Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/BNBjjVaOSxZ2fBMRKYuM7o0AiDU.roa
File: BNBjjVaOSxZ2fBMRKYuM7o0AiDU.roa (raw, json)
Hash identifier: 9xj7sfP+R81wGYA//gMK/q7YUN1wrpFQMDSsEQu6UzQ=
Subject key identifier: 04:D0:63:8D:56:8E:4B:16:76:7C:13:11:29:8B:8C:EE:8D:00:88:35
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01911E9A282398D981B650E448F65AEBDE14
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/BNBjjVaOSxZ2fBMRKYuM7o0AiDU.roa
Signing time: Sun 04 Aug 2024 18:15:04 +0000
ROA not before: Sun 04 Aug 2024 18:15:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 89.249.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1e:9a:28:23:98:d9:81:b6:50:e4:48:f6:5a:eb:de:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Aug 4 18:15:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04d0638d568e4b16767c1311298b8cee8d008835
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:44:13:79:d4:d1:8b:a2:2d:57:3e:ec:4e:73:
bb:3a:fe:a5:62:f6:89:3e:cc:e3:d9:05:af:86:6b:
74:1b:51:cc:60:75:1d:ac:34:9b:5c:a2:1b:e1:d3:
c8:b0:f0:ac:b9:ce:ef:40:ea:ce:ca:a8:0d:08:2b:
fd:46:5e:3f:24:be:99:af:59:cc:c3:77:8e:0b:81:
22:6e:11:8e:20:94:23:a6:31:97:f1:bf:c8:f1:e8:
fe:46:fb:8f:9f:1b:76:b7:da:e6:b6:9d:42:21:d0:
02:6c:a5:6d:a5:4b:e1:4a:5a:66:6f:d8:a9:2b:7a:
24:53:17:b0:be:1f:0a:f4:0e:a8:2b:57:33:3d:3c:
6a:3c:4a:a8:de:b5:d3:05:93:bd:b3:2f:98:de:f5:
e6:94:85:2c:ea:18:87:62:cd:5f:78:54:b4:5c:01:
fd:bf:9d:45:7a:59:1e:49:bd:28:39:51:6e:75:bd:
bd:03:5a:1c:c9:c9:d2:88:c9:57:03:4d:53:88:fc:
a7:55:50:2d:47:60:6b:45:a8:df:7b:9a:91:d8:c7:
3d:70:d4:9c:a7:b7:d2:6a:e3:4c:ad:c5:9f:f2:16:
bf:f3:df:72:b2:4f:b1:84:aa:2d:66:b0:fe:7a:fd:
68:00:06:4a:1c:62:aa:9a:41:79:a2:35:62:4d:f3:
ba:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D0:63:8D:56:8E:4B:16:76:7C:13:11:29:8B:8C:EE:8D:00:88:35
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/BNBjjVaOSxZ2fBMRKYuM7o0AiDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.200.0/24
Signature Algorithm: sha256WithRSAEncryption
56:a7:64:ec:da:1a:d3:e9:9b:cd:8f:ab:ee:fa:a7:49:3e:48:
79:62:77:ce:d1:78:96:c6:d6:6e:d9:ec:7f:bc:de:33:c3:1e:
99:e4:34:b3:d6:1a:67:0a:a4:85:59:53:82:58:f4:b7:8c:37:
6e:49:c8:6e:96:6d:63:22:eb:39:a4:85:1d:c3:5f:a2:d2:30:
e6:2a:0c:40:40:aa:16:45:f9:09:e9:8e:ec:01:e1:36:0c:26:
8d:2d:27:d8:52:c4:38:3a:8a:21:02:86:30:4b:33:c8:88:85:
0c:42:ad:ae:62:2e:b2:87:ca:84:fe:a2:6e:a6:69:c2:80:fd:
ed:71:f2:96:77:3c:b5:d7:fa:45:99:2e:0b:05:dd:0c:b5:85:
80:44:bc:9d:cb:5e:8f:9a:60:fe:e5:80:b2:3a:67:ff:d3:66:
12:9b:85:0b:71:a3:29:c2:2f:1c:68:2b:fc:c6:c8:d8:ed:18:
c2:74:51:b7:d9:40:ac:13:f5:1a:23:85:37:91:01:68:cd:6b:
32:42:8b:18:f1:74:e3:a0:b8:d9:75:45:59:bf:75:da:36:fb:
05:fe:39:75:a6:d2:29:f4:08:fa:11:30:81:5e:1f:4b:b9:da:
dd:28:2a:75:fa:31:6d:eb:42:c4:4b:6e:d8:65:0a:15:4a:54:
31:8a:b7:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEemigjmNmBtlDkSPZa694UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwODA0MTgxNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGQwNjM4ZDU2OGU0YjE2NzY3YzEzMTEyOThiOGNlZThkMDA4ODM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUQTedTRi6ItVz7sTnO7Ov6lYvaJ
Pszj2QWvhmt0G1HMYHUdrDSbXKIb4dPIsPCsuc7vQOrOyqgNCCv9Rl4/JL6Zr1nM
w3eOC4EibhGOIJQjpjGX8b/I8ej+RvuPnxt2t9rmtp1CIdACbKVtpUvhSlpmb9ip
K3okUxewvh8K9A6oK1czPTxqPEqo3rXTBZO9sy+Y3vXmlIUs6hiHYs1feFS0XAH9
v51FelkeSb0oOVFudb29A1ocycnSiMlXA01TiPynVVAtR2BrRajfe5qR2Mc9cNSc
p7fSauNMrcWf8ha/899ysk+xhKotZrD+ev1oAAZKHGKqmkF5ojViTfO6iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATQY41WjksWdnwTESmLjO6NAIg1MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvQk5CampWYU9TeFoyZkJNUktZdU03bzBBaURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnIMA0G
CSqGSIb3DQEBCwUAA4IBAQBWp2Ts2hrT6ZvNj6vu+qdJPkh5YnfO0XiWxtZu2ex/
vN4zwx6Z5DSz1hpnCqSFWVOCWPS3jDduSchulm1jIus5pIUdw1+i0jDmKgxAQKoW
RfkJ6Y7sAeE2DCaNLSfYUsQ4OoohAoYwSzPIiIUMQq2uYi6yh8qE/qJupmnCgP3t
cfKWdzy11/pFmS4LBd0MtYWARLydy16PmmD+5YCyOmf/02YSm4ULcaMpwi8caCv8
xsjY7RjCdFG32UCsE/UaI4U3kQFozWsyQosY8XTjoLjZdUVZv3XaNvsF/jl1ptIp
9Aj6ETCBXh9LudrdKCp1+jFt60LES27YZQoVSlQxirdV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:40 2025 by rpki-client