Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pgaCUF01R_pN_h8f1bq_U41Ch9U.roa
File: pgaCUF01R_pN_h8f1bq_U41Ch9U.roa (raw, json)
Hash identifier: R+R0rfWv28nUGlI78Qwbq4I6E7eVDprONZ4xjLOg6a4=
Subject key identifier: A6:06:82:50:5D:35:47:FA:4D:FE:1F:1F:D5:BA:BF:53:8D:42:87:D5
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0194F652675A930D2D58757E0E7D496FB9E1
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pgaCUF01R_pN_h8f1bq_U41Ch9U.roa
Signing time: Tue 11 Feb 2025 18:43:02 +0000
ROA not before: Tue 11 Feb 2025 18:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a09:2982::/32 maxlen: 32
2a0b:9002::/32 maxlen: 32
2a0e:3f42::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f6:52:67:5a:93:0d:2d:58:75:7e:0e:7d:49:6f:b9:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Feb 11 18:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a60682505d3547fa4dfe1f1fd5babf538d4287d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9c:96:fc:a2:ac:b8:66:04:8f:94:09:1d:63:
7b:4f:5f:9e:46:c4:79:ed:6a:e1:2b:1d:09:69:c0:
7b:fc:00:be:27:80:cb:14:0a:ca:ab:16:45:d9:2c:
06:59:04:8e:d7:65:4a:55:c5:33:71:89:bc:3e:97:
13:5c:e0:91:26:64:1b:39:6c:70:f6:b6:5a:5a:b2:
95:61:be:bc:c9:55:42:cb:e2:8a:6e:84:23:b3:30:
0f:6f:cb:b6:a2:6a:2a:4b:6d:af:64:c6:4c:cb:dc:
7b:6f:dd:83:8f:98:f7:ba:53:b0:e7:fc:cc:99:d4:
dd:35:77:e1:0c:45:83:36:26:db:dc:d5:32:b0:f3:
5a:ff:af:7c:93:fb:d5:bc:1e:07:02:0c:48:a8:ad:
33:65:da:e4:2a:4b:1d:ad:e3:35:da:b0:4c:48:ca:
4b:a9:ce:ec:6e:f9:0e:8e:05:e0:77:7b:fd:78:92:
61:f6:c2:4b:06:31:e9:12:7a:13:bb:0f:1d:6b:ad:
c1:bb:4d:69:3e:ca:77:58:0e:1e:b5:d8:20:ae:21:
3d:0f:2e:71:96:1a:02:b1:ac:25:da:09:2e:7b:71:
28:4f:48:7e:59:c1:f1:49:09:2c:7f:55:30:2f:b0:
eb:1c:b5:d6:61:16:93:66:c4:d1:d0:1f:9e:ec:a5:
a0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:06:82:50:5D:35:47:FA:4D:FE:1F:1F:D5:BA:BF:53:8D:42:87:D5
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/pgaCUF01R_pN_h8f1bq_U41Ch9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2982::/32
2a0b:9002::/32
2a0e:3f42::/32
Signature Algorithm: sha256WithRSAEncryption
90:66:c1:81:d8:3d:63:d6:db:47:0d:c7:09:ae:f2:c2:55:b6:
22:88:32:32:f9:dd:e8:09:57:39:22:48:77:78:df:27:bd:6f:
86:3f:3b:0b:9b:00:b4:ba:d6:15:f6:a9:dc:48:bc:a5:e3:62:
4d:b0:24:43:e3:cf:52:b3:ca:e1:c4:ce:17:c5:81:c1:c9:dd:
9b:ea:c6:06:33:74:4c:21:dc:15:3c:85:a8:7c:fc:71:e8:58:
78:56:a2:8e:66:0c:05:4c:1c:e1:77:72:e4:55:b6:f1:e8:3b:
84:cb:31:81:a9:62:3c:a9:fa:eb:49:b6:35:85:d2:ce:5e:61:
ea:04:a1:3e:52:45:17:d1:9b:a0:1f:e5:8f:ef:d4:f7:56:19:
30:ec:bd:b7:83:9f:ca:b4:16:93:17:ff:a8:02:83:c0:95:f3:
cb:04:56:61:5e:83:5f:f2:0c:38:90:04:56:f2:f5:35:35:cd:
36:73:b0:7d:a0:65:68:ac:d6:c6:79:4a:66:65:8f:9f:67:33:
eb:c2:b5:37:04:17:71:8f:12:b5:44:38:38:67:46:af:99:ab:
fc:35:2e:09:b7:3b:a9:de:55:23:c8:a4:00:87:ea:25:b6:3e:
40:f8:c7:cb:91:39:75:6c:79:8f:e8:17:fd:70:d8:48:d9:26:
b2:50:3a:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZT2Umdakw0tWHV+Dn1Jb7nhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMjExMTg0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA2ODI1MDVkMzU0N2ZhNGRmZTFmMWZkNWJhYmY1MzhkNDI4N2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25yW/KKsuGYEj5QJHWN7T1+eRsR5
7WrhKx0JacB7/AC+J4DLFArKqxZF2SwGWQSO12VKVcUzcYm8PpcTXOCRJmQbOWxw
9rZaWrKVYb68yVVCy+KKboQjszAPb8u2omoqS22vZMZMy9x7b92Dj5j3ulOw5/zM
mdTdNXfhDEWDNibb3NUysPNa/698k/vVvB4HAgxIqK0zZdrkKksdreM12rBMSMpL
qc7sbvkOjgXgd3v9eJJh9sJLBjHpEnoTuw8da63Bu01pPsp3WA4etdggriE9Dy5x
lhoCsawl2gkue3EoT0h+WcHxSQksf1UwL7DrHLXWYRaTZsTR0B+e7KWgoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKYGglBdNUf6Tf4fH9W6v1ONQofVMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvcGdhQ1VGMDFSX3BOX2g4ZjFicV9VNDFDaDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgkpggMF
ACoLkAIDBQAqDj9CMA0GCSqGSIb3DQEBCwUAA4IBAQCQZsGB2D1j1ttHDccJrvLC
VbYiiDIy+d3oCVc5Ikh3eN8nvW+GPzsLmwC0utYV9qncSLyl42JNsCRD489Ss8rh
xM4XxYHByd2b6sYGM3RMIdwVPIWofPxx6Fh4VqKOZgwFTBzhd3LkVbbx6DuEyzGB
qWI8qfrrSbY1hdLOXmHqBKE+UkUX0ZugH+WP79T3Vhkw7L23g5/KtBaTF/+oAoPA
lfPLBFZhXoNf8gw4kARW8vU1Nc02c7B9oGVorNbGeUpmZY+fZzPrwrU3BBdxjxK1
RDg4Z0avmav8NS4Jtzup3lUjyKQAh+oltj5A+MfLkTl1bHmP6Bf9cNhI2SayUDqu
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:49:13 2025 by rpki-client on console.sobornost.net