Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/PiTVhjB-2LglvZMIT8kTcFEKBGQ.roa
File: PiTVhjB-2LglvZMIT8kTcFEKBGQ.roa (raw, json)
Hash identifier: V1xaGbhkRK3S/8QPJON1VnScgqsWPteHvVSSGwPJ+xA=
Subject key identifier: 3E:24:D5:86:30:7E:D8:B8:25:BD:93:08:4F:C9:13:70:51:0A:04:64
Certificate issuer: /CN=048dc3b923c7738f9a58ee80b49bcd0c5e7dcffa
Certificate serial: 019424B39994738D11EA8BAF4251AB612BC8
Authority key identifier: 04:8D:C3:B9:23:C7:73:8F:9A:58:EE:80:B4:9B:CD:0C:5E:7D:CF:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BI3DuSPHc4-aWO6AtJvNDF59z_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/PiTVhjB-2LglvZMIT8kTcFEKBGQ.roa
Signing time: Thu 02 Jan 2025 01:48:57 +0000
ROA not before: Thu 02 Jan 2025 01:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209169
IP address blocks: 2.59.44.0/22 maxlen: 24
2a09:f0c0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:99:94:73:8d:11:ea:8b:af:42:51:ab:61:2b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048dc3b923c7738f9a58ee80b49bcd0c5e7dcffa
Validity
Not Before: Jan 2 01:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e24d586307ed8b825bd93084fc91370510a0464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:21:69:48:29:5b:60:e0:dd:8f:8e:00:85:8a:
9d:6f:a3:bb:cb:d9:bc:90:3c:00:81:76:ba:7f:8f:
69:99:74:1b:88:95:3d:9f:9a:77:8f:1e:a7:bd:12:
28:8e:e5:f1:7a:25:e6:99:af:16:5c:be:e6:79:04:
af:f9:0f:23:96:16:0e:95:3b:1b:74:f5:f3:eb:b4:
7c:08:54:26:f7:82:93:6d:66:f8:fe:a5:52:b2:cc:
00:bf:4e:58:0f:33:d7:49:e4:d3:a9:71:c4:97:1e:
d7:d3:bc:35:02:1a:80:7e:51:e3:a7:dd:87:3f:fd:
32:83:04:bf:e9:8c:33:23:eb:87:38:0d:a7:8c:24:
ec:8a:2b:a8:2b:b4:76:5b:6e:0d:9d:98:c3:b4:ce:
8a:a5:1d:3e:14:46:32:2b:8f:85:c8:9d:9a:9f:9d:
9f:bc:2f:b1:b6:97:b2:a1:77:2e:91:1f:8a:12:a3:
8a:6b:78:22:96:cc:df:59:07:ef:aa:ea:ee:dc:10:
1a:97:f1:67:9c:ae:36:a4:a4:c4:71:cc:f8:be:02:
a2:38:8c:9e:1e:4e:70:ed:e1:ad:e6:61:cd:33:38:
be:c3:d8:84:20:a5:b6:22:ec:53:dd:66:2a:91:69:
36:e8:72:c7:7f:7e:68:7e:af:32:52:df:6c:98:33:
4f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:24:D5:86:30:7E:D8:B8:25:BD:93:08:4F:C9:13:70:51:0A:04:64
X509v3 Authority Key Identifier:
keyid:04:8D:C3:B9:23:C7:73:8F:9A:58:EE:80:B4:9B:CD:0C:5E:7D:CF:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BI3DuSPHc4-aWO6AtJvNDF59z_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/PiTVhjB-2LglvZMIT8kTcFEKBGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/BI3DuSPHc4-aWO6AtJvNDF59z_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.44.0/22
IPv6:
2a09:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
17:62:80:6a:20:ea:97:e7:bb:e4:8d:52:b1:a6:75:b7:ee:e6:
7d:12:58:ac:73:26:04:92:79:bf:dc:f0:8b:cb:27:f8:d2:fd:
15:99:95:e7:e5:98:1d:96:0e:b3:cc:48:b9:a7:62:f8:1d:55:
c7:3b:ad:44:60:a1:d7:06:77:ab:1c:c9:05:46:f7:af:70:75:
2f:28:67:98:82:4e:c2:7f:89:09:ea:49:97:c1:32:c3:7a:fd:
d5:64:e1:73:7f:58:b9:81:8e:06:3c:21:a5:ff:72:25:9f:4c:
6f:0d:65:6c:ad:14:de:d7:88:f3:4b:2d:69:b8:4a:66:8d:1a:
5a:cd:bc:c4:b9:af:74:9b:41:8d:15:47:ba:b7:78:37:82:ae:
e3:85:dd:d3:f2:25:77:a6:eb:c8:b3:f3:44:b2:72:a1:06:aa:
19:34:2f:96:73:7e:e0:e0:68:01:ce:c1:9e:79:5a:3b:5a:e4:
88:f6:bf:f4:51:45:7b:a8:13:80:bd:ce:9b:8e:9b:72:cf:5a:
4a:b1:03:fc:aa:bf:fb:ed:2b:ea:02:1f:fe:4a:b4:82:f9:55:
b7:09:c1:76:1c:fc:d6:cc:08:59:6d:42:d6:87:2e:7c:4f:b7:
60:d6:37:8a:bc:04:86:38:60:ef:89:a3:cd:0e:09:1d:f8:f9:
68:6f:1f:87
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks5mUc40R6ouvQlGrYSvIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OGRjM2I5MjNjNzczOGY5YTU4ZWU4MGI0OWJjZDBjNWU3
ZGNmZmEwHhcNMjUwMTAyMDE0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTI0ZDU4NjMwN2VkOGI4MjViZDkzMDg0ZmM5MTM3MDUxMGEwNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSFpSClbYODdj44AhYqdb6O7y9m8
kDwAgXa6f49pmXQbiJU9n5p3jx6nvRIojuXxeiXmma8WXL7meQSv+Q8jlhYOlTsb
dPXz67R8CFQm94KTbWb4/qVSsswAv05YDzPXSeTTqXHElx7X07w1AhqAflHjp92H
P/0ygwS/6YwzI+uHOA2njCTsiiuoK7R2W24NnZjDtM6KpR0+FEYyK4+FyJ2an52f
vC+xtpeyoXcukR+KEqOKa3gilszfWQfvquru3BAal/FnnK42pKTEccz4vgKiOIye
Hk5w7eGt5mHNMzi+w9iEIKW2IuxT3WYqkWk26HLHf35ofq8yUt9smDNP7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD4k1YYwfti4Jb2TCE/JE3BRCgRkMB8GA1UdIwQY
MBaAFASNw7kjx3OPmljugLSbzQxefc/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkkzRHVTUEhjNC1hV082QXRKdk5ERjU5el9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mOGMwMTgtYjkwZi00Zjg5LWEzZjQt
MmVjODcxNDY1NTk5LzEvUGlUVmhqQi0yTGdsdlpNSVQ4a1RjRkVLQkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mOGMwMTgtYjkwZi00Zjg5LWEzZjQtMmVjODcxNDY1NTk5
LzEvQkkzRHVTUEhjNC1hV082QXRKdk5ERjU5el9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjssMA0E
AgACMAcDBQMqCfDAMA0GCSqGSIb3DQEBCwUAA4IBAQAXYoBqIOqX57vkjVKxpnW3
7uZ9EliscyYEknm/3PCLyyf40v0VmZXn5Zgdlg6zzEi5p2L4HVXHO61EYKHXBner
HMkFRvevcHUvKGeYgk7Cf4kJ6kmXwTLDev3VZOFzf1i5gY4GPCGl/3Iln0xvDWVs
rRTe14jzSy1puEpmjRpazbzEua90m0GNFUe6t3g3gq7jhd3T8iV3puvIs/NEsnKh
BqoZNC+Wc37g4GgBzsGeeVo7WuSI9r/0UUV7qBOAvc6bjptyz1pKsQP8qr/77Svq
Ah/+SrSC+VW3CcF2HPzWzAhZbULWhy58T7dg1jeKvASGOGDviaPNDgkd+Plobx+H
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:41 2025 by rpki-client on console.sobornost.net