Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/PWCT1Aqc3_qIT5s-bPL12pgCKY0.roa
File: PWCT1Aqc3_qIT5s-bPL12pgCKY0.roa (raw, json)
Hash identifier: KUiwfuG4u6Asnods1th7ctHrEbCSefW3lwmQkpiVqHc=
Subject key identifier: 3D:60:93:D4:0A:9C:DF:FA:88:4F:9B:3E:6C:F2:F5:DA:98:02:29:8D
Certificate issuer: /CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Certificate serial: 01857130A5B04999D78BBB8013B7CAA74663
Authority key identifier: 80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/PWCT1Aqc3_qIT5s-bPL12pgCKY0.roa
Signing time: Mon 02 Jan 2023 06:34:51 +0000
ROA not before: Mon 02 Jan 2023 06:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398826
IP address blocks: 104.160.21.0/24 maxlen: 24
104.160.19.0/24 maxlen: 24
104.160.20.0/24 maxlen: 24
104.160.18.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:a5:b0:49:99:d7:8b:bb:80:13:b7:ca:a7:46:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Validity
Not Before: Jan 2 06:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d6093d40a9cdffa884f9b3e6cf2f5da9802298d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:02:8c:88:43:d3:41:2c:6c:1f:c9:25:1b:34:
54:ba:d1:27:8c:19:25:dc:6f:85:a0:86:03:dd:8b:
c7:2a:c3:cc:6c:bb:cd:f0:db:f5:d2:1d:e5:3d:ec:
a5:5c:7d:53:ad:cd:7c:9b:30:06:be:b8:24:6e:92:
9c:09:f5:18:d4:06:07:f0:fb:09:2f:19:50:fe:8e:
bd:93:a6:ab:6e:17:14:8e:52:ac:17:14:7a:0c:d1:
ce:d8:13:65:04:7e:84:05:1e:55:ba:aa:e9:5a:d6:
55:9d:58:b1:5b:87:72:99:82:70:7e:e9:3b:97:b5:
c2:9d:ab:37:1c:b4:1c:f5:bf:8e:32:48:ad:55:3c:
65:21:20:ec:50:f6:c4:ea:4c:51:88:b2:11:f5:d8:
6f:b7:6d:13:b9:e1:72:98:5c:65:75:b5:96:c1:6d:
c6:ac:70:d6:e4:fa:d4:71:41:79:dc:5d:13:6b:25:
a4:5c:20:3c:0c:9c:68:b6:b4:c9:6a:39:d0:86:95:
82:48:f3:d0:e1:4c:78:a0:07:38:86:c9:ec:2a:a5:
cd:ce:a6:38:4b:07:1e:1b:3a:72:43:6b:1b:1a:c7:
a3:b9:20:3f:c9:09:9f:bf:5a:12:93:40:3a:e0:37:
a4:c4:43:2f:78:32:47:19:09:a3:27:5b:56:58:af:
bb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:60:93:D4:0A:9C:DF:FA:88:4F:9B:3E:6C:F2:F5:DA:98:02:29:8D
X509v3 Authority Key Identifier:
keyid:80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/PWCT1Aqc3_qIT5s-bPL12pgCKY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/gPN231-e9IfIKzGodcakltecoNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.160.18.0-104.160.21.255
Signature Algorithm: sha256WithRSAEncryption
0e:6c:19:0c:b3:16:ce:4f:21:eb:ed:27:df:e1:e5:35:8e:e8:
01:f1:92:8f:a0:59:9c:73:b1:e6:a5:dc:6d:74:fb:ef:f5:57:
af:ed:8e:a6:f9:44:d7:e7:79:5a:fd:ed:3a:9d:09:84:ee:dd:
6a:87:db:2f:12:d7:db:72:ba:50:27:30:5f:4d:72:6e:2b:6f:
98:ff:57:6f:ce:c7:f9:c5:b7:f2:8a:46:3a:27:b4:84:cd:e0:
05:98:b9:24:59:71:0e:f8:c6:ad:69:07:4b:84:76:41:f1:bb:
dc:df:19:f6:53:7f:20:36:1f:09:d3:1a:a4:a2:9d:98:52:78:
7f:c2:de:12:7f:97:e5:5a:35:e7:f8:7a:fe:e6:8a:95:1f:18:
a6:1f:7d:4d:5a:a3:12:e8:22:02:9b:35:54:77:c6:4d:ff:52:
51:83:b1:76:c5:4e:c0:27:dd:65:ff:f3:6a:ab:58:84:cf:ce:
96:72:db:29:89:68:bb:81:00:97:6c:f5:11:44:55:a8:c4:4e:
7e:77:6d:cd:cd:3b:57:78:42:29:9e:d6:03:41:19:68:8c:53:
6b:be:ed:a2:e0:01:de:5e:96:f1:20:a1:f1:c7:f7:e3:42:3c:
fc:49:32:72:29:b3:5e:95:77:82:78:1d:27:08:01:9d:d4:d4:
2b:68:c0:5f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxMKWwSZnXi7uAE7fKp0ZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjM3NmRmNWY5ZWY0ODdjODJiMzFhODc1YzZhNDk2ZDc5
Y2EwZDcwHhcNMjMwMTAyMDYzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDYwOTNkNDBhOWNkZmZhODg0ZjliM2U2Y2YyZjVkYTk4MDIyOThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAKMiEPTQSxsH8klGzRUutEnjBkl
3G+FoIYD3YvHKsPMbLvN8Nv10h3lPeylXH1Trc18mzAGvrgkbpKcCfUY1AYH8PsJ
LxlQ/o69k6arbhcUjlKsFxR6DNHO2BNlBH6EBR5VuqrpWtZVnVixW4dymYJwfuk7
l7XCnas3HLQc9b+OMkitVTxlISDsUPbE6kxRiLIR9dhvt20TueFymFxldbWWwW3G
rHDW5PrUcUF53F0TayWkXCA8DJxotrTJajnQhpWCSPPQ4Ux4oAc4hsnsKqXNzqY4
SwceGzpyQ2sbGsejuSA/yQmfv1oSk0A64DekxEMveDJHGQmjJ1tWWK+7RQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFD1gk9QKnN/6iE+bPmzy9dqYAimNMB8GA1UdIwQY
MBaAFIDzdt9fnvSHyCsxqHXGpJbXnKDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMt
YTRiYzI4MTY2NDNhLzEvUFdDVDFBcWMzX3FJVDVzLWJQTDEycGdDS1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi83OTVkZWQtZmNkZi00N2NmLWFmODMtYTRiYzI4MTY2NDNh
LzEvZ1BOMjMxLWU5SWZJS3pHb2RjYWtsdGVjb05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFooBID
BAFooBQwDQYJKoZIhvcNAQELBQADggEBAA5sGQyzFs5PIevtJ9/h5TWO6AHxko+g
WZxzseal3G10++/1V6/tjqb5RNfneVr97TqdCYTu3WqH2y8S19tyulAnMF9Ncm4r
b5j/V2/Ox/nFt/KKRjontITN4AWYuSRZcQ74xq1pB0uEdkHxu9zfGfZTfyA2HwnT
GqSinZhSeH/C3hJ/l+VaNef4ev7mipUfGKYffU1aoxLoIgKbNVR3xk3/UlGDsXbF
TsAn3WX/82qrWITPzpZy2ymJaLuBAJds9RFEVajETn53bc3NO1d4Qime1gNBGWiM
U2u+7aLgAd5elvEgofHH9+NCPPxJMnIps16Vd4J4HScIAZ3U1CtowF8=
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:37:56 2025 by rpki-client