Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/I0mXoFg56m4VpqVvAyGCUgrcgYQ.roa
File: I0mXoFg56m4VpqVvAyGCUgrcgYQ.roa (raw, json)
Hash identifier: 69gq2H8hSh8+1PYXeIoyQGHUfojqjDzy6wGx+tvVOWc=
Subject key identifier: 23:49:97:A0:58:39:EA:6E:15:A6:A5:6F:03:21:82:52:0A:DC:81:84
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018E2837818B5FEEBF3E4142EA1EAB4A6433
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/I0mXoFg56m4VpqVvAyGCUgrcgYQ.roa
Signing time: Sun 10 Mar 2024 11:55:10 +0000
ROA not before: Sun 10 Mar 2024 11:55:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.200.0/24 maxlen: 24
212.42.192.0/20 maxlen: 24
212.42.208.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:28:37:81:8b:5f:ee:bf:3e:41:42:ea:1e:ab:4a:64:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Mar 10 11:55:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=234997a05839ea6e15a6a56f032182520adc8184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a3:c2:a0:81:5a:ef:ba:49:ce:4f:a3:6f:6d:
b4:5a:b4:f8:1f:75:6e:cc:24:3b:44:5c:9b:f5:ed:
fb:23:34:d3:cc:31:13:b6:c2:57:c9:ae:96:a4:6c:
67:87:95:06:6f:bf:e0:4c:2f:64:54:9b:00:90:19:
1d:d4:5c:99:a4:2a:da:e2:c5:1a:08:23:06:7b:c1:
84:57:6f:b6:d7:24:89:e2:f1:f1:fc:5d:9b:be:21:
e5:9e:11:db:17:34:3d:97:53:58:f6:ec:dc:d4:c2:
1b:a6:1c:90:f4:90:89:70:64:89:1c:62:95:c9:f8:
49:2f:fc:d8:63:26:d4:be:b2:45:13:c7:0e:73:2c:
49:19:34:7d:f2:cb:91:4a:2b:83:6b:fc:76:b3:a1:
04:a8:b6:d8:ff:1b:6e:a5:4a:b2:27:99:55:b9:65:
4b:1e:d3:f1:5c:f2:ae:cd:67:fa:3c:2f:f4:77:bc:
53:72:f2:a8:65:93:b2:27:fd:07:6d:cf:af:f8:6e:
db:c5:88:d5:69:d4:f8:dd:f7:9d:47:85:5d:12:67:
4b:00:f7:be:80:e4:c5:db:40:9d:6f:2c:46:50:b7:
7a:a6:db:35:fd:5e:33:ae:f2:85:27:16:2e:a9:6d:
a7:02:42:f4:34:9b:71:4f:57:6b:89:1e:23:51:0f:
63:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:49:97:A0:58:39:EA:6E:15:A6:A5:6F:03:21:82:52:0A:DC:81:84
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/I0mXoFg56m4VpqVvAyGCUgrcgYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.200.0/24
212.42.192.0/19
Signature Algorithm: sha256WithRSAEncryption
73:62:de:b0:a5:8f:2d:db:f8:07:4b:0b:95:6a:5c:ed:88:3f:
c1:92:a1:c4:0e:30:06:d1:b8:f8:84:2f:f3:22:4e:00:e3:72:
62:75:5f:08:ab:59:b1:53:e2:72:5d:c5:45:26:7d:f7:8b:5e:
06:b7:38:1e:c4:55:e9:f6:0f:a8:15:4f:40:84:d6:42:f2:ad:
5c:71:06:c2:8f:32:35:41:81:04:0e:94:db:f8:f6:da:30:64:
9b:b8:ee:4f:9c:5e:31:27:67:d1:30:90:5d:92:49:15:f0:b1:
1e:4d:65:37:ae:d2:ca:f8:da:ab:29:50:f4:89:45:86:1c:60:
82:13:dd:4b:fa:45:05:46:25:a7:27:ee:84:5b:1b:52:c5:9e:
67:83:31:e6:7d:d1:b8:ef:6b:ba:81:28:19:77:3a:42:13:8e:
75:15:0d:9b:a5:b5:6f:c5:1c:8e:61:2b:60:89:db:66:1d:84:
3f:5e:6e:0a:2c:61:60:cd:b7:b9:39:98:4c:7e:43:77:90:8a:
d4:4e:65:b3:f5:0b:96:17:b5:78:f0:1f:d2:46:10:d7:fe:8d:
bf:1b:8e:43:c8:8c:30:57:03:1e:af:5a:c9:b2:02:33:3e:b2:
b4:b2:39:fb:cb:17:b0:b8:29:e2:a5:f9:4b:4e:51:84:29:5a:
c0:41:6f:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4oN4GLX+6/PkFC6h6rSmQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMzEwMTE1NTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQ5OTdhMDU4MzllYTZlMTVhNmE1NmYwMzIxODI1MjBhZGM4MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaPCoIFa77pJzk+jb220WrT4H3Vu
zCQ7RFyb9e37IzTTzDETtsJXya6WpGxnh5UGb7/gTC9kVJsAkBkd1FyZpCra4sUa
CCMGe8GEV2+21ySJ4vHx/F2bviHlnhHbFzQ9l1NY9uzc1MIbphyQ9JCJcGSJHGKV
yfhJL/zYYybUvrJFE8cOcyxJGTR98suRSiuDa/x2s6EEqLbY/xtupUqyJ5lVuWVL
HtPxXPKuzWf6PC/0d7xTcvKoZZOyJ/0Hbc+v+G7bxYjVadT43fedR4VdEmdLAPe+
gOTF20CdbyxGULd6pts1/V4zrvKFJxYuqW2nAkL0NJtxT1driR4jUQ9jNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCNJl6BYOepuFaalbwMhglIK3IGEMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvSTBtWG9GZzU2bTRWcHFWdkF5R0NVZ3JjZ1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfnIAwQF
1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQBzYt6wpY8t2/gHSwuValztiD/BkqHEDjAG
0bj4hC/zIk4A43JidV8Iq1mxU+JyXcVFJn33i14GtzgexFXp9g+oFU9AhNZC8q1c
cQbCjzI1QYEEDpTb+PbaMGSbuO5PnF4xJ2fRMJBdkkkV8LEeTWU3rtLK+NqrKVD0
iUWGHGCCE91L+kUFRiWnJ+6EWxtSxZ5ngzHmfdG472u6gSgZdzpCE451FQ2bpbVv
xRyOYStgidtmHYQ/Xm4KLGFgzbe5OZhMfkN3kIrUTmWz9QuWF7V48B/SRhDX/o2/
G45DyIwwVwMer1rJsgIzPrK0sjn7yxewuCnipflLTlGEKVrAQW8F
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:03 2025 by rpki-client