Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/337900-380e-49d8-af4e-9dd42c171112/1/PVx9315HXPnPOTLeQcr5qcZngYo.roa
File: PVx9315HXPnPOTLeQcr5qcZngYo.roa (raw, json)
Hash identifier: kEXPY9i0jPlv+x61rf6B3m34sobHRCkgbuQLWEQLQ8s=
Subject key identifier: 3D:5C:7D:DF:5E:47:5C:F9:CF:39:32:DE:41:CA:F9:A9:C6:67:81:8A
Certificate issuer: /CN=bfad8231a46c641c7ab301d7bfbef0dc09acd4ce
Certificate serial: 019426D95D544238CA1CEACC4A39B78E3A91
Authority key identifier: BF:AD:82:31:A4:6C:64:1C:7A:B3:01:D7:BF:BE:F0:DC:09:AC:D4:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v62CMaRsZBx6swHXv77w3Ams1M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/337900-380e-49d8-af4e-9dd42c171112/1/PVx9315HXPnPOTLeQcr5qcZngYo.roa
Signing time: Thu 02 Jan 2025 11:49:26 +0000
ROA not before: Thu 02 Jan 2025 11:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39223
IP address blocks: 91.221.166.0/23 maxlen: 23
194.105.144.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:5d:54:42:38:ca:1c:ea:cc:4a:39:b7:8e:3a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfad8231a46c641c7ab301d7bfbef0dc09acd4ce
Validity
Not Before: Jan 2 11:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d5c7ddf5e475cf9cf3932de41caf9a9c667818a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ac:ed:a3:66:f9:9c:5f:c6:a4:d4:ae:5d:c3:
a0:4d:2c:08:e2:8e:78:d5:02:13:2c:91:71:fc:89:
d9:77:44:f6:60:40:12:37:b2:b2:d7:a6:c5:6f:67:
dc:b7:64:fe:8c:f7:32:2d:12:4e:aa:c5:ca:b4:70:
55:b1:d6:28:07:3a:a8:4f:f2:ff:73:3d:19:4e:8a:
e6:5e:2b:77:a9:a4:6f:78:f3:7d:8b:0d:bb:87:7d:
3b:6c:45:cf:af:3e:5a:57:85:90:79:17:6a:d4:a0:
dd:21:68:fc:38:a1:db:3a:7d:7c:77:1c:05:eb:6b:
af:f0:d6:0f:bd:3b:86:56:be:98:c6:59:c7:f8:d4:
b3:99:9d:c2:2c:1d:ab:2e:20:2c:8a:25:a9:2e:d5:
02:e7:ba:7f:1b:d5:ce:c8:72:c1:46:97:31:60:d3:
7a:f8:d9:41:8f:4d:60:db:55:f5:f0:af:66:24:0f:
d3:72:b4:d0:b8:9a:81:ec:82:d5:07:cb:fc:5f:3c:
df:4e:70:60:10:80:d7:c4:17:05:8a:e5:fc:c2:fb:
db:9c:45:ca:31:60:9b:09:ea:63:aa:3b:38:3d:71:
93:47:38:cc:6f:4c:a3:56:8c:c5:bc:0a:2f:ea:68:
13:92:18:f1:d9:79:9b:a3:40:90:bf:4c:0f:5c:2e:
8f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:5C:7D:DF:5E:47:5C:F9:CF:39:32:DE:41:CA:F9:A9:C6:67:81:8A
X509v3 Authority Key Identifier:
keyid:BF:AD:82:31:A4:6C:64:1C:7A:B3:01:D7:BF:BE:F0:DC:09:AC:D4:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v62CMaRsZBx6swHXv77w3Ams1M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/337900-380e-49d8-af4e-9dd42c171112/1/PVx9315HXPnPOTLeQcr5qcZngYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/337900-380e-49d8-af4e-9dd42c171112/1/v62CMaRsZBx6swHXv77w3Ams1M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.166.0/23
194.105.144.0/23
Signature Algorithm: sha256WithRSAEncryption
40:13:2e:92:15:7c:4b:f5:94:cb:38:8b:d7:85:9a:59:50:f0:
ce:3e:dd:83:7c:d6:51:8e:1b:b4:9c:44:0c:51:8b:4c:c8:5f:
53:41:a0:28:e0:98:7d:d8:65:08:25:73:5f:2c:45:a5:e7:56:
f9:30:4e:11:fc:17:95:55:4b:0c:92:f1:5a:d2:b9:ca:d9:49:
39:bf:0a:15:69:8d:56:3e:d3:6c:81:46:45:fa:5c:05:50:cf:
99:33:17:f1:cf:8f:c6:98:c2:13:ee:ae:01:56:05:93:b1:59:
ec:aa:f0:7d:7c:f2:87:92:71:10:23:ac:36:12:6b:cb:4b:61:
bf:73:0e:5b:b8:51:20:a5:60:69:a1:bb:0d:70:75:ed:ba:b2:
c8:02:73:69:67:d9:82:cf:3b:ee:d7:fd:3a:91:9e:c6:a3:cb:
af:9e:38:4e:32:01:82:cd:50:ec:51:cf:7e:10:ea:cb:31:4f:
ad:17:89:bc:1c:93:eb:c0:80:cf:e5:64:f2:e5:24:fa:97:0f:
6d:3f:d6:3a:db:56:82:6e:5d:97:68:92:29:c1:57:23:40:59:
f7:93:12:ee:f4:78:79:69:f6:be:a2:8c:c8:6f:1a:4a:92:59:
ef:ea:74:e3:0d:2c:51:c9:e0:90:44:bb:7f:f0:99:bb:1d:85:
af:5e:89:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2V1UQjjKHOrMSjm3jjqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYWQ4MjMxYTQ2YzY0MWM3YWIzMDFkN2JmYmVmMGRjMDlh
Y2Q0Y2UwHhcNMjUwMTAyMTE0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDVjN2RkZjVlNDc1Y2Y5Y2YzOTMyZGU0MWNhZjlhOWM2Njc4MThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqzto2b5nF/GpNSuXcOgTSwI4o54
1QITLJFx/InZd0T2YEASN7Ky16bFb2fct2T+jPcyLRJOqsXKtHBVsdYoBzqoT/L/
cz0ZTormXit3qaRvePN9iw27h307bEXPrz5aV4WQeRdq1KDdIWj8OKHbOn18dxwF
62uv8NYPvTuGVr6YxlnH+NSzmZ3CLB2rLiAsiiWpLtUC57p/G9XOyHLBRpcxYNN6
+NlBj01g21X18K9mJA/TcrTQuJqB7ILVB8v8XzzfTnBgEIDXxBcFiuX8wvvbnEXK
MWCbCepjqjs4PXGTRzjMb0yjVozFvAov6mgTkhjx2Xmbo0CQv0wPXC6PqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD1cfd9eR1z5zzky3kHK+anGZ4GKMB8GA1UdIwQY
MBaAFL+tgjGkbGQcerMB17++8NwJrNTOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjYyQ01hUnNaQng2c3dIWHY3N3czQW1zMU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zMzc5MDAtMzgwZS00OWQ4LWFmNGUt
OWRkNDJjMTcxMTEyLzEvUFZ4OTMxNUhYUG5QT1RMZVFjcjVxY1puZ1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zMzc5MDAtMzgwZS00OWQ4LWFmNGUtOWRkNDJjMTcxMTEy
LzEvdjYyQ01hUnNaQng2c3dIWHY3N3czQW1zMU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW92mAwQB
wmmQMA0GCSqGSIb3DQEBCwUAA4IBAQBAEy6SFXxL9ZTLOIvXhZpZUPDOPt2DfNZR
jhu0nEQMUYtMyF9TQaAo4Jh92GUIJXNfLEWl51b5ME4R/BeVVUsMkvFa0rnK2Uk5
vwoVaY1WPtNsgUZF+lwFUM+ZMxfxz4/GmMIT7q4BVgWTsVnsqvB9fPKHknEQI6w2
EmvLS2G/cw5buFEgpWBpobsNcHXturLIAnNpZ9mCzzvu1/06kZ7Go8uvnjhOMgGC
zVDsUc9+EOrLMU+tF4m8HJPrwIDP5WTy5ST6lw9tP9Y621aCbl2XaJIpwVcjQFn3
kxLu9Hh5afa+oozIbxpKklnv6nTjDSxRyeCQRLt/8Jm7HYWvXonH
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:54:28 2025 by rpki-client