Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DePWnRHkKbJ3ziOFg-qXOppoa0M.roa
File: DePWnRHkKbJ3ziOFg-qXOppoa0M.roa (raw, json)
Hash identifier: oOYmAf8Yq5k4/CSFNOcRrNj7bdJ3JXei+HeouNtNa6s=
Subject key identifier: 0D:E3:D6:9D:11:E4:29:B2:77:CE:23:85:83:EA:97:3A:9A:68:6B:43
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018BCDF797955F7B1FDCA897CAB6130FA46F
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DePWnRHkKbJ3ziOFg-qXOppoa0M.roa
Signing time: Tue 14 Nov 2023 13:13:57 +0000
ROA not before: Tue 14 Nov 2023 13:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.249.202.0/24 maxlen: 24
89.249.206.0/24 maxlen: 24
185.21.254.0/24 maxlen: 24
89.249.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:f7:97:95:5f:7b:1f:dc:a8:97:ca:b6:13:0f:a4:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Nov 14 13:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0de3d69d11e429b277ce238583ea973a9a686b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c9:eb:78:3a:b1:dd:3c:a8:f1:3a:b5:ea:8e:
43:e2:8e:d4:a1:d2:cb:ec:80:09:5c:bd:67:8e:09:
d2:ad:a3:b0:cd:50:99:bf:6e:f2:dc:fb:58:d4:2d:
7e:b1:70:db:08:89:ba:b0:67:34:58:23:5a:0e:b4:
6f:98:0a:67:45:ca:ef:d2:c6:6a:fe:49:61:13:98:
2e:a5:1b:ad:19:8a:3d:3f:42:65:d8:81:28:84:93:
1e:f7:fa:44:9e:ea:26:35:3b:a6:a7:c1:47:fe:86:
e1:39:b4:9f:0d:ca:64:e8:62:01:3f:03:bf:53:14:
d6:40:37:88:ca:0f:c2:3e:b3:0d:cf:fa:8f:c3:ec:
7c:cb:04:d4:0c:8a:27:93:b7:1b:f6:d3:b5:bb:7d:
1c:94:67:b7:f0:51:aa:25:d9:71:86:8e:10:bf:31:
62:7a:7f:06:e5:62:93:f6:37:7a:b9:5a:e0:68:19:
35:00:82:95:03:a0:0a:31:20:74:09:b2:1a:ea:62:
3c:39:01:7a:5f:b8:e2:10:e8:b0:04:ee:c3:ce:b8:
a2:fa:1d:33:ee:b6:45:7f:dd:9f:7d:45:12:b4:9f:
91:08:ee:dd:c9:de:c0:d7:4c:27:43:41:89:7d:97:
5a:4e:49:15:78:a7:21:53:27:fc:7b:64:2d:cc:0a:
b6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E3:D6:9D:11:E4:29:B2:77:CE:23:85:83:EA:97:3A:9A:68:6B:43
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DePWnRHkKbJ3ziOFg-qXOppoa0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.202.0/24
89.249.206.0/23
185.21.254.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:6a:78:bf:37:52:9a:ed:68:81:eb:ce:40:3a:7d:c8:3c:ec:
74:17:52:e8:2e:14:1b:9a:c1:82:e5:4c:06:84:aa:7c:0e:61:
ce:ad:0f:f7:b7:39:e1:f5:e7:ec:5f:8a:03:9e:66:f6:be:61:
d1:85:02:16:01:7c:59:a2:9e:be:29:1b:ce:19:d0:13:8a:2e:
99:43:92:98:59:4e:bd:6d:35:45:db:a1:04:a4:89:c8:77:1c:
32:de:59:da:74:bc:1d:c1:ef:15:af:ae:99:50:4f:fc:46:9b:
47:4a:06:32:60:9f:50:1f:4f:22:0c:68:ff:fd:6c:14:5c:b2:
71:24:42:51:a9:97:17:8a:99:81:7f:6c:e9:e5:07:45:90:1f:
2f:80:60:ad:69:f1:22:06:ba:37:2c:04:24:ef:4f:a5:6b:b0:
3d:19:c4:db:ee:9c:b9:43:ab:82:1c:21:13:95:8e:53:93:0a:
ed:14:d8:bc:e0:04:8d:94:1f:2b:19:1c:ac:52:ba:ec:84:79:
f3:a4:30:64:18:35:97:fd:af:17:1d:e6:68:3a:c8:60:1b:be:
e2:89:8d:61:64:ca:81:ee:8a:bc:d2:4b:ed:08:81:3f:35:79:
56:75:fe:90:1a:e2:ea:e1:22:3d:9f:2f:30:29:4d:a5:de:3f:
b7:36:56:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvN95eVX3sf3KiXyrYTD6RvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMxMTE0MTMxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGUzZDY5ZDExZTQyOWIyNzdjZTIzODU4M2VhOTczYTlhNjg2YjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMnreDqx3Tyo8Tq16o5D4o7UodLL
7IAJXL1njgnSraOwzVCZv27y3PtY1C1+sXDbCIm6sGc0WCNaDrRvmApnRcrv0sZq
/klhE5gupRutGYo9P0Jl2IEohJMe9/pEnuomNTump8FH/obhObSfDcpk6GIBPwO/
UxTWQDeIyg/CPrMNz/qPw+x8ywTUDIonk7cb9tO1u30clGe38FGqJdlxho4QvzFi
en8G5WKT9jd6uVrgaBk1AIKVA6AKMSB0CbIa6mI8OQF6X7jiEOiwBO7Dzrii+h0z
7rZFf92ffUUStJ+RCO7dyd7A10wnQ0GJfZdaTkkVeKchUyf8e2QtzAq2+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA3j1p0R5Cmyd84jhYPqlzqaaGtDMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvRGVQV25SSGtLYkozemlPRmctcVhPcHBvYTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfnKAwQB
WfnOAwQAuRX+MA0GCSqGSIb3DQEBCwUAA4IBAQCiani/N1Ka7WiB685AOn3IPOx0
F1LoLhQbmsGC5UwGhKp8DmHOrQ/3tznh9efsX4oDnmb2vmHRhQIWAXxZop6+KRvO
GdATii6ZQ5KYWU69bTVF26EEpInIdxwy3lnadLwdwe8Vr66ZUE/8RptHSgYyYJ9Q
H08iDGj//WwUXLJxJEJRqZcXipmBf2zp5QdFkB8vgGCtafEiBro3LAQk70+la7A9
GcTb7py5Q6uCHCETlY5TkwrtFNi84ASNlB8rGRysUrrshHnzpDBkGDWX/a8XHeZo
OshgG77iiY1hZMqB7oq80kvtCIE/NXlWdf6QGuLq4SI9ny8wKU2l3j+3NlZl
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:31 2025 by rpki-client