Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pjtBu5NlOqhQheO3kwuTbNCwtc0.roa
File: pjtBu5NlOqhQheO3kwuTbNCwtc0.roa (raw, json)
Hash identifier: DGmwXik2c+LyMNz31EAKE5aCvT+Bw6elYyF8MYWaLUQ=
Subject key identifier: A6:3B:41:BB:93:65:3A:A8:50:85:E3:B7:93:0B:93:6C:D0:B0:B5:CD
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C51AAD1D78B62962C04C4164827DC
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pjtBu5NlOqhQheO3kwuTbNCwtc0.roa
Signing time: Thu 02 Jan 2025 09:50:20 +0000
ROA not before: Thu 02 Jan 2025 09:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8342
IP address blocks: 213.24.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:51:aa:d1:d7:8b:62:96:2c:04:c4:16:48:27:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a63b41bb93653aa85085e3b7930b936cd0b0b5cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:81:6e:6a:13:13:e2:82:e1:2c:db:e8:26:cd:
ce:01:81:70:0e:e5:43:f6:d2:cc:24:70:60:37:fa:
74:5f:67:7a:d2:0c:84:a4:02:38:36:21:5b:3e:9a:
51:1c:96:75:43:e7:73:e7:70:5f:b5:0f:0f:d4:a4:
c7:18:1b:8e:9e:f8:82:b7:c4:42:7b:a1:59:51:55:
42:87:53:43:bb:6a:9c:23:b5:bf:db:65:d5:93:04:
ec:77:8e:54:74:aa:2c:4b:a6:9f:c6:6c:f3:55:e8:
f7:4c:71:87:e9:72:63:5c:74:f7:53:75:8b:fd:af:
7a:56:9d:ac:ba:48:91:1b:da:b5:cf:cc:c6:5f:6b:
1c:07:17:f3:46:4b:c0:96:72:1e:76:70:16:8f:d1:
60:dd:96:ab:e1:45:8f:e6:03:ac:b9:4e:1a:c9:2f:
72:f1:59:61:73:bd:84:8b:37:b8:b8:e3:08:73:a8:
1d:17:8e:0d:73:7c:9b:0a:d7:af:e5:15:bd:34:d1:
1d:eb:b2:68:0c:63:0e:30:96:d4:f7:ed:93:a2:b3:
ab:dd:0a:e3:96:b5:89:88:4c:3d:ed:e8:31:e0:d8:
90:74:fd:b0:fd:3b:6f:e0:91:df:39:3e:d2:e2:6c:
09:2a:bd:fd:92:3c:b7:82:14:d3:75:07:7e:3a:b0:
b3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:3B:41:BB:93:65:3A:A8:50:85:E3:B7:93:0B:93:6C:D0:B0:B5:CD
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pjtBu5NlOqhQheO3kwuTbNCwtc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:89:66:8f:cd:a4:d4:f3:8e:50:8f:f3:4c:93:45:52:d6:9b:
77:d6:89:81:13:cf:4a:50:be:71:0c:c4:62:8f:c0:69:df:7e:
47:8c:0d:dd:55:57:f6:97:6a:df:69:6d:16:71:cc:5c:a2:12:
3a:16:20:94:ea:8e:37:8e:40:a5:2b:a1:cd:bc:41:d6:6e:6f:
c3:1b:f3:21:4a:e0:51:88:d5:9c:0f:46:28:6c:15:f4:10:14:
66:e1:07:32:12:e7:73:81:13:13:2f:58:96:d4:9a:df:18:71:
91:cb:ae:c9:c5:d9:e2:83:b5:78:74:ab:e6:2c:88:42:3a:ba:
2f:a6:6c:e6:cd:0c:e0:9a:13:d2:70:94:02:0a:7c:52:33:b7:
22:74:2a:4e:6f:85:bb:c9:da:9a:a1:83:65:92:12:ee:46:77:
b5:5b:11:68:a6:67:ef:fa:92:93:d9:1b:8d:3c:e6:d8:86:8b:
bb:ac:1e:7d:cb:a0:56:bd:3b:95:d0:b6:19:0b:b6:b5:12:4f:
a3:14:34:3a:56:a2:7a:a8:c8:74:01:24:79:6d:2d:95:94:ff:
b2:b6:0f:e3:27:bd:ce:8c:bf:52:49:ab:3b:3b:35:8c:d8:db:
33:dc:a4:f3:be:aa:ff:a2:b6:ba:85:96:0d:a2:32:5c:f4:15:
67:3e:fc:7e
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQmbFGq0deLYpYsBMQWSCfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjNiNDFiYjkzNjUzYWE4NTA4NWUzYjc5MzBiOTM2Y2QwYjBiNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYFuahMT4oLhLNvoJs3OAYFwDuVD
9tLMJHBgN/p0X2d60gyEpAI4NiFbPppRHJZ1Q+dz53BftQ8P1KTHGBuOnviCt8RC
e6FZUVVCh1NDu2qcI7W/22XVkwTsd45UdKosS6afxmzzVej3THGH6XJjXHT3U3WL
/a96Vp2sukiRG9q1z8zGX2scBxfzRkvAlnIednAWj9Fg3Zar4UWP5gOsuU4ayS9y
8Vlhc72Eize4uOMIc6gdF44Nc3ybCtev5RW9NNEd67JoDGMOMJbU9+2TorOr3Qrj
lrWJiEw97egx4NiQdP2w/Ttv4JHfOT7S4mwJKr39kjy3ghTTdQd+OrCzOQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFKY7QbuTZTqoUIXjt5MLk2zQsLXNMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcGp0QnU1TmxPcWhRaGVPM2t3dVRiTkN3dGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA1RgwDQYJ
KoZIhvcNAQELBQADggEBADqJZo/NpNTzjlCP80yTRVLWm3fWiYETz0pQvnEMxGKP
wGnffkeMDd1VV/aXat9pbRZxzFyiEjoWIJTqjjeOQKUroc28QdZub8Mb8yFK4FGI
1ZwPRihsFfQQFGbhBzIS53OBExMvWJbUmt8YcZHLrsnF2eKDtXh0q+YsiEI6ui+m
bObNDOCaE9JwlAIKfFIztyJ0Kk5vhbvJ2pqhg2WSEu5Gd7VbEWimZ+/6kpPZG408
5tiGi7usHn3LoFa9O5XQthkLtrUST6MUNDpWonqoyHQBJHltLZWU/7K2D+Mnvc6M
v1JJqzs7NYzY2zPcpPO+qv+itrqFlg2iMlz0FWc+/H4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:25:25 2025 by rpki-client