Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/76-d50IxwW1zma5vt1TWYF7mJVE.roa
File: 76-d50IxwW1zma5vt1TWYF7mJVE.roa (raw, json)
Hash identifier: RmI9urkSSSoljjMjyeMRrDbCZ5gf1hCM77eItOFmu40=
Subject key identifier: EF:AF:9D:E7:42:31:C1:6D:73:99:AE:6F:B7:54:D6:60:5E:E6:25:51
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D0B67C7856684DCE6F4C749303598EC88
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/76-d50IxwW1zma5vt1TWYF7mJVE.roa
Signing time: Mon 15 Jan 2024 04:36:07 +0000
ROA not before: Mon 15 Jan 2024 04:36:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.203.0/24 maxlen: 24
89.249.200.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0b:67:c7:85:66:84:dc:e6:f4:c7:49:30:35:98:ec:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 15 04:36:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efaf9de74231c16d7399ae6fb754d6605ee62551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:43:87:25:fa:3c:36:4c:44:6f:e3:d0:db:3a:
01:db:d3:ec:13:45:5c:80:0f:ba:f3:c3:e8:09:52:
d4:2c:86:71:40:d9:ea:61:10:07:ee:20:f0:66:25:
09:70:01:e4:ec:53:e5:b1:26:ca:c6:6c:d2:86:9a:
eb:7d:51:7a:a5:7d:71:44:6e:72:5a:db:88:ec:c8:
79:23:62:e6:8c:dd:4e:f3:25:d3:6c:5a:3d:cb:f1:
33:a8:52:37:2b:8f:92:87:b6:e7:fa:4a:68:1d:11:
7b:1c:e5:46:87:f9:9a:52:74:49:0c:ad:8e:b0:60:
79:a8:a2:b0:87:95:a6:e8:61:42:05:b6:9f:84:9a:
f8:c1:be:3e:9e:f9:7e:1a:d0:2f:48:73:2a:59:ab:
20:e5:d0:02:b4:91:42:00:d5:d0:9d:51:10:1b:06:
0d:e8:9f:1a:0c:29:eb:a3:05:3a:f6:65:ef:bd:3e:
da:91:82:2e:bf:f7:93:98:75:5f:c5:31:c6:fc:44:
69:44:89:97:e0:5b:be:64:b4:04:c5:26:e2:0f:43:
0c:0c:cb:2f:ef:b9:ab:cb:d0:da:60:5e:5e:8e:a7:
33:8c:09:04:61:1b:db:af:9b:b5:2a:bf:83:ab:bb:
b9:df:e4:be:13:4b:5a:54:d3:64:39:f8:33:0f:21:
67:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:AF:9D:E7:42:31:C1:6D:73:99:AE:6F:B7:54:D6:60:5E:E6:25:51
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/76-d50IxwW1zma5vt1TWYF7mJVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0-89.249.201.255
89.249.203.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:f2:70:de:ad:4d:6a:40:de:3e:83:72:eb:9a:27:8c:5c:3a:
d0:c5:5b:70:77:e5:dc:7b:7e:29:9e:68:2a:c6:be:85:e7:3f:
01:6d:ef:6f:b3:e0:11:5a:35:f3:ac:59:6e:e1:4f:08:88:a5:
9f:0a:28:df:2c:9c:20:b3:1a:82:94:0b:b9:00:2b:f2:24:a4:
c0:2f:b7:94:93:80:fc:da:18:8e:ce:f3:fd:9b:7a:48:95:95:
a6:21:ec:5d:ed:59:e4:d6:c7:13:89:41:70:68:90:d9:05:1c:
10:e6:58:30:86:92:24:8b:81:59:1a:f5:98:dd:68:86:ca:8c:
a0:15:e8:6a:b6:e2:f3:06:d7:e6:84:17:ac:74:08:e6:ec:17:
61:78:ca:05:97:4b:b3:34:32:bc:ba:d2:bd:27:2d:eb:f5:31:
1f:5c:81:39:dc:32:14:82:b6:de:e0:84:0b:bf:eb:41:89:47:
28:de:2f:61:f5:75:a9:bc:a8:dd:b6:d1:c9:bc:01:e6:2b:11:
54:cf:ec:48:e5:d1:21:09:66:5f:ab:fd:40:8b:19:92:c6:62:
66:be:06:23:82:ab:0c:aa:d4:0a:8b:a1:0a:f9:a8:f9:11:43:
6b:02:2c:3d:27:e3:01:df:de:38:b4:de:83:95:d5:97:33:ee:
8a:5a:b9:4d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY0LZ8eFZoTc5vTHSTA1mOyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTE1MDQzNjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmFmOWRlNzQyMzFjMTZkNzM5OWFlNmZiNzU0ZDY2MDVlZTYyNTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30OHJfo8NkxEb+PQ2zoB29PsE0Vc
gA+688PoCVLULIZxQNnqYRAH7iDwZiUJcAHk7FPlsSbKxmzShprrfVF6pX1xRG5y
WtuI7Mh5I2LmjN1O8yXTbFo9y/EzqFI3K4+Sh7bn+kpoHRF7HOVGh/maUnRJDK2O
sGB5qKKwh5Wm6GFCBbafhJr4wb4+nvl+GtAvSHMqWasg5dACtJFCANXQnVEQGwYN
6J8aDCnrowU69mXvvT7akYIuv/eTmHVfxTHG/ERpRImX4Fu+ZLQExSbiD0MMDMsv
77mry9DaYF5ejqczjAkEYRvbr5u1Kr+Dq7u53+S+E0taVNNkOfgzDyFnQQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFO+vnedCMcFtc5mub7dU1mBe5iVRMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvNzYtZDUwSXh3VzF6bWE1dnQxVFdZRjdtSlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAZZ+cAD
BAFZ+cgDBABZ+cswDQYJKoZIhvcNAQELBQADggEBAMHycN6tTWpA3j6DcuuaJ4xc
OtDFW3B35dx7fimeaCrGvoXnPwFt72+z4BFaNfOsWW7hTwiIpZ8KKN8snCCzGoKU
C7kAK/IkpMAvt5STgPzaGI7O8/2bekiVlaYh7F3tWeTWxxOJQXBokNkFHBDmWDCG
kiSLgVka9ZjdaIbKjKAV6Gq24vMG1+aEF6x0CObsF2F4ygWXS7M0Mry60r0nLev1
MR9cgTncMhSCtt7ghAu/60GJRyjeL2H1dam8qN220cm8AeYrEVTP7Ejl0SEJZl+r
/UCLGZLGYma+BiOCqwyq1AqLoQr5qPkRQ2sCLD0n4wHf3ji03oOV1Zcz7opauU0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:03 2025 by rpki-client