Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/pnVgolr6kqtefIzFBQ25v9r89oU.roa
File: pnVgolr6kqtefIzFBQ25v9r89oU.roa (raw, json)
Hash identifier: VJuUTV8i4Al97i+L0IwbQC+Q7J6nmykHVnDUwxHzy7o=
Subject key identifier: A6:75:60:A2:5A:FA:92:AB:5E:7C:8C:C5:05:0D:B9:BF:DA:FC:F6:85
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 01961FE7DFE69EE6AC12F3D25AD6F2DB79FB
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/pnVgolr6kqtefIzFBQ25v9r89oU.roa
Signing time: Thu 10 Apr 2025 13:33:31 +0000
ROA not before: Thu 10 Apr 2025 13:33:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53813
IP address blocks: 147.161.210.0/23 maxlen: 24
2a03:eec0:3211::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1f:e7:df:e6:9e:e6:ac:12:f3:d2:5a:d6:f2:db:79:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Apr 10 13:33:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a67560a25afa92ab5e7c8cc5050db9bfdafcf685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e6:0a:6c:75:4f:48:03:ee:f5:08:65:4f:66:
d3:1e:0a:01:90:8b:a3:0f:7b:15:a3:24:f0:ef:5e:
b2:70:ca:58:ed:e0:6a:65:c2:58:40:a0:b1:21:48:
2f:63:33:e4:06:d2:32:13:7c:c2:eb:8e:d0:f4:64:
d2:55:34:38:78:b9:dc:92:3d:4a:d2:d0:65:27:fc:
70:e3:18:85:75:8c:68:3c:79:01:e4:c3:af:14:23:
cc:25:07:22:31:8c:3a:3b:c9:2e:ee:b4:4b:aa:ca:
64:b0:eb:96:57:c8:24:48:7c:11:5e:2a:29:35:5b:
c1:49:ee:dd:ad:6f:58:41:93:59:b5:52:44:05:6d:
08:3f:9a:83:43:98:33:3e:30:4c:3e:7e:b7:8a:36:
d2:bc:fe:82:0e:a3:ba:da:2b:8c:86:23:8f:cc:40:
c5:88:c6:58:b0:a8:17:a1:59:6c:5f:fe:56:33:66:
8a:c1:49:91:cc:f1:f1:9a:ea:cf:a4:a6:1b:bc:60:
c4:77:7e:92:62:bc:3c:11:61:70:94:40:b0:a2:02:
30:56:ff:5b:c2:aa:15:c6:95:38:66:3b:28:1d:ac:
db:c1:97:9a:21:27:58:df:3c:68:11:2c:0b:4e:06:
3a:d6:34:cd:15:6c:fa:da:20:77:48:70:0b:41:6d:
9a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:75:60:A2:5A:FA:92:AB:5E:7C:8C:C5:05:0D:B9:BF:DA:FC:F6:85
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/pnVgolr6kqtefIzFBQ25v9r89oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.210.0/23
IPv6:
2a03:eec0:3211::/48
Signature Algorithm: sha256WithRSAEncryption
89:e7:bb:5e:04:13:ad:b7:8a:2b:5c:e3:94:71:fd:83:5b:86:
bd:18:86:2d:22:3a:48:10:42:b0:19:42:00:36:87:55:d4:50:
5c:af:07:ca:28:a1:20:7e:4b:37:62:35:67:16:05:e4:8e:83:
75:6e:2a:3c:b7:d9:7d:53:ac:49:9a:5f:eb:a3:22:39:1b:ec:
17:74:1f:d1:14:d8:2c:16:e6:46:93:67:b0:bc:59:e0:a2:f5:
75:d4:3a:a0:5f:5b:54:63:13:15:c0:45:85:b7:02:85:9e:b3:
df:05:75:57:be:d7:58:59:ab:e2:7a:fc:63:1f:f3:75:45:30:
39:70:2a:51:7d:6c:31:dd:fc:1f:d1:49:72:e1:c2:d6:2d:db:
cf:cb:11:1c:2f:22:cd:63:86:c7:f1:32:db:f9:ec:31:56:3f:
98:77:72:b9:d9:73:e5:f2:1d:96:5a:6d:af:2a:e1:de:03:20:
6f:fc:d6:f5:e2:50:1f:bf:a8:28:9f:36:06:3a:83:6e:47:00:
a8:79:cc:25:e7:45:5f:cc:45:b8:38:4a:f2:91:4f:11:45:92:
28:35:ff:65:00:9c:3d:f3:32:1d:d4:02:09:75:32:64:4e:3e:
43:1f:97:26:3c:61:57:ae:66:c5:3e:56:5f:06:79:46:9c:a3:
a1:0d:7d:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZYf59/mnuasEvPSWtby23n7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjUwNDEwMTMzMzMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjc1NjBhMjVhZmE5MmFiNWU3YzhjYzUwNTBkYjliZmRhZmNmNjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuYKbHVPSAPu9QhlT2bTHgoBkIuj
D3sVoyTw716ycMpY7eBqZcJYQKCxIUgvYzPkBtIyE3zC647Q9GTSVTQ4eLnckj1K
0tBlJ/xw4xiFdYxoPHkB5MOvFCPMJQciMYw6O8ku7rRLqspksOuWV8gkSHwRXiop
NVvBSe7drW9YQZNZtVJEBW0IP5qDQ5gzPjBMPn63ijbSvP6CDqO62iuMhiOPzEDF
iMZYsKgXoVlsX/5WM2aKwUmRzPHxmurPpKYbvGDEd36SYrw8EWFwlECwogIwVv9b
wqoVxpU4ZjsoHazbwZeaISdY3zxoESwLTgY61jTNFWz62iB3SHALQW2azQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKZ1YKJa+pKrXnyMxQUNub/a/PaFMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvcG5WZ29scjZrcXRlZkl6RkJRMjV2OXI4OW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBk6HSMA8E
AgACMAkDBwAqA+7AMhEwDQYJKoZIhvcNAQELBQADggEBAInnu14EE623iitc45Rx
/YNbhr0Yhi0iOkgQQrAZQgA2h1XUUFyvB8oooSB+SzdiNWcWBeSOg3VuKjy32X1T
rEmaX+ujIjkb7Bd0H9EU2CwW5kaTZ7C8WeCi9XXUOqBfW1RjExXARYW3AoWes98F
dVe+11hZq+J6/GMf83VFMDlwKlF9bDHd/B/RSXLhwtYt28/LERwvIs1jhsfxMtv5
7DFWP5h3crnZc+XyHZZaba8q4d4DIG/81vXiUB+/qCifNgY6g25HAKh5zCXnRV/M
Rbg4SvKRTxFFkig1/2UAnD3zMh3UAgl1MmROPkMflyY8YVeuZsU+Vl8GeUaco6EN
fUs=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:32 2025 by rpki-client on console.sobornost.net