Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/PCD0p_UNZon9aCxoq1egSeAnxBA.roa
File: PCD0p_UNZon9aCxoq1egSeAnxBA.roa (raw, json)
Hash identifier: i0uT3nEejd+UeJVQ6gjyXxFUUCw66ysdAWzGYAGx+Mk=
Subject key identifier: 3C:20:F4:A7:F5:0D:66:89:FD:68:2C:68:AB:57:A0:49:E0:27:C4:10
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 01941F8C77A7EB054CC0A5D57557C65A2D87
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/PCD0p_UNZon9aCxoq1egSeAnxBA.roa
Signing time: Wed 01 Jan 2025 01:48:06 +0000
ROA not before: Wed 01 Jan 2025 01:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216158
IP address blocks: 31.200.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:77:a7:eb:05:4c:c0:a5:d5:75:57:c6:5a:2d:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 1 01:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c20f4a7f50d6689fd682c68ab57a049e027c410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d5:b5:cc:12:97:0f:b7:01:8a:0d:74:46:9f:
38:f9:f7:9a:7e:38:c5:65:6b:2b:5e:cb:af:07:c9:
11:93:b8:d6:50:0e:3d:53:65:3c:87:9e:b6:9a:2a:
94:60:3d:11:8e:fd:34:bc:4e:44:cb:5e:b5:f5:42:
63:f1:30:5b:4f:ed:04:bf:15:8a:e9:3c:f2:30:e2:
27:66:12:a3:4c:ca:4e:e8:5a:da:49:ce:d5:45:ad:
09:42:9e:cd:0b:88:50:c8:e5:c6:b6:dd:b4:cb:f3:
7a:82:cf:3e:e8:ba:67:78:07:f1:07:0e:18:4e:ca:
2d:55:96:df:ce:72:9d:58:69:d2:6f:a3:3a:15:89:
08:14:cf:d7:f5:4f:97:b1:e4:2b:59:58:4b:53:f4:
82:e0:b6:53:de:31:e4:8f:3f:2d:63:37:2f:04:fb:
64:12:37:45:65:b7:60:1d:43:8c:9c:76:cc:66:ad:
ce:b4:53:33:87:67:de:30:df:ac:e3:b4:bb:f8:f7:
37:58:bd:37:68:e5:96:b2:e5:35:0e:52:9b:3d:a2:
bc:e9:9c:d8:23:97:0d:c7:7e:2f:5d:4d:e1:c8:02:
39:f2:0c:32:68:3b:56:cb:2b:84:6f:15:24:57:e5:
2a:7d:86:b1:35:44:7a:fa:11:5e:a0:8a:1a:cb:85:
4c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:20:F4:A7:F5:0D:66:89:FD:68:2C:68:AB:57:A0:49:E0:27:C4:10
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/PCD0p_UNZon9aCxoq1egSeAnxBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.249.0/24
Signature Algorithm: sha256WithRSAEncryption
62:b8:8b:2d:67:96:ce:e9:05:e6:da:cd:15:54:d3:0e:c3:72:
59:5c:1c:b4:64:eb:41:93:55:28:ee:a1:c2:b8:17:79:d0:08:
5d:79:09:a2:51:09:34:43:77:98:6d:b3:a9:66:8b:b7:9a:3c:
54:b8:ba:66:24:a9:a6:0c:e7:1d:e1:a3:4f:44:60:1b:74:bd:
04:00:e6:da:fb:ea:28:b6:1b:47:fe:eb:d7:e6:69:a7:a4:8f:
72:8d:52:15:ad:18:65:1e:5c:80:06:ba:b8:85:dc:da:84:17:
9a:80:ce:5a:1a:c6:d4:f5:6e:d0:40:21:90:b9:69:04:a3:c6:
4b:ef:d5:f8:21:5b:f0:80:47:da:a4:bb:85:19:8b:6a:5a:9b:
46:fe:3a:50:13:0a:0c:22:9f:e1:6b:19:dc:7c:1c:39:b5:45:
99:cc:04:58:f3:ad:04:92:06:58:0b:9d:0b:e1:97:c4:55:51:
02:2e:28:cc:67:10:de:56:2e:c9:e8:f9:ab:e9:73:94:72:c6:
18:70:7a:95:e3:24:14:ce:49:11:27:e6:58:19:21:93:ad:86:
8b:86:0f:79:78:20:d0:fb:ed:65:75:58:c2:8f:3b:05:d0:6e:
11:0d:34:f2:a6:ed:9b:68:7a:50:3b:11:d6:1b:02:81:11:39:
6e:4a:13:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjHen6wVMwKXVdVfGWi2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjUwMTAxMDE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzIwZjRhN2Y1MGQ2Njg5ZmQ2ODJjNjhhYjU3YTA0OWUwMjdjNDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdW1zBKXD7cBig10Rp84+feafjjF
ZWsrXsuvB8kRk7jWUA49U2U8h562miqUYD0Rjv00vE5Ey1619UJj8TBbT+0EvxWK
6TzyMOInZhKjTMpO6FraSc7VRa0JQp7NC4hQyOXGtt20y/N6gs8+6LpneAfxBw4Y
TsotVZbfznKdWGnSb6M6FYkIFM/X9U+XseQrWVhLU/SC4LZT3jHkjz8tYzcvBPtk
EjdFZbdgHUOMnHbMZq3OtFMzh2feMN+s47S7+Pc3WL03aOWWsuU1DlKbPaK86ZzY
I5cNx34vXU3hyAI58gwyaDtWyyuEbxUkV+UqfYaxNUR6+hFeoIoay4VMdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwg9Kf1DWaJ/WgsaKtXoEngJ8QQMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvUENEMHBfVU5ab245YUN4b3ExZWdTZUFueEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH8j5MA0G
CSqGSIb3DQEBCwUAA4IBAQBiuIstZ5bO6QXm2s0VVNMOw3JZXBy0ZOtBk1Uo7qHC
uBd50AhdeQmiUQk0Q3eYbbOpZou3mjxUuLpmJKmmDOcd4aNPRGAbdL0EAOba++oo
thtH/uvX5mmnpI9yjVIVrRhlHlyABrq4hdzahBeagM5aGsbU9W7QQCGQuWkEo8ZL
79X4IVvwgEfapLuFGYtqWptG/jpQEwoMIp/haxncfBw5tUWZzARY860EkgZYC50L
4ZfEVVECLijMZxDeVi7J6Pmr6XOUcsYYcHqV4yQUzkkRJ+ZYGSGTrYaLhg95eCDQ
++1ldVjCjzsF0G4RDTTypu2baHpQOxHWGwKBETluShMW
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:44 2025 by rpki-client on console.sobornost.net