:66:ec:38:83:51:3c:d6:33:fa:57:27:
60:79:f5:a9:67:45:95:43:ed:3b:a3:0a:46:1b:9c:
b4:ce:7d:f9:2f:b8:97:0c:0a:f3:1d:59:cf:05:ef:
62:54:53:e7:b7:c7:23:d9:df:8c:bc:02:5e:0c:07:
1a:0f:c5:5f:5b:85:3d:2e:70:7c:06:cd:b0:b5:65:
6f:70:5d:51:d6:fb:7d:2e:56:0a:9d:4b:95:5e:c7:
6f:8d:8a:76:49:3b:25:ad:a3:cb:7a:09:ac:6f:e7:
dc:8f:e4:0b:98:e0:0c:14:ce:8e:dc:a8:d6:5c:16:
10:6d:50:ab:af:1c:60:1b:19:29:cf:2f:d0:25:fe:
bd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:24:3C:7E:EE:69:0C:B6:EF:2C:1B:B3:70:C3:31:20:09:0C:B2:6A
X509v3 Authority Key Identifier:
keyid:15:0B:7F:F9:BC:19:62:EB:CE:C0:BE:43:5C:CC:27:2D:75:1A:1C:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQt_-bwZYuvOwL5DXMwnLXUaHBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/76f921-6217-4e95-b445-10cd20fab386/1/PyQ8fu5pDLbvLBuzcMMxIAkMsmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/76f921-6217-4e95-b445-10cd20fab386/1/FQt_-bwZYuvOwL5DXMwnLXUaHBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.10.56.0/21
IPv6:
2a06:2080::/29
Signature Algorithm: sha256WithRSAEncryption
0b:a5:06:a1:29:44:8c:92:bb:9c:23:5c:b4:65:f4:55:ba:da:
58:a8:8a:0e:e3:72:c6:ac:fe:55:4f:0b:f7:c7:93:f7:84:84:
d9:72:32:5d:2b:42:1c:4b:62:59:36:e4:46:b2:da:49:26:d8:
b6:3b:d0:4e:49:ea:0b:bc:97:8d:a7:79:61:56:6a:db:88:6e:
b8:4b:06:5b:c0:01:d2:1d:3a:cb:63:1a:05:1f:b3:6e:d7:40:
de:d1:b8:3d:36:9b:e2:bb:b0:4b:2f:20:11:c2:13:bb:f8:08:
d3:6f:98:59:6f:28:b4:2a:45:d6:d1:2f:08:96:65:eb:27:44:
d0:36:cf:c3:23:e6:e0:43:0f:f0:4a:53:6a:d0:c2:48:24:7d:
32:3c:cb:b2:77:d6:46:d6:93:8f:cb:48:87:b7:41:ae:20:7f:
c7:68:5c:17:7c:b7:e6:ef:5a:c3:c4:25:6e:fe:4e:2e:3f:22:
4f:e9:bb:0f:93:a6:77:23:12:0d:6f:77:47:4e:12:86:35:55:
c3:fa:e5:e6:4b:d4:10:62:71:53:9f:42:4c:99:23:d8:6f:32:
cf:e3:9d:74:08:81:44:ae:a9:71:14:cd:5f:00:17:b6:e1:b0:
e5:18:ff:c5:a8:45:f5:0e:1c:7f:67:75:88:aa:f3:d6:a3:c0:
fa:20:33:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhshD15sR3uqasxvlgNk6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MGI3ZmY5YmMxOTYyZWJjZWMwYmU0MzVjY2MyNzJkNzUx
YTFjMTYwHhcNMjUwMTAxMTE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjI0M2M3ZWVlNjkwY2I2ZWYyYzFiYjM3MGMzMzEyMDA5MGNiMjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPFZxVWCI4jHKjCzC1/kTlEjQ5eo
hem6jWVVvsOjyJckmRqCHhrqJ6jVwagRtgVRQW2QkWuPeL9lGb1V/NQpVjAap0QL
O8U5TYZVIzutmedDJ1pTeTgUcwIhKDtlYNAszTviz9MoexPzwN3WkQwWp8RhPh9A
4Vi7nrXLZuw4g1E81jP6VydgefWpZ0WVQ+07owpGG5y0zn35L7iXDArzHVnPBe9i
VFPnt8cj2d+MvAJeDAcaD8VfW4U9LnB8Bs2wtWVvcF1R1vt9LlYKnUuVXsdvjYp2
STslraPLegmsb+fcj+QLmOAMFM6O3KjWXBYQbVCrrxxgGxkpzy/QJf69rwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD8kPH7uaQy27ywbs3DDMSAJDLJqMB8GA1UdIwQY
MBaAFBULf/m8GWLrzsC+Q1zMJy11GhwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlF0Xy1id1pZdXZPd0w1RFhNd25MWFVhSEJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS83NmY5MjEtNjIxNy00ZTk1LWI0NDUt
MTBjZDIwZmFiMzg2LzEvUHlROGZ1NXBETGJ2TEJ1emNNTXhJQWtNc21vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS83NmY5MjEtNjIxNy00ZTk1LWI0NDUtMTBjZDIwZmFiMzg2
LzEvRlF0Xy1id1pZdXZPd0w1RFhNd25MWFVhSEJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDsAo4MA0E
AgACMAcDBQMqBiCAMA0GCSqGSIb3DQEBCwUAA4IBAQALpQahKUSMkrucI1y0ZfRV
utpYqIoO43LGrP5VTwv3x5P3hITZcjJdK0IcS2JZNuRGstpJJti2O9BOSeoLvJeN
p3lhVmrbiG64SwZbwAHSHTrLYxoFH7Nu10De0bg9Npviu7BLLyARwhO7+AjTb5hZ
byi0KkXW0S8IlmXrJ0TQNs/DI+bgQw/wSlNq0MJIJH0yPMuyd9ZG1pOPy0iHt0Gu
IH/HaFwXfLfm71rDxCVu/k4uPyJP6bsPk6Z3IxINb3dHThKGNVXD+uXmS9QQYnFT
n0JMmSPYbzLP4510CIFErqlxFM1fABe24bDlGP/FqEX1Dhx/Z3WIqvPWo8D6IDMg
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:50:20 2025 by rpki-client