Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/bd6a19-2595-4df9-84b5-ebadbc34a124/1/PGVfNsH0IgywZjWny8z1CBn3p0Y.roa
File: PGVfNsH0IgywZjWny8z1CBn3p0Y.roa (raw, json)
Hash identifier: qgQHQGlxT4rw3v2W+eWG7YkrCXlpp/LC/M3jBKVPeeI=
Subject key identifier: 3C:65:5F:36:C1:F4:22:0C:B0:66:35:A7:CB:CC:F5:08:19:F7:A7:46
Certificate issuer: /CN=40665ce80820a47ce3b83f480289554a58a45df4
Certificate serial: 01853089A905A1A053F4F8D695CE89D8D965
Authority key identifier: 40:66:5C:E8:08:20:A4:7C:E3:B8:3F:48:02:89:55:4A:58:A4:5D:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGZc6AggpHzjuD9IAolVSlikXfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/bd6a19-2595-4df9-84b5-ebadbc34a124/1/PGVfNsH0IgywZjWny8z1CBn3p0Y.roa
Signing time: Tue 20 Dec 2022 17:16:46 +0000
ROA not before: Tue 20 Dec 2022 17:16:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202943
IP address blocks: 195.216.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:89:a9:05:a1:a0:53:f4:f8:d6:95:ce:89:d8:d9:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40665ce80820a47ce3b83f480289554a58a45df4
Validity
Not Before: Dec 20 17:16:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c655f36c1f4220cb06635a7cbccf50819f7a746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f4:d1:62:12:17:d5:b3:bb:df:90:e5:49:42:
ed:61:45:09:cd:69:67:86:0b:38:b0:3d:eb:31:b6:
c8:bb:63:c1:14:1c:c3:11:79:e8:a8:4a:7e:75:69:
ee:47:b6:dc:a0:18:6e:46:6f:fc:c7:85:16:cc:de:
92:4f:bd:f1:7a:30:6e:6f:d3:72:45:e6:ae:b1:f3:
0f:04:f0:10:95:b0:35:4b:4b:17:c1:cb:6f:f9:1c:
96:38:59:56:87:a3:25:3f:d7:33:cc:4c:61:e3:24:
f0:d9:8a:ca:e7:00:1f:40:28:53:ca:b3:4d:3d:31:
a9:6c:7d:60:f4:a8:54:53:cf:a3:e8:ee:7b:cd:7e:
49:81:76:8f:17:07:af:50:64:9b:12:d3:a5:4e:93:
56:1f:31:c9:54:2b:d9:25:c8:c2:a5:d3:e3:51:c7:
a0:53:78:5e:b5:df:7e:e3:d5:ed:99:e1:ac:91:25:
80:c1:80:56:af:49:df:66:b0:11:4f:ce:c9:70:65:
dc:1b:16:19:e9:00:bf:90:64:34:82:52:aa:e1:50:
62:b1:a3:25:f1:55:f3:3d:44:ab:4c:aa:d1:69:15:
e7:ce:dd:96:50:4e:54:2d:ed:51:28:96:08:20:1c:
5e:08:55:9e:46:1b:2b:d7:f4:a0:7b:d3:14:67:e1:
98:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:65:5F:36:C1:F4:22:0C:B0:66:35:A7:CB:CC:F5:08:19:F7:A7:46
X509v3 Authority Key Identifier:
keyid:40:66:5C:E8:08:20:A4:7C:E3:B8:3F:48:02:89:55:4A:58:A4:5D:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGZc6AggpHzjuD9IAolVSlikXfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/bd6a19-2595-4df9-84b5-ebadbc34a124/1/PGVfNsH0IgywZjWny8z1CBn3p0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/bd6a19-2595-4df9-84b5-ebadbc34a124/1/QGZc6AggpHzjuD9IAolVSlikXfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.248.0/24
Signature Algorithm: sha256WithRSAEncryption
49:ba:f1:16:3f:f7:f8:24:46:07:d1:7f:80:f1:75:7e:3f:b8:
44:74:6e:53:55:a0:02:eb:f9:3f:73:8d:38:65:a5:db:6b:40:
0b:ca:59:de:9f:73:e7:ad:1a:83:9f:9b:02:76:de:e7:c5:0d:
51:99:b7:31:58:23:3f:67:0a:73:e9:64:2b:db:b9:e8:a6:11:
8d:31:6a:5b:1b:55:8f:6d:a4:d0:33:97:e3:45:ca:1f:40:12:
6f:36:b8:25:7b:aa:25:6d:36:18:86:92:ce:25:0c:cd:6f:77:
21:92:eb:5d:03:ad:38:14:b6:73:31:de:46:95:d7:c7:4e:dc:
d2:12:27:45:ad:90:e3:22:b9:c7:be:24:33:fe:17:63:f0:d5:
5c:f4:a3:b8:72:2a:f5:6d:9d:c8:9b:09:73:4a:b0:f5:86:de:
96:da:e1:e6:73:c0:ee:45:0e:05:28:90:47:75:12:c9:45:c9:
5a:f9:80:82:e0:9a:5b:5b:8e:f6:d2:3c:86:6f:74:4c:9b:57:
1c:44:84:a5:ce:bf:14:e7:d0:e1:98:28:24:6f:4a:68:4a:ee:
ca:5f:f2:e4:de:89:e5:ca:ae:11:72:26:1a:ea:7e:5d:99:bd:
4e:1a:94:ee:b0:a5:37:32:49:f1:93:51:93:f3:30:35:f7:06:
be:cf:78:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUwiakFoaBT9PjWlc6J2NllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNjY1Y2U4MDgyMGE0N2NlM2I4M2Y0ODAyODk1NTRhNThh
NDVkZjQwHhcNMjIxMjIwMTcxNjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzY1NWYzNmMxZjQyMjBjYjA2NjM1YTdjYmNjZjUwODE5ZjdhNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfTRYhIX1bO735DlSULtYUUJzWln
hgs4sD3rMbbIu2PBFBzDEXnoqEp+dWnuR7bcoBhuRm/8x4UWzN6ST73xejBub9Ny
ReausfMPBPAQlbA1S0sXwctv+RyWOFlWh6MlP9czzExh4yTw2YrK5wAfQChTyrNN
PTGpbH1g9KhUU8+j6O57zX5JgXaPFwevUGSbEtOlTpNWHzHJVCvZJcjCpdPjUceg
U3hetd9+49XtmeGskSWAwYBWr0nfZrART87JcGXcGxYZ6QC/kGQ0glKq4VBisaMl
8VXzPUSrTKrRaRXnzt2WUE5ULe1RKJYIIBxeCFWeRhsr1/Sge9MUZ+GY3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxlXzbB9CIMsGY1p8vM9QgZ96dGMB8GA1UdIwQY
MBaAFEBmXOgIIKR847g/SAKJVUpYpF30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdaYzZBZ2dwSHpqdUQ5SUFvbFZTbGlrWGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iZDZhMTktMjU5NS00ZGY5LTg0YjUt
ZWJhZGJjMzRhMTI0LzEvUEdWZk5zSDBJZ3l3WmpXbnk4ejFDQm4zcDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iZDZhMTktMjU5NS00ZGY5LTg0YjUtZWJhZGJjMzRhMTI0
LzEvUUdaYzZBZ2dwSHpqdUQ5SUFvbFZTbGlrWGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9j4MA0G
CSqGSIb3DQEBCwUAA4IBAQBJuvEWP/f4JEYH0X+A8XV+P7hEdG5TVaAC6/k/c404
ZaXba0ALylnen3PnrRqDn5sCdt7nxQ1RmbcxWCM/Zwpz6WQr27nophGNMWpbG1WP
baTQM5fjRcofQBJvNrgle6olbTYYhpLOJQzNb3chkutdA604FLZzMd5GldfHTtzS
EidFrZDjIrnHviQz/hdj8NVc9KO4cir1bZ3ImwlzSrD1ht6W2uHmc8DuRQ4FKJBH
dRLJRcla+YCC4JpbW4720jyGb3RMm1ccRISlzr8U59DhmCgkb0poSu7KX/Lk3onl
yq4RciYa6n5dmb1OGpTusKU3Mknxk1GT8zA19wa+z3iJ
-----END CERTIFICATE-----
Generated at Fri May 16 15:33:45 2025 by rpki-client