Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e1f09a-b49f-4f69-8eb9-5cac94b836b6/1/POD0rcdBSvDIH2xQjNK7FTsBiSU.roa
File: POD0rcdBSvDIH2xQjNK7FTsBiSU.roa (raw, json)
Hash identifier: qqDcVkaCep5jyj7VmzlXWQJNTWjPppQG+dngjp5gRWQ=
Subject key identifier: 3C:E0:F4:AD:C7:41:4A:F0:C8:1F:6C:50:8C:D2:BB:15:3B:01:89:25
Certificate issuer: /CN=f35f3f2ebf80c77669250a759be1e5c91e388435
Certificate serial: 019420D5D39BE78AB14FE59F72ED633698C1
Authority key identifier: F3:5F:3F:2E:BF:80:C7:76:69:25:0A:75:9B:E1:E5:C9:1E:38:84:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/818_Lr-Ax3ZpJQp1m-HlyR44hDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e1f09a-b49f-4f69-8eb9-5cac94b836b6/1/POD0rcdBSvDIH2xQjNK7FTsBiSU.roa
Signing time: Wed 01 Jan 2025 07:47:51 +0000
ROA not before: Wed 01 Jan 2025 07:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20504
IP address blocks: 217.118.160.0/20 maxlen: 20
217.118.160.0/24 maxlen: 24
217.118.162.0/24 maxlen: 24
217.118.166.0/24 maxlen: 24
217.118.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d3:9b:e7:8a:b1:4f:e5:9f:72:ed:63:36:98:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f35f3f2ebf80c77669250a759be1e5c91e388435
Validity
Not Before: Jan 1 07:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ce0f4adc7414af0c81f6c508cd2bb153b018925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ef:c8:c2:55:da:44:1d:ab:64:ee:0c:3a:b4:
fa:3c:be:34:b9:5a:70:57:a0:c6:8e:c6:f8:f2:a4:
6e:74:1a:8b:6e:17:d2:5c:5c:53:bf:11:34:38:15:
82:15:33:91:70:25:f3:7c:39:89:80:94:89:f4:81:
19:c5:89:ce:3c:a0:cb:5f:13:ec:44:e2:aa:b4:df:
2b:12:35:d0:f6:8c:c9:d1:dd:48:38:5f:ea:e1:4b:
15:e5:cc:2a:31:a1:f3:68:6b:34:98:f7:53:e2:a5:
27:80:a4:84:20:e8:3c:bb:16:e0:d1:96:47:7c:06:
f7:51:7b:dc:19:8c:11:88:7a:66:04:da:24:bf:23:
d9:59:a8:9f:0e:ad:21:e7:5d:bf:0e:12:a1:8f:09:
f4:a1:1f:21:2a:cb:99:29:ab:fe:16:68:73:bc:c1:
f3:d9:8d:06:d0:ca:41:39:ba:65:bf:69:9f:dc:ef:
51:f6:cc:63:6b:81:72:c4:cf:41:6e:d7:f8:95:e9:
84:83:b0:41:8e:e0:f8:55:b7:be:09:e9:6a:b3:26:
5f:f6:5d:95:5e:a5:a6:6b:6a:28:54:a2:da:0e:ef:
95:fb:ad:dc:31:25:0a:7b:2c:cf:30:5f:32:20:81:
13:be:53:5e:46:73:7a:59:cf:ea:ae:5c:8b:8d:b8:
25:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E0:F4:AD:C7:41:4A:F0:C8:1F:6C:50:8C:D2:BB:15:3B:01:89:25
X509v3 Authority Key Identifier:
keyid:F3:5F:3F:2E:BF:80:C7:76:69:25:0A:75:9B:E1:E5:C9:1E:38:84:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/818_Lr-Ax3ZpJQp1m-HlyR44hDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e1f09a-b49f-4f69-8eb9-5cac94b836b6/1/POD0rcdBSvDIH2xQjNK7FTsBiSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e1f09a-b49f-4f69-8eb9-5cac94b836b6/1/818_Lr-Ax3ZpJQp1m-HlyR44hDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.118.160.0/20
Signature Algorithm: sha256WithRSAEncryption
42:82:49:04:24:bd:70:62:3c:eb:81:51:64:05:c2:4f:82:a1:
d3:f2:3c:7c:fd:20:25:c1:7e:2a:3e:d8:d3:41:a8:4b:c9:ba:
c8:0e:e0:97:fe:bd:c8:73:ac:c2:57:29:78:30:c0:a7:6d:76:
e8:72:78:6e:f8:f0:e2:d4:17:e3:07:32:b4:01:8c:94:07:fa:
6e:70:db:17:39:43:bd:46:1b:c5:6f:0a:a0:06:ca:52:1e:38:
ea:50:b7:ee:46:82:1b:f3:59:bd:c2:c3:f0:ff:b8:a6:e6:dc:
fe:cc:31:da:e1:11:6d:ec:10:75:81:de:b3:c7:9b:24:11:3e:
5b:d5:27:87:be:d2:39:33:04:89:ff:a6:a7:0b:02:ae:19:67:
1d:e5:cc:50:0b:da:df:9b:96:b9:21:e1:f5:c1:cd:a6:87:42:
b5:25:14:78:aa:5d:59:5e:68:05:50:83:1f:59:61:a4:9a:66:
0d:79:af:d9:90:2b:2a:34:88:2d:e1:46:99:51:a7:8a:21:29:
65:ed:e9:cd:6a:06:2b:4e:31:98:79:66:8b:9a:6c:9e:d8:dc:
20:98:73:8c:7c:d0:66:dc:d2:09:34:2e:0e:9f:84:7f:0f:75:
f3:d2:c6:31:6f:1c:9c:17:38:a9:a2:35:44:1d:52:09:27:f9:
d2:bc:fb:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dOb54qxT+Wfcu1jNpjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNWYzZjJlYmY4MGM3NzY2OTI1MGE3NTliZTFlNWM5MWUz
ODg0MzUwHhcNMjUwMTAxMDc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2UwZjRhZGM3NDE0YWYwYzgxZjZjNTA4Y2QyYmIxNTNiMDE4OTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu/IwlXaRB2rZO4MOrT6PL40uVpw
V6DGjsb48qRudBqLbhfSXFxTvxE0OBWCFTORcCXzfDmJgJSJ9IEZxYnOPKDLXxPs
ROKqtN8rEjXQ9ozJ0d1IOF/q4UsV5cwqMaHzaGs0mPdT4qUngKSEIOg8uxbg0ZZH
fAb3UXvcGYwRiHpmBNokvyPZWaifDq0h512/DhKhjwn0oR8hKsuZKav+FmhzvMHz
2Y0G0MpBObplv2mf3O9R9sxja4FyxM9Bbtf4lemEg7BBjuD4Vbe+CelqsyZf9l2V
XqWma2ooVKLaDu+V+63cMSUKeyzPMF8yIIETvlNeRnN6Wc/qrlyLjbglyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDzg9K3HQUrwyB9sUIzSuxU7AYklMB8GA1UdIwQY
MBaAFPNfPy6/gMd2aSUKdZvh5ckeOIQ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODE4X0xyLUF4M1pwSlFwMW0tSGx5UjQ0aERVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lMWYwOWEtYjQ5Zi00ZjY5LThlYjkt
NWNhYzk0YjgzNmI2LzEvUE9EMHJjZEJTdkRJSDJ4UWpOSzdGVHNCaVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lMWYwOWEtYjQ5Zi00ZjY5LThlYjktNWNhYzk0YjgzNmI2
LzEvODE4X0xyLUF4M1pwSlFwMW0tSGx5UjQ0aERVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2XagMA0G
CSqGSIb3DQEBCwUAA4IBAQBCgkkEJL1wYjzrgVFkBcJPgqHT8jx8/SAlwX4qPtjT
QahLybrIDuCX/r3Ic6zCVyl4MMCnbXbocnhu+PDi1BfjBzK0AYyUB/pucNsXOUO9
RhvFbwqgBspSHjjqULfuRoIb81m9wsPw/7im5tz+zDHa4RFt7BB1gd6zx5skET5b
1SeHvtI5MwSJ/6anCwKuGWcd5cxQC9rfm5a5IeH1wc2mh0K1JRR4ql1ZXmgFUIMf
WWGkmmYNea/ZkCsqNIgt4UaZUaeKISll7enNagYrTjGYeWaLmmye2NwgmHOMfNBm
3NIJNC4On4R/D3Xz0sYxbxycFzipojVEHVIJJ/nSvPt0
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:29:31 2025 by rpki-client on console.sobornost.net