Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/PAh3rm7-6qf5vNChF4tb0XDiBok.roa
File: PAh3rm7-6qf5vNChF4tb0XDiBok.roa (raw, json)
Hash identifier: TsXeQOJgZe2V8A2ga0XS4BePFqZ5jWDORWR5JBRsZ+c=
Subject key identifier: 3C:08:77:AE:6E:FE:EA:A7:F9:BC:D0:A1:17:8B:5B:D1:70:E2:06:89
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0194221FC1B849CB52140164E6C931067BCF
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/PAh3rm7-6qf5vNChF4tb0XDiBok.roa
Signing time: Wed 01 Jan 2025 13:48:13 +0000
ROA not before: Wed 01 Jan 2025 13:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41097
IP address blocks: 78.133.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c1:b8:49:cb:52:14:01:64:e6:c9:31:06:7b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 13:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c0877ae6efeeaa7f9bcd0a1178b5bd170e20689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:2e:4b:02:dc:47:0e:26:25:31:ac:54:5d:8d:
99:07:66:84:0b:44:f7:d4:bd:50:48:92:ac:d8:d0:
18:b0:2e:e7:c4:c6:3e:86:8b:5b:45:da:cc:62:b3:
23:3e:76:6b:4b:fb:f6:99:7d:48:e9:fe:c3:5f:e0:
28:83:96:9b:63:d6:d9:64:c8:28:94:9e:e8:3f:89:
5c:42:55:5e:7e:57:d5:d4:8c:f9:02:46:df:30:a2:
75:d7:1f:9c:ec:61:ef:c3:02:76:b0:55:47:78:1c:
23:4b:c7:a3:80:36:00:0b:02:2b:b2:28:63:6a:73:
b8:39:b2:2f:6a:70:5b:5c:c5:eb:19:fc:fe:27:2e:
f8:3b:ab:34:6f:bb:f7:79:9a:b0:e3:99:a1:ed:2c:
61:25:70:35:d8:dc:7e:4c:cf:14:ec:f2:b5:a9:50:
6e:63:e3:4c:e0:6b:b0:80:ea:31:df:e3:2f:5b:8c:
cd:27:32:e1:9d:a5:b3:36:49:c4:86:d5:ff:b4:b8:
2e:9c:ef:3c:5c:e4:e4:bb:64:1b:e5:2d:c8:45:4a:
e8:fe:55:3d:32:68:1c:4c:7b:79:72:fe:ae:a4:2b:
d8:66:4c:91:4d:a5:d7:a7:87:24:5e:f9:37:58:5b:
73:ed:ea:ce:48:be:1b:3e:10:b3:58:15:37:24:d6:
53:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:08:77:AE:6E:FE:EA:A7:F9:BC:D0:A1:17:8B:5B:D1:70:E2:06:89
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/PAh3rm7-6qf5vNChF4tb0XDiBok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.228.0/24
Signature Algorithm: sha256WithRSAEncryption
04:d7:28:f6:2b:08:9f:fd:75:aa:f5:a4:13:78:4d:d7:fc:2f:
3e:34:e3:24:54:4d:35:bb:0f:89:1a:16:06:42:eb:1c:26:c8:
98:5b:fb:f2:97:cd:4e:b2:69:99:b9:61:31:e4:4f:67:f6:00:
30:61:9e:75:9e:73:f7:8d:a3:6c:f1:07:ce:84:d1:63:78:e5:
25:27:5a:f2:7c:91:62:e7:98:8c:af:69:14:12:a8:10:a2:e0:
14:97:64:a6:8d:aa:0c:d9:f6:ce:8f:30:5b:d5:b4:0c:49:54:
d8:6b:4c:80:aa:f4:14:02:51:b9:ca:91:c6:a6:0c:3f:b1:5e:
89:f1:bd:e9:c4:94:53:d3:13:72:90:29:0b:b9:d6:d9:7d:e7:
6e:b5:1a:28:fb:cb:20:25:e6:b0:46:8e:41:93:48:31:c6:c7:
9c:03:6b:02:c9:03:3e:aa:3f:29:9a:f3:5a:be:48:3d:b7:60:
5d:52:f3:74:9a:e3:c4:d6:70:2b:af:d9:4a:b1:5a:45:33:34:
d2:b8:6a:a1:94:aa:e5:24:17:fe:b6:b8:77:9a:c2:a8:29:58:
09:26:0e:1c:32:3d:46:c9:09:eb:46:78:d3:5e:4d:ba:5e:34:
d9:45:56:93:55:6d:0f:f9:41:fa:36:9a:09:c5:0d:cc:1f:33:
6b:f0:46:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH8G4SctSFAFk5skxBnvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjUwMTAxMTM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA4NzdhZTZlZmVlYWE3ZjliY2QwYTExNzhiNWJkMTcwZTIwNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8C5LAtxHDiYlMaxUXY2ZB2aEC0T3
1L1QSJKs2NAYsC7nxMY+hotbRdrMYrMjPnZrS/v2mX1I6f7DX+Aog5abY9bZZMgo
lJ7oP4lcQlVeflfV1Iz5AkbfMKJ11x+c7GHvwwJ2sFVHeBwjS8ejgDYACwIrsihj
anO4ObIvanBbXMXrGfz+Jy74O6s0b7v3eZqw45mh7SxhJXA12Nx+TM8U7PK1qVBu
Y+NM4GuwgOox3+MvW4zNJzLhnaWzNknEhtX/tLgunO88XOTku2Qb5S3IRUro/lU9
MmgcTHt5cv6upCvYZkyRTaXXp4ckXvk3WFtz7erOSL4bPhCzWBU3JNZT0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwId65u/uqn+bzQoReLW9Fw4gaJMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvUEFoM3JtNy02cWY1dk5DaEY0dGIwWERpQm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAToXkMA0G
CSqGSIb3DQEBCwUAA4IBAQAE1yj2Kwif/XWq9aQTeE3X/C8+NOMkVE01uw+JGhYG
QuscJsiYW/vyl81OsmmZuWEx5E9n9gAwYZ51nnP3jaNs8QfOhNFjeOUlJ1ryfJFi
55iMr2kUEqgQouAUl2SmjaoM2fbOjzBb1bQMSVTYa0yAqvQUAlG5ypHGpgw/sV6J
8b3pxJRT0xNykCkLudbZfedutRoo+8sgJeawRo5Bk0gxxsecA2sCyQM+qj8pmvNa
vkg9t2BdUvN0muPE1nArr9lKsVpFMzTSuGqhlKrlJBf+trh3msKoKVgJJg4cMj1G
yQnrRnjTXk26XjTZRVaTVW0P+UH6NpoJxQ3MHzNr8EZY
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:00:41 2025 by rpki-client