Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/IkQhlOaq1m831gOEsBwoL0mprTc.roa
File: IkQhlOaq1m831gOEsBwoL0mprTc.roa (raw, json)
Hash identifier: XaGPaMs9FvgmAY4u4XETNsAa5Mp4PXmBbRF15voiGoc=
Subject key identifier: 22:44:21:94:E6:AA:D6:6F:37:D6:03:84:B0:1C:28:2F:49:A9:AD:37
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D5F80E6DECA5B8BA7DBE58076D2CF1130
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/IkQhlOaq1m831gOEsBwoL0mprTc.roa
Signing time: Wed 31 Jan 2024 12:31:39 +0000
ROA not before: Wed 31 Jan 2024 12:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.201.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:80:e6:de:ca:5b:8b:a7:db:e5:80:76:d2:cf:11:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 31 12:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22442194e6aad66f37d60384b01c282f49a9ad37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:18:a4:60:f5:45:c8:06:2d:98:66:ac:dc:af:
b0:95:9b:88:ab:7e:1d:68:7a:a8:05:43:74:4e:29:
0b:d2:54:8c:96:f4:06:09:65:d8:6a:fd:75:1a:79:
5b:e6:52:36:b8:4c:3e:68:3e:06:96:6f:23:c1:4c:
d0:66:92:e7:0f:38:09:d2:1c:60:0d:28:96:77:12:
54:c1:54:d1:f9:ab:57:c9:cc:0b:06:ff:56:1e:ed:
7a:47:ab:45:fb:bf:de:e2:20:7b:04:68:d8:04:e3:
5a:4c:01:6c:bf:ec:83:9d:fa:67:46:12:ac:06:13:
2f:43:32:5c:9c:aa:45:83:08:44:7b:87:05:69:c9:
b5:de:6f:c3:b1:e8:f6:4c:a2:cf:94:0d:10:a9:61:
84:56:a3:02:0d:72:2c:69:1e:f1:6c:e5:6c:3c:c9:
23:40:64:e2:f7:11:2c:f9:02:de:34:c3:97:e0:2d:
a7:d2:e5:45:23:55:00:f2:cc:96:a5:8c:6e:3d:83:
0d:87:23:22:a7:3c:64:d6:53:c4:17:fd:a0:07:ab:
d1:f1:a2:38:be:39:88:68:f5:3f:8a:ca:8c:5b:61:
3a:60:41:8c:66:5b:23:0b:77:b4:10:b9:86:f4:e2:
1d:3f:b7:7c:bf:b7:0a:23:5e:a4:45:d8:67:ff:83:
3f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:44:21:94:E6:AA:D6:6F:37:D6:03:84:B0:1C:28:2F:49:A9:AD:37
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/IkQhlOaq1m831gOEsBwoL0mprTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.201.0/24
Signature Algorithm: sha256WithRSAEncryption
83:07:9d:28:f8:91:98:fe:a8:ce:17:65:fe:6c:02:29:b8:1e:
be:48:15:d8:63:de:ec:61:cc:eb:cb:6a:26:b1:5e:ca:ed:40:
0b:33:9f:f6:b4:8c:79:93:d5:af:c1:74:0a:cb:3e:93:1a:04:
dc:83:07:a0:7a:77:c3:e9:bf:e9:59:5d:2a:a5:97:7c:23:80:
d9:18:bd:c0:11:64:89:aa:80:d0:6f:85:f1:2d:3a:90:ec:d2:
3f:8e:58:6f:aa:28:54:14:da:ae:f5:b9:34:f8:ac:d5:f6:18:
71:2f:5b:15:df:21:ef:5e:b0:b1:cc:98:1c:02:02:2f:1d:8f:
18:4b:52:d5:ef:01:6e:1d:8d:ea:98:61:3f:d0:a3:aa:2c:63:
cf:9b:44:99:61:41:99:0c:c4:22:7f:64:1b:83:8f:30:97:36:
90:ec:f1:a3:d2:fe:34:c4:d9:f6:ff:40:65:60:87:95:d9:bd:
03:91:8e:80:80:67:77:e2:c5:04:c5:32:fe:51:47:7c:f6:93:
fe:e2:af:13:8d:89:17:88:9c:d3:21:c2:ec:5d:68:a8:71:f1:
36:a5:b6:1c:38:db:54:cc:10:6e:89:57:06:f5:44:60:69:ac:
96:50:3c:7e:af:84:bc:1c:77:2e:38:43:11:0e:2f:c5:de:5f:
a1:a0:83:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1fgObeyluLp9vlgHbSzxEwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTMxMTIzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjQ0MjE5NGU2YWFkNjZmMzdkNjAzODRiMDFjMjgyZjQ5YTlhZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxikYPVFyAYtmGas3K+wlZuIq34d
aHqoBUN0TikL0lSMlvQGCWXYav11Gnlb5lI2uEw+aD4Glm8jwUzQZpLnDzgJ0hxg
DSiWdxJUwVTR+atXycwLBv9WHu16R6tF+7/e4iB7BGjYBONaTAFsv+yDnfpnRhKs
BhMvQzJcnKpFgwhEe4cFacm13m/Dsej2TKLPlA0QqWGEVqMCDXIsaR7xbOVsPMkj
QGTi9xEs+QLeNMOX4C2n0uVFI1UA8syWpYxuPYMNhyMipzxk1lPEF/2gB6vR8aI4
vjmIaPU/isqMW2E6YEGMZlsjC3e0ELmG9OIdP7d8v7cKI16kRdhn/4M/IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJEIZTmqtZvN9YDhLAcKC9Jqa03MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvSWtRaGxPYXExbTgzMWdPRXNCd29MMG1wclRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnJMA0G
CSqGSIb3DQEBCwUAA4IBAQCDB50o+JGY/qjOF2X+bAIpuB6+SBXYY97sYczry2om
sV7K7UALM5/2tIx5k9WvwXQKyz6TGgTcgwegenfD6b/pWV0qpZd8I4DZGL3AEWSJ
qoDQb4XxLTqQ7NI/jlhvqihUFNqu9bk0+KzV9hhxL1sV3yHvXrCxzJgcAgIvHY8Y
S1LV7wFuHY3qmGE/0KOqLGPPm0SZYUGZDMQif2Qbg48wlzaQ7PGj0v40xNn2/0Bl
YIeV2b0DkY6AgGd34sUExTL+UUd89pP+4q8TjYkXiJzTIcLsXWiocfE2pbYcONtU
zBBuiVcG9URgaayWUDx+r4S8HHcuOEMRDi/F3l+hoINe
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:01 2025 by rpki-client