Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/pLsgoPgZwon5ItvVTFUsJaF7654.roa
File: pLsgoPgZwon5ItvVTFUsJaF7654.roa (raw, json)
Hash identifier: GzKHsFlhzzykyT0JK5oyDh4dgIyu8uoam0jj3L6SzGg=
Subject key identifier: A4:BB:20:A0:F8:19:C2:89:F9:22:DB:D5:4C:55:2C:25:A1:7B:EB:9E
Certificate issuer: /CN=0f091bdc666b8a59433c68d90e0d8cc37acdce92
Certificate serial: 01941F8CA3044458BBF9AFBA80B9ECDA0DAB
Authority key identifier: 0F:09:1B:DC:66:6B:8A:59:43:3C:68:D9:0E:0D:8C:C3:7A:CD:CE:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/pLsgoPgZwon5ItvVTFUsJaF7654.roa
Signing time: Wed 01 Jan 2025 01:48:17 +0000
ROA not before: Wed 01 Jan 2025 01:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60989
IP address blocks: 37.34.73.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a3:04:44:58:bb:f9:af:ba:80:b9:ec:da:0d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f091bdc666b8a59433c68d90e0d8cc37acdce92
Validity
Not Before: Jan 1 01:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4bb20a0f819c289f922dbd54c552c25a17beb9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6a:7c:bd:d3:bb:da:c3:22:64:c3:ce:a5:26:
5c:3e:7a:71:62:de:cb:0e:77:6c:99:dd:d9:1b:a8:
95:c1:fb:b9:7a:5f:0d:dc:4a:b5:de:19:99:8d:a1:
43:2a:80:44:e5:c0:bf:db:ea:f8:12:20:c6:4e:04:
60:59:6c:07:60:e6:9c:61:1e:63:fe:9d:45:7e:89:
46:dc:f0:e5:b5:c0:02:fc:c0:e9:86:5a:23:73:6d:
e0:a7:8e:5a:dd:95:3f:76:f4:39:79:09:74:54:62:
80:28:92:62:8d:4d:f6:95:64:5b:fd:fb:d4:e7:32:
d0:5d:db:47:49:11:db:52:9b:68:3d:e5:c3:5d:85:
68:fd:1b:f2:6c:46:6c:8b:c8:47:26:95:73:d1:53:
da:ff:27:88:88:e1:c4:c8:8c:f2:1e:f8:f3:1d:8c:
d3:58:48:5d:c9:d6:99:15:61:9f:d9:cf:ba:0b:0d:
f9:c4:1c:b7:e0:42:aa:ce:2e:a3:7d:dc:59:4b:a3:
47:66:0b:82:0a:92:eb:b5:dc:ba:48:c4:45:ab:87:
15:92:85:5b:0e:d1:01:ea:2f:f8:5c:4d:79:be:c9:
d5:9e:f8:82:62:be:74:d9:69:ad:09:c1:38:7a:34:
75:b7:94:36:1d:6c:d0:9e:eb:ec:7d:e3:87:63:b1:
53:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:BB:20:A0:F8:19:C2:89:F9:22:DB:D5:4C:55:2C:25:A1:7B:EB:9E
X509v3 Authority Key Identifier:
keyid:0F:09:1B:DC:66:6B:8A:59:43:3C:68:D9:0E:0D:8C:C3:7A:CD:CE:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dwkb3GZrillDPGjZDg2Mw3rNzpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/pLsgoPgZwon5ItvVTFUsJaF7654.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/b64083-550e-4caf-bc29-a34a8b806832/1/Dwkb3GZrillDPGjZDg2Mw3rNzpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.73.0/24
Signature Algorithm: sha256WithRSAEncryption
30:7d:b4:a9:b2:0a:c9:39:6f:26:61:7d:71:31:98:e6:ad:ed:
2c:25:1f:63:46:0b:d1:83:89:c1:21:25:26:8f:9f:e1:19:78:
45:ee:95:99:61:17:f4:af:bf:7f:bb:ad:38:d1:1f:de:f0:ff:
d6:97:93:6b:e2:86:72:b1:85:7f:90:2b:5b:6f:f1:09:82:8c:
04:b7:89:49:82:3e:63:ff:bd:12:b0:b2:89:70:bd:c5:2f:2d:
98:31:9a:7c:ea:bf:09:2b:71:cb:dc:1c:f9:54:89:5c:f5:3c:
79:ff:8e:2f:c5:4b:38:27:f5:dd:89:22:6e:b7:b5:1d:be:d3:
b2:2d:b6:ff:9e:a5:4e:ff:91:49:05:fd:09:db:aa:33:62:2b:
16:3c:60:61:86:1d:b8:5b:8a:e3:68:d3:76:cd:5a:a7:61:d8:
b1:b1:95:3f:b1:5b:3e:fe:79:ea:7a:65:07:ae:d6:6d:0a:8d:
f2:71:65:0e:08:85:14:e8:c9:fb:b3:52:c2:c5:51:e5:11:f2:
dc:14:a3:c1:52:c0:62:1e:95:48:01:fc:31:25:f8:d9:83:66:
2b:87:a5:63:45:33:b7:94:01:2e:be:b4:6d:d7:69:81:f1:41:
c4:5e:1d:1f:e3:cb:ae:87:fb:dc:a5:c7:17:06:fb:2f:43:93:
2f:e5:ef:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjKMERFi7+a+6gLns2g2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDkxYmRjNjY2YjhhNTk0MzNjNjhkOTBlMGQ4Y2MzN2Fj
ZGNlOTIwHhcNMjUwMTAxMDE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGJiMjBhMGY4MTljMjg5ZjkyMmRiZDU0YzU1MmMyNWExN2JlYjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGp8vdO72sMiZMPOpSZcPnpxYt7L
Dndsmd3ZG6iVwfu5el8N3Eq13hmZjaFDKoBE5cC/2+r4EiDGTgRgWWwHYOacYR5j
/p1FfolG3PDltcAC/MDphlojc23gp45a3ZU/dvQ5eQl0VGKAKJJijU32lWRb/fvU
5zLQXdtHSRHbUptoPeXDXYVo/RvybEZsi8hHJpVz0VPa/yeIiOHEyIzyHvjzHYzT
WEhdydaZFWGf2c+6Cw35xBy34EKqzi6jfdxZS6NHZguCCpLrtdy6SMRFq4cVkoVb
DtEB6i/4XE15vsnVnviCYr502WmtCcE4ejR1t5Q2HWzQnuvsfeOHY7FT5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKS7IKD4GcKJ+SLb1UxVLCWhe+ueMB8GA1UdIwQY
MBaAFA8JG9xma4pZQzxo2Q4NjMN6zc6SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdrYjNHWnJpbGxEUEdqWkRnMk13M3JOenBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9iNjQwODMtNTUwZS00Y2FmLWJjMjkt
YTM0YThiODA2ODMyLzEvcExzZ29QZ1p3b241SXR2VlRGVXNKYUY3NjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9iNjQwODMtNTUwZS00Y2FmLWJjMjktYTM0YThiODA2ODMy
LzEvRHdrYjNHWnJpbGxEUEdqWkRnMk13M3JOenBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSJJMA0G
CSqGSIb3DQEBCwUAA4IBAQAwfbSpsgrJOW8mYX1xMZjmre0sJR9jRgvRg4nBISUm
j5/hGXhF7pWZYRf0r79/u6040R/e8P/Wl5Nr4oZysYV/kCtbb/EJgowEt4lJgj5j
/70SsLKJcL3FLy2YMZp86r8JK3HL3Bz5VIlc9Tx5/44vxUs4J/XdiSJut7UdvtOy
Lbb/nqVO/5FJBf0J26ozYisWPGBhhh24W4rjaNN2zVqnYdixsZU/sVs+/nnqemUH
rtZtCo3ycWUOCIUU6Mn7s1LCxVHlEfLcFKPBUsBiHpVIAfwxJfjZg2Yrh6VjRTO3
lAEuvrRt12mB8UHEXh0f48uuh/vcpccXBvsvQ5Mv5e+0
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net