Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/PNooGkBN5EmPm2-lPjPrjJLMm1s.roa
File: PNooGkBN5EmPm2-lPjPrjJLMm1s.roa (raw, json)
Hash identifier: 3b7JA++XKt4PjiqpoWlQJB1NxEU9vPNVSTxf5bN22dc=
Subject key identifier: 3C:DA:28:1A:40:4D:E4:49:8F:9B:6F:A5:3E:33:EB:8C:92:CC:9B:5B
Certificate issuer: /CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Certificate serial: 019427B561B017217D629991365298DA31CC
Authority key identifier: 66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/PNooGkBN5EmPm2-lPjPrjJLMm1s.roa
Signing time: Thu 02 Jan 2025 15:49:45 +0000
ROA not before: Thu 02 Jan 2025 15:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61135
IP address blocks: 212.64.201.0/24 maxlen: 24
212.64.202.0/24 maxlen: 24
212.64.210.0/24 maxlen: 32
212.64.211.0/24 maxlen: 32
212.64.214.0/24 maxlen: 32
212.64.216.0/24 maxlen: 32
212.64.217.0/24 maxlen: 32
212.64.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:61:b0:17:21:7d:62:99:91:36:52:98:da:31:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6640f89ce22645b97297d7803726dc2fb0e5f4b9
Validity
Not Before: Jan 2 15:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3cda281a404de4498f9b6fa53e33eb8c92cc9b5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3b:76:07:2a:84:f2:4f:86:67:37:56:e3:7b:
71:bd:f9:72:72:11:8f:11:94:47:36:1c:b0:b7:1e:
a3:37:7f:4c:ee:6a:92:ca:5e:73:21:09:21:7f:70:
91:84:c8:26:8c:0a:3f:ce:06:bd:fc:10:50:13:e9:
2d:ed:0c:47:60:e0:af:6c:3e:03:36:41:23:d5:25:
7e:43:c1:f1:31:46:81:66:c3:20:de:97:db:14:dc:
8e:40:95:4c:79:f4:14:df:59:58:a7:11:76:42:53:
31:e6:bc:99:36:c2:fc:d2:54:34:61:53:6a:52:8a:
33:58:48:43:7f:df:7c:ec:fe:a8:d1:26:00:b4:df:
e4:57:d2:67:ca:21:89:07:48:41:52:e8:a4:40:3b:
88:07:96:20:83:19:55:7b:88:13:da:1c:2f:d6:86:
8d:f5:06:80:dc:9b:0d:72:6e:5c:0b:31:c1:eb:d2:
14:97:dc:b9:7c:b8:fb:2d:39:ac:4e:f3:75:60:e9:
da:6e:9b:d7:00:fd:20:e5:a6:37:35:6d:01:65:bb:
ce:dc:8a:cd:80:5d:d2:3c:49:b7:94:d6:ad:87:58:
d8:30:ba:8b:61:55:8e:04:35:39:28:77:9c:81:b2:
bb:d3:95:80:3b:50:84:67:00:b4:20:e5:31:02:ba:
2a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DA:28:1A:40:4D:E4:49:8F:9B:6F:A5:3E:33:EB:8C:92:CC:9B:5B
X509v3 Authority Key Identifier:
keyid:66:40:F8:9C:E2:26:45:B9:72:97:D7:80:37:26:DC:2F:B0:E5:F4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZkD4nOImRblyl9eANybcL7Dl9Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/PNooGkBN5EmPm2-lPjPrjJLMm1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c3ad2e-b52e-441c-89ba-44ab7a9d7dea/1/ZkD4nOImRblyl9eANybcL7Dl9Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.201.0-212.64.202.255
212.64.210.0/23
212.64.214.0/24
212.64.216.0-212.64.218.255
Signature Algorithm: sha256WithRSAEncryption
6b:a6:18:5c:d2:47:42:4b:45:bd:ed:b2:de:48:6c:29:82:51:
3a:2c:87:df:a4:2a:08:2d:a9:3e:72:b3:92:36:8a:b3:19:f8:
95:a1:ea:1e:a9:8f:17:37:99:87:6e:d3:fe:28:4b:cb:5c:53:
cf:95:7b:a2:33:ca:fc:b5:8c:65:e2:34:63:9a:ad:89:41:28:
1e:dd:36:2c:be:60:c5:fb:37:a3:f5:99:da:0b:84:13:73:53:
37:5f:11:1c:72:dd:ed:1b:ad:a8:06:ff:d4:58:01:a6:36:a1:
67:4d:67:b2:0b:70:78:a7:b2:ff:81:24:66:06:d8:b3:f3:22:
33:bd:08:43:d7:3c:4d:47:4a:1c:90:41:34:d1:7e:ad:4a:d7:
75:89:de:80:2f:3b:6f:1b:46:b1:07:db:79:47:bd:43:d4:7f:
13:e8:78:87:ce:e4:7e:79:09:f4:7c:1b:b3:fc:c6:48:59:15:
30:fe:d0:bb:32:e7:56:04:69:18:52:7d:1f:c5:6a:e2:be:76:
53:68:fd:03:d2:3c:d2:55:b9:2c:a2:84:6c:fc:f4:0b:f6:1b:
f0:18:0e:b2:7c:d2:84:a5:20:6e:98:ee:ba:66:bd:5a:02:f3:
e6:a8:72:89:73:0e:0f:2a:32:fc:7b:34:50:26:ef:19:24:b5:
57:cc:06:4f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQntWGwFyF9YpmRNlKY2jHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NDBmODljZTIyNjQ1Yjk3Mjk3ZDc4MDM3MjZkYzJmYjBl
NWY0YjkwHhcNMjUwMTAyMTU0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RhMjgxYTQwNGRlNDQ5OGY5YjZmYTUzZTMzZWI4YzkyY2M5YjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjt2ByqE8k+GZzdW43txvflychGP
EZRHNhywtx6jN39M7mqSyl5zIQkhf3CRhMgmjAo/zga9/BBQE+kt7QxHYOCvbD4D
NkEj1SV+Q8HxMUaBZsMg3pfbFNyOQJVMefQU31lYpxF2QlMx5ryZNsL80lQ0YVNq
UoozWEhDf9987P6o0SYAtN/kV9JnyiGJB0hBUuikQDuIB5YggxlVe4gT2hwv1oaN
9QaA3JsNcm5cCzHB69IUl9y5fLj7LTmsTvN1YOnabpvXAP0g5aY3NW0BZbvO3IrN
gF3SPEm3lNath1jYMLqLYVWOBDU5KHecgbK705WAO1CEZwC0IOUxAroqLwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDzaKBpATeRJj5tvpT4z64ySzJtbMB8GA1UdIwQY
MBaAFGZA+JziJkW5cpfXgDcm3C+w5fS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEt
NDRhYjdhOWQ3ZGVhLzEvUE5vb0drQk41RW1QbTItbFBqUHJqSkxNbTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jM2FkMmUtYjUyZS00NDFjLTg5YmEtNDRhYjdhOWQ3ZGVh
LzEvWmtENG5PSW1SYmx5bDllQU55YmNMN0RsOUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBADUQMkD
BADUQMoDBAHUQNIDBADUQNYwDAMEA9RA2AMEANRA2jANBgkqhkiG9w0BAQsFAAOC
AQEAa6YYXNJHQktFve2y3khsKYJROiyH36QqCC2pPnKzkjaKsxn4laHqHqmPFzeZ
h27T/ihLy1xTz5V7ojPK/LWMZeI0Y5qtiUEoHt02LL5gxfs3o/WZ2guEE3NTN18R
HHLd7RutqAb/1FgBpjahZ01nsgtweKey/4EkZgbYs/MiM70IQ9c8TUdKHJBBNNF+
rUrXdYnegC87bxtGsQfbeUe9Q9R/E+h4h87kfnkJ9Hwbs/zGSFkVMP7QuzLnVgRp
GFJ9H8Vq4r52U2j9A9I80lW5LKKEbPz0C/Yb8BgOsnzShKUgbpjuuma9WgLz5qhy
iXMODyoy/Hs0UCbvGSS1V8wGTw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:09:31 2025 by rpki-client