Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/prmxPUAaa9yLG1Sx1VsdCwEuDjs.roa
File: prmxPUAaa9yLG1Sx1VsdCwEuDjs.roa (raw, json)
Hash identifier: +cd9+Xv4GRxlSO0K/SiCGwzH7UXSrpDBD3VrJx6BpMQ=
Subject key identifier: A6:B9:B1:3D:40:1A:6B:DC:8B:1B:54:B1:D5:5B:1D:0B:01:2E:0E:3B
Certificate issuer: /CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Certificate serial: 1570EF3E
Authority key identifier: 80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/prmxPUAaa9yLG1Sx1VsdCwEuDjs.roa
Signing time: Sat 01 Jan 2022 14:03:37 +0000
ROA not before: Sat 01 Jan 2022 14:03:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41204
IP address blocks: 151.237.186.0/24 maxlen: 24
5.157.8.0/24 maxlen: 24
5.157.17.0/24 maxlen: 24
5.157.42.0/24 maxlen: 24
5.157.45.0/24 maxlen: 24
5.157.56.0/24 maxlen: 24
5.157.58.0/24 maxlen: 24
5.157.59.0/24 maxlen: 24
5.157.61.0/24 maxlen: 24
5.157.63.0/24 maxlen: 24
5.157.60.0/24 maxlen: 24
5.157.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 359722814 (0x1570ef3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f376df5f9ef487c82b31a875c6a496d79ca0d7
Validity
Not Before: Jan 1 14:03:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6b9b13d401a6bdc8b1b54b1d55b1d0b012e0e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2a:fb:11:95:d2:19:66:f7:5a:41:cf:56:df:
fd:6d:68:29:d5:17:80:82:cc:f0:86:42:6d:90:55:
27:c2:78:a3:aa:66:50:97:45:d7:ff:d6:11:8f:60:
6f:23:ec:1d:a9:ac:09:d4:cb:6a:3d:29:8e:fe:8c:
2a:73:14:d6:64:8f:98:41:ba:51:d9:91:a3:f1:49:
ec:60:e1:dd:d8:2f:99:63:37:b9:cd:8f:39:05:0f:
b1:8a:d4:09:7f:1f:74:ea:75:63:53:c5:76:da:73:
13:79:c8:09:3e:6b:3a:20:48:fb:9f:f3:d6:30:a5:
9c:dc:c7:a4:d1:b3:83:7d:33:0c:7a:9a:39:87:69:
0b:9f:d4:3b:cf:f1:be:23:f1:b5:88:15:95:dc:9f:
bc:22:bc:c2:92:09:6b:af:d7:8d:70:57:30:3d:58:
1b:62:13:1c:d2:9c:c9:3a:a2:69:b9:30:f0:c8:e9:
3a:7c:57:50:c9:a5:68:15:1b:4d:a2:3a:34:9f:6f:
77:5e:08:4e:49:fb:d1:65:22:c8:c9:92:d6:73:3b:
42:d0:37:f5:dc:31:60:24:89:c0:12:06:60:b2:0d:
3e:46:f0:f5:84:70:2c:6d:cd:a9:2a:b3:9c:70:7e:
fc:15:8e:18:c8:db:57:00:f6:34:ca:12:7a:e1:68:
c8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B9:B1:3D:40:1A:6B:DC:8B:1B:54:B1:D5:5B:1D:0B:01:2E:0E:3B
X509v3 Authority Key Identifier:
keyid:80:F3:76:DF:5F:9E:F4:87:C8:2B:31:A8:75:C6:A4:96:D7:9C:A0:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPN231-e9IfIKzGodcakltecoNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/prmxPUAaa9yLG1Sx1VsdCwEuDjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/795ded-fcdf-47cf-af83-a4bc2816643a/1/gPN231-e9IfIKzGodcakltecoNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.8.0/24
5.157.17.0/24
5.157.42.0/24
5.157.45.0/24
5.157.56.0/24
5.157.58.0-5.157.63.255
151.237.186.0/24
Signature Algorithm: sha256WithRSAEncryption
65:cd:38:3f:66:f7:12:d4:6c:4b:3a:da:bc:13:0e:0b:85:3d:
3a:19:b9:9d:9e:d3:a9:de:35:95:fe:35:7d:53:02:65:c5:f2:
58:fe:15:cc:0d:ef:1c:27:40:42:9b:f8:5a:d6:ce:d7:75:bb:
dc:60:c6:f7:95:5f:00:de:a0:14:c1:ae:6f:cd:60:59:01:b3:
db:c2:9f:34:8a:0e:2c:51:31:bf:d4:52:ff:c9:9a:64:91:90:
f3:0a:68:f9:93:5b:7c:58:13:22:4b:c1:e4:00:b4:e1:f1:1b:
eb:d7:42:48:db:02:82:9e:cf:55:f8:4e:17:e2:03:c0:18:36:
04:35:ce:92:f9:af:4e:d4:31:52:3f:39:17:e2:a0:4b:e0:7b:
e9:7b:53:42:5d:3b:94:50:a3:c2:dd:e1:4b:ff:f0:eb:a9:d5:
85:70:0f:7d:ee:fe:2e:c1:cd:23:1f:4a:d0:4e:60:96:f7:f2:
05:3b:96:ad:5c:d5:27:fb:ef:8e:46:dd:2a:0c:0c:6d:e3:96:
68:b0:40:65:20:f6:51:97:59:69:53:bd:40:23:1a:3a:ad:b0:
30:2d:68:71:73:33:fa:f9:c4:d6:ae:c7:b4:f2:fa:35:e5:7c:
f6:cc:60:1a:08:03:4f:ab:90:61:f5:36:2f:e2:73:d1:56:dd:
7f:94:3b:4d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEFXDvPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGYzNzZkZjVmOWVmNDg3YzgyYjMxYTg3NWM2YTQ5NmQ3OWNhMGQ3MB4XDTIyMDEw
MTE0MDMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZiOWIxM2Q0MDFh
NmJkYzhiMWI1NGIxZDU1YjFkMGIwMTJlMGUzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIq+xGV0hlm91pBz1bf/W1oKdUXgILM8IZCbZBVJ8J4o6pm
UJdF1//WEY9gbyPsHamsCdTLaj0pjv6MKnMU1mSPmEG6UdmRo/FJ7GDh3dgvmWM3
uc2POQUPsYrUCX8fdOp1Y1PFdtpzE3nICT5rOiBI+5/z1jClnNzHpNGzg30zDHqa
OYdpC5/UO8/xviPxtYgVldyfvCK8wpIJa6/XjXBXMD1YG2ITHNKcyTqiabkw8Mjp
OnxXUMmlaBUbTaI6NJ9vd14ITkn70WUiyMmS1nM7QtA39dwxYCSJwBIGYLINPkbw
9YRwLG3NqSqznHB+/BWOGMjbVwD2NMoSeuFoyFkCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBSmubE9QBpr3IsbVLHVWx0LAS4OOzAfBgNVHSMEGDAWgBSA83bfX570h8gr
Mah1xqSW15yg1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dQTjIzMS1lOUlmSUt6R29kY2FrbHRlY29OYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvNzk1ZGVkLWZjZGYtNDdjZi1hZjgzLWE0YmMyODE2NjQzYS8x
L3BybXhQVUFhYTl5TEcxU3gxVnNkQ3dFdURqcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Nzk1ZGVkLWZjZGYtNDdjZi1hZjgzLWE0YmMyODE2NjQzYS8xL2dQTjIzMS1lOUlm
SUt6R29kY2FrbHRlY29OYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAAWdCAMEAAWdEQMEAAWdKgMEAAWd
LQMEAAWdODAMAwQBBZ06AwQGBZ0AAwQAl+26MA0GCSqGSIb3DQEBCwUAA4IBAQBl
zTg/ZvcS1GxLOtq8Ew4LhT06GbmdntOp3jWV/jV9UwJlxfJY/hXMDe8cJ0BCm/ha
1s7XdbvcYMb3lV8A3qAUwa5vzWBZAbPbwp80ig4sUTG/1FL/yZpkkZDzCmj5k1t8
WBMiS8HkALTh8Rvr10JI2wKCns9V+E4X4gPAGDYENc6S+a9O1DFSPzkX4qBL4Hvp
e1NCXTuUUKPC3eFL//DrqdWFcA997v4uwc0jH0rQTmCW9/IFO5atXNUn+++ORt0q
DAxt45ZosEBlIPZRl1lpU71AIxo6rbAwLWhxczP6+cTWrse08vo15Xz2zGAaCANP
q5Bh9TYv4nPRVt1/lDtN
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:24:34 2025 by rpki-client