Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/BSmXWwbzx7uoGcwgVJqkBEod3Sc.roa
File: BSmXWwbzx7uoGcwgVJqkBEod3Sc.roa (raw, json)
Hash identifier: I85EZyIs7Vcl92Jn9GfhQXFTpsCk4UJJdViWMbBbGlo=
Subject key identifier: 05:29:97:5B:06:F3:C7:BB:A8:19:CC:20:54:9A:A4:04:4A:1D:DD:27
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018FAA5893357E5AFAFE11F7F314809F3117
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/BSmXWwbzx7uoGcwgVJqkBEod3Sc.roa
Signing time: Fri 24 May 2024 11:24:42 +0000
ROA not before: Fri 24 May 2024 11:24:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.249.201.0/24 maxlen: 24
212.42.208.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:aa:58:93:35:7e:5a:fa:fe:11:f7:f3:14:80:9f:31:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: May 24 11:24:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0529975b06f3c7bba819cc20549aa4044a1ddd27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d3:5a:36:ae:4c:ae:c2:fb:66:d9:5f:1d:e8:
d4:f8:2f:ad:e7:39:04:6d:e2:12:a1:84:13:d8:d8:
5c:c6:96:5d:56:84:80:44:7d:ec:e6:ec:ac:a3:ba:
c0:a2:b6:48:a3:ad:d6:f0:ab:d1:96:a9:d3:9e:e6:
31:ed:d9:a8:20:0a:72:10:f8:9f:72:da:14:cf:30:
63:0a:1f:8f:a2:c7:e1:d2:91:8b:b7:f1:97:23:a6:
40:63:65:e4:5e:21:9f:17:f5:58:c8:46:c7:c6:07:
66:5a:b7:bf:64:83:7c:db:86:b4:38:d3:ed:5e:6b:
76:85:59:f4:32:20:f2:99:e3:5f:31:07:9e:a1:26:
89:98:6e:f8:00:14:8b:89:ed:d1:90:af:59:d8:43:
f1:9d:15:1b:7f:66:a5:8d:66:1d:c2:19:f5:8f:a6:
30:31:3c:1a:1a:3e:7d:bd:e9:f7:97:90:dd:54:e1:
55:19:5b:29:96:7f:e2:9f:b5:38:f0:31:11:bc:6a:
86:53:82:be:d2:38:b3:3a:57:f4:ee:e1:69:01:90:
26:0c:7c:40:58:b6:20:f4:40:4b:54:fd:eb:a4:f6:
c5:74:bc:4a:91:cc:d2:87:ea:76:0f:c1:9c:aa:04:
b3:05:fe:d2:a9:a9:71:ba:00:c9:e5:66:4f:5a:ac:
57:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:29:97:5B:06:F3:C7:BB:A8:19:CC:20:54:9A:A4:04:4A:1D:DD:27
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/BSmXWwbzx7uoGcwgVJqkBEod3Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.201.0/24
212.42.208.0/20
Signature Algorithm: sha256WithRSAEncryption
af:d7:b2:a8:a7:b4:e9:37:fe:79:51:0c:d4:c3:86:dd:fd:9f:
6e:1d:d0:5c:49:69:31:13:a4:48:26:24:72:ba:47:94:b9:7e:
c7:7f:73:01:56:19:f9:58:d5:45:b3:f0:f3:4d:52:ba:09:5f:
a9:a6:6e:4d:33:4e:3d:0d:2d:2c:11:75:dc:b1:d1:c9:5a:ba:
fa:0b:21:67:b7:36:e8:3f:d0:dc:68:3f:08:90:9c:61:33:24:
57:d1:00:5e:81:d0:cd:84:0f:bc:26:be:1a:39:15:76:0b:c3:
f0:6d:31:f7:f1:3b:4e:b1:62:93:b2:e3:6e:44:9d:f3:d3:92:
dc:3b:a7:fb:a6:af:76:a2:bf:a1:02:34:fc:f4:55:51:de:27:
5c:05:fc:ab:2a:fb:4d:f4:95:57:a4:8c:04:11:58:a0:ee:8f:
df:70:fd:10:19:24:3b:de:6c:5b:78:3b:9a:28:da:22:fc:1a:
d2:ed:a9:46:aa:ef:4c:2f:5d:0c:62:48:42:0a:a9:e6:46:b0:
8f:1b:44:87:1b:aa:5b:1f:24:69:34:24:c9:07:5b:52:4b:e5:
52:74:a8:85:67:73:9c:84:53:7c:50:95:02:fb:fe:27:3a:46:
35:9d:c4:2f:ca:07:32:2f:47:18:11:e4:a4:01:6f:23:8a:5e:
21:a6:55:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+qWJM1flr6/hH38xSAnzEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNTI0MTEyNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTI5OTc1YjA2ZjNjN2JiYTgxOWNjMjA1NDlhYTQwNDRhMWRkZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9NaNq5MrsL7ZtlfHejU+C+t5zkE
beISoYQT2NhcxpZdVoSARH3s5uyso7rAorZIo63W8KvRlqnTnuYx7dmoIApyEPif
ctoUzzBjCh+Posfh0pGLt/GXI6ZAY2XkXiGfF/VYyEbHxgdmWre/ZIN824a0ONPt
Xmt2hVn0MiDymeNfMQeeoSaJmG74ABSLie3RkK9Z2EPxnRUbf2aljWYdwhn1j6Yw
MTwaGj59ven3l5DdVOFVGVspln/in7U48DERvGqGU4K+0jizOlf07uFpAZAmDHxA
WLYg9EBLVP3rpPbFdLxKkczSh+p2D8GcqgSzBf7SqalxugDJ5WZPWqxX5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAUpl1sG88e7qBnMIFSapARKHd0nMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvQlNtWFd3Ynp4N3VvR2N3Z1ZKcWtCRW9kM1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfnJAwQE
1CrQMA0GCSqGSIb3DQEBCwUAA4IBAQCv17Kop7TpN/55UQzUw4bd/Z9uHdBcSWkx
E6RIJiRyukeUuX7Hf3MBVhn5WNVFs/DzTVK6CV+ppm5NM049DS0sEXXcsdHJWrr6
CyFntzboP9DcaD8IkJxhMyRX0QBegdDNhA+8Jr4aORV2C8PwbTH38TtOsWKTsuNu
RJ3z05LcO6f7pq92or+hAjT89FVR3idcBfyrKvtN9JVXpIwEEVig7o/fcP0QGSQ7
3mxbeDuaKNoi/BrS7alGqu9ML10MYkhCCqnmRrCPG0SHG6pbHyRpNCTJB1tSS+VS
dKiFZ3OchFN8UJUC+/4nOkY1ncQvygcyL0cYEeSkAW8jil4hplWH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:20 2025 by rpki-client