Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/jEr_KCysTtk7e4S3Fpe5j4polho.roa
File: jEr_KCysTtk7e4S3Fpe5j4polho.roa (raw, json)
Hash identifier: 6OQLaPHjB+j/tvXOYP5f42BIcjG9euHCqPQA0pf4MhE=
Subject key identifier: 8C:4A:FF:28:2C:AC:4E:D9:3B:7B:84:B7:16:97:B9:8F:8A:68:96:1A
Certificate issuer: /CN=e85b83c87c4a3d8315025379f72987520bb5d046
Certificate serial: 019016671CA7B000E4ABF609315C8F6306C6
Authority key identifier: E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/jEr_KCysTtk7e4S3Fpe5j4polho.roa
Signing time: Fri 14 Jun 2024 10:59:34 +0000
ROA not before: Fri 14 Jun 2024 10:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 89.191.96.0/20 maxlen: 20
89.191.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:16:67:1c:a7:b0:00:e4:ab:f6:09:31:5c:8f:63:06:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e85b83c87c4a3d8315025379f72987520bb5d046
Validity
Not Before: Jun 14 10:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c4aff282cac4ed93b7b84b71697b98f8a68961a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5c:37:6c:3a:e7:72:de:8a:09:73:3e:d5:3d:
d2:6c:17:dd:e2:26:cc:cb:a1:15:9f:d6:dd:f3:6c:
0e:dd:80:d2:3d:ad:0c:d0:b2:b5:4a:85:c4:61:b2:
da:51:c5:47:a3:f7:dc:0d:84:8d:02:44:b0:dc:b7:
fc:55:a4:d4:9c:64:66:b7:fd:06:1f:04:dd:5f:16:
93:82:cd:29:82:f7:de:7f:35:2e:54:bd:9f:c7:e2:
d2:01:b1:4b:96:f7:cf:41:dd:d5:79:6a:10:43:1a:
80:9f:79:81:7f:82:8c:8b:7b:dc:14:b4:22:e6:62:
dd:40:0b:f8:dc:7a:d2:0f:7c:22:d7:1d:d7:ec:fc:
4c:29:f2:ee:67:88:f3:3c:83:f2:a9:f6:12:a4:43:
4f:61:3b:2b:2b:dd:ee:a3:94:3b:cd:9d:c8:f1:8c:
26:92:71:48:d3:d2:a3:f4:87:0d:b9:2c:12:87:59:
b9:07:17:2b:59:5e:c8:56:5f:44:d3:0d:56:39:a3:
a7:86:98:ea:0f:31:65:6a:f0:9a:59:9f:50:87:51:
0f:ce:8e:00:4a:43:e5:80:ad:56:a3:7d:a7:6f:72:
91:ad:eb:a0:dc:ef:a6:b8:73:f7:bc:a3:60:79:62:
ff:8d:60:5b:f4:e6:d0:ba:50:7e:61:6f:55:b9:f6:
aa:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:4A:FF:28:2C:AC:4E:D9:3B:7B:84:B7:16:97:B9:8F:8A:68:96:1A
X509v3 Authority Key Identifier:
keyid:E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/jEr_KCysTtk7e4S3Fpe5j4polho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.191.96.0/20
89.191.124.0/22
Signature Algorithm: sha256WithRSAEncryption
34:72:91:13:47:3b:78:90:b7:23:72:d0:18:5c:3d:f2:31:d4:
37:1d:31:4f:18:50:92:71:b1:37:70:37:5f:16:4d:2f:10:d0:
f6:7d:cd:d3:c3:98:fb:c0:ea:98:e2:40:a6:88:e0:e0:d7:5d:
89:51:dc:7f:7c:6e:f1:31:8b:3d:08:66:79:ed:36:4d:dd:dc:
c6:d8:db:88:d1:a8:8b:67:4e:f7:5f:94:7a:3e:41:c6:ed:0d:
74:d7:42:3b:ee:d7:68:64:00:90:0d:07:ad:57:92:7d:b4:03:
9d:ee:97:a2:ed:2b:a3:71:c4:54:73:7d:2c:78:48:29:d2:e8:
cb:a0:7d:45:3a:a9:df:28:68:59:02:b5:8d:a4:de:2a:b8:ff:
17:d0:4c:27:97:92:99:f1:a9:aa:26:de:74:9f:24:f1:74:c5:
d9:34:fe:f5:81:4e:c1:92:a6:ce:e3:dc:78:22:b2:e5:f5:33:
c1:dc:8d:c5:73:b3:34:fc:13:6e:05:b4:46:30:3e:70:35:36:
ea:ec:00:a4:eb:f7:8c:79:c9:92:83:f1:0c:41:7c:d3:83:69:
70:90:bc:61:38:c7:13:29:be:7a:91:9c:71:0c:be:30:ed:d3:
0e:e2:a7:5c:15:e0:4d:d3:c4:4b:b9:c9:5f:cd:de:7c:33:2a:
a9:a5:b8:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZAWZxynsADkq/YJMVyPYwbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWI4M2M4N2M0YTNkODMxNTAyNTM3OWY3Mjk4NzUyMGJi
NWQwNDYwHhcNMjQwNjE0MTA1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzRhZmYyODJjYWM0ZWQ5M2I3Yjg0YjcxNjk3Yjk4ZjhhNjg5NjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlw3bDrnct6KCXM+1T3SbBfd4ibM
y6EVn9bd82wO3YDSPa0M0LK1SoXEYbLaUcVHo/fcDYSNAkSw3Lf8VaTUnGRmt/0G
HwTdXxaTgs0pgvfefzUuVL2fx+LSAbFLlvfPQd3VeWoQQxqAn3mBf4KMi3vcFLQi
5mLdQAv43HrSD3wi1x3X7PxMKfLuZ4jzPIPyqfYSpENPYTsrK93uo5Q7zZ3I8Ywm
knFI09Kj9IcNuSwSh1m5BxcrWV7IVl9E0w1WOaOnhpjqDzFlavCaWZ9Qh1EPzo4A
SkPlgK1Wo32nb3KRreug3O+muHP3vKNgeWL/jWBb9ObQulB+YW9VufaqwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIxK/ygsrE7ZO3uEtxaXuY+KaJYaMB8GA1UdIwQY
MBaAFOhbg8h8Sj2DFQJTefcph1ILtdBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGIt
ODlhYWVhMzYyODVlLzEvakVyX0tDeXNUdGs3ZTRTM0ZwZTVqNHBvbGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGItODlhYWVhMzYyODVl
LzEvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWb9gAwQC
Wb98MA0GCSqGSIb3DQEBCwUAA4IBAQA0cpETRzt4kLcjctAYXD3yMdQ3HTFPGFCS
cbE3cDdfFk0vEND2fc3Tw5j7wOqY4kCmiODg112JUdx/fG7xMYs9CGZ57TZN3dzG
2NuI0aiLZ073X5R6PkHG7Q1010I77tdoZACQDQetV5J9tAOd7pei7SujccRUc30s
eEgp0ujLoH1FOqnfKGhZArWNpN4quP8X0Ewnl5KZ8amqJt50nyTxdMXZNP71gU7B
kqbO49x4IrLl9TPB3I3Fc7M0/BNuBbRGMD5wNTbq7ACk6/eMecmSg/EMQXzTg2lw
kLxhOMcTKb56kZxxDL4w7dMO4qdcFeBN08RLuclfzd58Myqppbja
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:11 2025 by rpki-client