Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/PbaQDOw99sbMqST1_6GFgBuET80.roa
File: PbaQDOw99sbMqST1_6GFgBuET80.roa (raw, json)
Hash identifier: z/Z68ylDK98w4Ux4hRpw7BRYSr2koQbXP7ZWYLEFwCQ=
Subject key identifier: 3D:B6:90:0C:EC:3D:F6:C6:CC:A9:24:F5:FF:A1:85:80:1B:84:4F:CD
Certificate issuer: /CN=c68ec9c7f1ecc27cb2ec713c2764a0214fce7828
Certificate serial: 01961EF2838845E65D3CA74C8AA697B91BB6
Authority key identifier: C6:8E:C9:C7:F1:EC:C2:7C:B2:EC:71:3C:27:64:A0:21:4F:CE:78:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xo7Jx_Hswnyy7HE8J2SgIU_OeCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/PbaQDOw99sbMqST1_6GFgBuET80.roa
Signing time: Thu 10 Apr 2025 09:05:31 +0000
ROA not before: Thu 10 Apr 2025 09:05:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210236
IP address blocks: 185.78.168.0/22 maxlen: 22
194.110.160.0/22 maxlen: 24
2a05:3a40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1e:f2:83:88:45:e6:5d:3c:a7:4c:8a:a6:97:b9:1b:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c68ec9c7f1ecc27cb2ec713c2764a0214fce7828
Validity
Not Before: Apr 10 09:05:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3db6900cec3df6c6cca924f5ffa185801b844fcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:db:94:70:97:32:b1:58:2e:bd:25:42:16:9f:
ac:64:86:0a:d1:8a:af:f5:c3:7d:4f:3c:a2:2a:c4:
41:25:a0:73:fa:ea:69:fe:39:50:f0:59:f2:5c:ca:
c5:45:e8:30:57:1a:3d:83:3d:40:cd:9f:f9:53:df:
7f:c2:2a:97:80:21:26:e3:02:eb:f4:27:f7:a4:df:
4b:1a:f8:55:3c:98:0b:1d:3e:e7:66:6b:c9:05:f3:
58:7a:33:e6:cd:c9:7a:5a:83:c5:02:f0:cd:38:95:
b7:02:8c:25:13:04:d7:16:c1:56:e8:a5:9c:23:37:
90:94:38:11:d3:cc:4b:9e:ac:31:2b:c2:de:9c:c4:
88:d7:2c:92:bb:8f:74:df:de:51:10:7a:8b:3d:23:
e7:55:fa:83:4b:c9:e3:0f:7a:99:a6:74:fc:ee:fc:
7b:3e:85:ca:4d:cf:09:31:dc:41:7a:a1:b8:a0:19:
24:67:ff:4c:e7:26:df:cb:79:89:17:11:fb:e6:d7:
9b:a7:c3:f8:fd:92:b3:f6:7e:42:bb:31:b9:71:d2:
df:38:38:25:9d:14:73:3f:35:00:5d:37:47:11:39:
fb:2e:24:05:7c:80:1a:61:e8:c0:5a:4d:03:3a:61:
09:ce:0b:69:8f:ce:85:03:51:42:85:e0:7a:ad:24:
87:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B6:90:0C:EC:3D:F6:C6:CC:A9:24:F5:FF:A1:85:80:1B:84:4F:CD
X509v3 Authority Key Identifier:
keyid:C6:8E:C9:C7:F1:EC:C2:7C:B2:EC:71:3C:27:64:A0:21:4F:CE:78:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xo7Jx_Hswnyy7HE8J2SgIU_OeCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/PbaQDOw99sbMqST1_6GFgBuET80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d74c9e-04f0-4e63-af30-8632ee94145b/1/xo7Jx_Hswnyy7HE8J2SgIU_OeCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.168.0/22
194.110.160.0/22
IPv6:
2a05:3a40::/32
Signature Algorithm: sha256WithRSAEncryption
72:71:9b:d6:e2:0d:ef:c2:8e:a1:e0:d9:3c:b9:4a:14:ff:d1:
fa:2f:df:3f:ea:76:d1:6c:a3:7a:44:26:a7:5a:68:c9:14:bd:
68:aa:82:3e:07:8b:8f:50:75:51:06:43:86:f1:c6:6c:f5:26:
02:cc:07:52:71:3c:67:61:bf:3d:51:4e:64:33:9e:40:15:b5:
f1:9c:1a:0a:af:31:9b:27:b7:bb:ac:89:e2:c4:2d:00:73:9e:
40:2f:72:0f:fd:cc:1c:8e:ec:72:75:51:6c:9b:cf:90:59:bc:
34:b3:c6:36:aa:66:11:ec:dc:3f:b6:04:28:80:d6:86:0f:fd:
e7:4f:8b:a8:f8:db:ed:42:a4:9c:fd:14:7f:34:11:0c:14:7d:
ea:86:e2:06:41:5a:de:37:58:c9:ef:e7:fc:b8:60:01:9a:b7:
d9:4a:3d:0c:09:1d:58:02:dd:2a:e2:50:60:5c:62:11:be:ac:
15:44:16:92:6b:76:e2:e8:a8:98:a5:d1:9e:f2:5e:2c:6a:1b:
0b:a2:57:46:14:e4:e2:b5:c5:6d:29:cb:61:3b:7e:b0:e7:fa:
e6:a0:27:8c:7a:67:0e:10:20:f8:55:5f:67:fd:f4:f0:8e:29:
cf:6b:49:96:eb:9a:0d:2e:33:83:fd:76:5a:a6:bd:28:e0:b9:
7c:94:e1:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZYe8oOIReZdPKdMiqaXuRu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGVjOWM3ZjFlY2MyN2NiMmVjNzEzYzI3NjRhMDIxNGZj
ZTc4MjgwHhcNMjUwNDEwMDkwNTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGI2OTAwY2VjM2RmNmM2Y2NhOTI0ZjVmZmExODU4MDFiODQ0ZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNuUcJcysVguvSVCFp+sZIYK0Yqv
9cN9TzyiKsRBJaBz+upp/jlQ8FnyXMrFRegwVxo9gz1AzZ/5U99/wiqXgCEm4wLr
9Cf3pN9LGvhVPJgLHT7nZmvJBfNYejPmzcl6WoPFAvDNOJW3AowlEwTXFsFW6KWc
IzeQlDgR08xLnqwxK8LenMSI1yySu490395REHqLPSPnVfqDS8njD3qZpnT87vx7
PoXKTc8JMdxBeqG4oBkkZ/9M5ybfy3mJFxH75tebp8P4/ZKz9n5CuzG5cdLfODgl
nRRzPzUAXTdHETn7LiQFfIAaYejAWk0DOmEJzgtpj86FA1FCheB6rSSHawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD22kAzsPfbGzKkk9f+hhYAbhE/NMB8GA1UdIwQY
MBaAFMaOycfx7MJ8suxxPCdkoCFPzngoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG83SnhfSHN3bnl5N0hFOEoyU2dJVV9PZUNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kNzRjOWUtMDRmMC00ZTYzLWFmMzAt
ODYzMmVlOTQxNDViLzEvUGJhUURPdzk5c2JNcVNUMV82R0ZnQnVFVDgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kNzRjOWUtMDRmMC00ZTYzLWFmMzAtODYzMmVlOTQxNDVi
LzEveG83SnhfSHN3bnl5N0hFOEoyU2dJVV9PZUNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuU6oAwQC
wm6gMA0EAgACMAcDBQAqBTpAMA0GCSqGSIb3DQEBCwUAA4IBAQBycZvW4g3vwo6h
4Nk8uUoU/9H6L98/6nbRbKN6RCanWmjJFL1oqoI+B4uPUHVRBkOG8cZs9SYCzAdS
cTxnYb89UU5kM55AFbXxnBoKrzGbJ7e7rInixC0Ac55AL3IP/cwcjuxydVFsm8+Q
Wbw0s8Y2qmYR7Nw/tgQogNaGD/3nT4uo+NvtQqSc/RR/NBEMFH3qhuIGQVreN1jJ
7+f8uGABmrfZSj0MCR1YAt0q4lBgXGIRvqwVRBaSa3bi6KiYpdGe8l4sahsLoldG
FOTitcVtKcthO36w5/rmoCeMemcOECD4VV9n/fTwjinPa0mW65oNLjOD/XZapr0o
4Ll8lOH+
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:22 2025 by rpki-client on console.sobornost.net