Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PWNDaddndsV8xaatrdvYt6eeSr8.roa
File: PWNDaddndsV8xaatrdvYt6eeSr8.roa (raw, json)
Hash identifier: Xu5aGM8O/c2aH5/7rhOkx9Yj8TWISNmNLHz05hCv3XQ=
Subject key identifier: 3D:63:43:69:D7:67:76:C5:7C:C5:A6:AD:AD:DB:D8:B7:A7:9E:4A:BF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF2AB5E6BFB0BFF832757E0415E1B34A5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PWNDaddndsV8xaatrdvYt6eeSr8.roa
Signing time: Mon 02 Oct 2023 23:13:51 +0000
ROA not before: Mon 02 Oct 2023 23:13:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f2:ab:5e:6b:fb:0b:ff:83:27:57:e0:41:5e:1b:34:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 2 23:13:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d634369d76776c57cc5a6adaddbd8b7a79e4abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9a:ec:31:da:d9:aa:cf:f2:dd:21:16:74:c5:
24:d9:a7:95:69:78:06:10:f3:8d:b5:c5:34:62:04:
ef:32:06:23:07:4e:44:df:2a:af:8a:0e:a6:ab:d0:
84:1b:62:0c:31:fd:40:6f:66:50:03:05:bc:b4:f0:
16:56:2f:9a:74:ac:d3:e4:a0:69:48:c9:05:22:3a:
73:b4:2e:50:34:27:ef:4a:da:6b:34:06:0f:aa:e6:
b9:ee:48:5e:b5:9c:a3:ec:d8:10:16:10:d8:a7:3c:
9b:10:e9:2a:37:72:e5:de:ec:ed:fe:9a:de:7a:da:
3b:7a:c2:9e:95:12:ce:75:e8:84:f9:a0:4d:5c:3d:
50:02:97:8c:8c:a3:93:c4:55:ed:38:3e:83:ba:81:
79:91:65:79:0f:74:88:08:e4:f9:28:ca:f7:b0:90:
58:aa:47:53:86:c8:fe:4e:31:37:be:04:8f:b0:f3:
7e:34:28:7e:e2:00:ff:fd:28:2c:11:6e:92:6d:8e:
6d:49:42:ec:ed:f7:02:91:02:2d:1e:f0:be:06:dc:
cb:1d:d1:6b:9c:63:45:de:cd:ca:b3:23:8b:ab:eb:
4f:eb:a7:8f:9b:7e:7c:14:1f:1d:a5:1c:d4:8f:4e:
e4:ed:42:bd:44:ad:73:00:25:92:cd:2d:fd:f0:14:
29:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:63:43:69:D7:67:76:C5:7C:C5:A6:AD:AD:DB:D8:B7:A7:9E:4A:BF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PWNDaddndsV8xaatrdvYt6eeSr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c4:9a:b0:73:a8:b6:f5:e8:90:75:87:bf:f4:98:ff:dd:5b:5f:
61:50:76:cb:ed:f7:d1:79:71:6f:9b:f6:cd:2c:cb:2b:08:f0:
93:07:af:56:0c:74:7d:79:2a:35:37:43:b2:ef:6d:70:58:2b:
5a:0c:b5:28:d6:b5:c5:4f:4d:9f:29:f5:db:fb:8b:e2:fa:b2:
09:b5:62:52:9e:b7:f3:90:8c:e8:5a:0a:fc:7a:e8:72:22:3f:
9f:c5:9b:14:a8:2e:75:9f:f8:ed:8d:6f:66:89:cc:a1:04:9d:
35:f7:b6:8d:0f:76:95:a3:a7:24:a5:58:61:cb:cd:ca:ef:e9:
05:76:ea:c2:2e:ee:05:fc:4e:d9:bc:03:42:1f:9b:69:64:1a:
76:a9:ac:e5:d4:72:08:29:6f:4c:bf:ae:54:73:d4:67:f1:eb:
5a:fc:bd:6b:ac:0d:c5:7a:94:7d:85:4b:63:61:df:7c:be:3c:
ab:17:69:ae:36:80:5f:47:73:11:c1:63:7b:5e:51:80:1c:ab:
3f:f6:ab:7f:a2:05:8c:c0:7b:0d:0e:0c:63:b1:c6:aa:36:be:
c4:35:87:11:c4:c6:20:13:45:b3:80:03:ca:0d:85:22:38:f8:
90:c3:9e:4a:74:5a:af:63:dd:f1:fa:8b:66:c6:44:7a:74:9f:
32:ea:6a:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYryq15r+wv/gydX4EFeGzSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAyMjMxMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDYzNDM2OWQ3Njc3NmM1N2NjNWE2YWRhZGRiZDhiN2E3OWU0YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJrsMdrZqs/y3SEWdMUk2aeVaXgG
EPONtcU0YgTvMgYjB05E3yqvig6mq9CEG2IMMf1Ab2ZQAwW8tPAWVi+adKzT5KBp
SMkFIjpztC5QNCfvStprNAYPqua57khetZyj7NgQFhDYpzybEOkqN3Ll3uzt/pre
eto7esKelRLOdeiE+aBNXD1QApeMjKOTxFXtOD6DuoF5kWV5D3SICOT5KMr3sJBY
qkdThsj+TjE3vgSPsPN+NCh+4gD//SgsEW6SbY5tSULs7fcCkQItHvC+BtzLHdFr
nGNF3s3KsyOLq+tP66ePm358FB8dpRzUj07k7UK9RK1zACWSzS398BQpHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD1jQ2nXZ3bFfMWmra3b2Lennkq/MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUFdORGFkZG5kc1Y4eGFhdHJkdll0NmVlU3I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMSasHOotvXokHWHv/SY
/91bX2FQdsvt99F5cW+b9s0syysI8JMHr1YMdH15KjU3Q7LvbXBYK1oMtSjWtcVP
TZ8p9dv7i+L6sgm1YlKet/OQjOhaCvx66HIiP5/FmxSoLnWf+O2Nb2aJzKEEnTX3
to0PdpWjpySlWGHLzcrv6QV26sIu7gX8Ttm8A0Ifm2lkGnaprOXUcggpb0y/rlRz
1Gfx61r8vWusDcV6lH2FS2Nh33y+PKsXaa42gF9HcxHBY3teUYAcqz/2q3+iBYzA
ew0ODGOxxqo2vsQ1hxHExiATRbOAA8oNhSI4+JDDnkp0Wq9j3fH6i2bGRHp0nzLq
atY=
-----END CERTIFICATE-----
Generated at Sun May 11 17:02:54 2025 by rpki-client