Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JUpldXnm0MV9VkkuMubRHhfTyXI.roa
File: JUpldXnm0MV9VkkuMubRHhfTyXI.roa (raw, json)
Hash identifier: 1oT4Ctc43n4+EugdAuef+qw0tBoNYVQ+h1nR5bkrPz4=
Subject key identifier: 25:4A:65:75:79:E6:D0:C5:7D:56:49:2E:32:E6:D1:1E:17:D3:C9:72
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01937DD76BA211E7FB41462A7E45FE0E2A30
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JUpldXnm0MV9VkkuMubRHhfTyXI.roa
Signing time: Sat 30 Nov 2024 16:11:29 +0000
ROA not before: Sat 30 Nov 2024 16:11:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214411
IP address blocks: 89.249.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:7d:d7:6b:a2:11:e7:fb:41:46:2a:7e:45:fe:0e:2a:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Nov 30 16:11:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=254a657579e6d0c57d56492e32e6d11e17d3c972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1f:cc:03:a2:f0:30:a0:84:27:10:b1:7a:fd:
9e:f1:cb:d7:69:65:eb:dc:c2:ad:b1:13:63:dd:95:
07:18:39:17:62:cf:87:ff:2e:d5:f1:9f:b0:11:47:
d7:d9:d7:78:74:07:3a:31:54:b9:70:7f:18:e2:0c:
aa:35:e2:7c:ef:c8:b6:ab:29:4d:0c:f8:62:ef:56:
a3:7e:f3:4d:8f:6d:e5:c0:d4:b2:bd:45:b1:e7:14:
05:c0:a4:6a:20:a7:f9:0e:19:c4:b7:3a:28:fc:f7:
a3:13:c2:e3:4e:f1:c7:c2:7b:d3:1a:80:47:69:fc:
c6:e5:64:ba:c9:70:0a:91:61:25:92:86:b2:92:e2:
4f:0e:b0:b5:64:fd:6e:0b:96:c2:8b:cc:de:d7:45:
ae:ea:88:1c:85:93:d0:6d:44:b2:76:5d:bf:f0:6c:
b3:62:77:51:99:28:42:c7:ef:40:3d:b7:25:cd:b6:
c8:61:03:8a:cb:c6:b4:36:98:7a:4c:b6:20:cf:fb:
eb:48:d2:64:39:54:77:c0:03:e5:56:da:d7:95:1a:
dc:46:a0:63:49:de:ad:64:de:7b:2a:cd:dc:f2:12:
23:7d:e0:69:e2:69:db:2e:9a:ea:c5:6a:7a:b6:ce:
c5:57:b3:be:a6:91:47:57:ac:69:af:b2:28:07:b8:
eb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4A:65:75:79:E6:D0:C5:7D:56:49:2E:32:E6:D1:1E:17:D3:C9:72
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JUpldXnm0MV9VkkuMubRHhfTyXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.207.0/24
Signature Algorithm: sha256WithRSAEncryption
12:39:55:69:7c:50:8f:99:07:16:47:dd:10:51:69:7f:8c:fa:
09:7e:0a:05:19:94:78:bf:61:d3:c1:a4:9f:74:5b:66:5e:c3:
70:2a:a0:86:31:a0:26:a8:67:66:85:42:25:37:80:03:00:dd:
44:91:89:03:1c:93:4f:eb:d4:ce:6b:ad:ca:85:31:3e:92:42:
2a:96:44:d3:50:3b:08:43:b7:27:46:ac:0a:bb:f5:6f:8b:a9:
9d:fa:0f:23:ec:84:c5:cc:20:32:b7:5f:9a:bc:9b:66:e7:d4:
b8:39:64:80:b7:48:5a:29:4c:0e:a0:a2:ae:81:95:9a:26:2b:
55:db:76:31:59:d8:1d:54:2a:76:56:9b:c7:d2:b4:4d:7f:88:
8f:36:91:91:02:09:bd:b3:08:4e:a4:c4:3c:d6:69:88:0c:00:
8c:fb:de:fc:6f:56:c4:a5:b4:17:d9:cd:c6:08:54:87:2b:a6:
be:73:01:38:61:92:a5:0d:02:3d:a2:cb:b1:b8:db:5c:42:46:
7b:ff:eb:87:bc:84:24:53:48:6b:9f:f6:02:1c:43:5c:bd:38:
ba:43:b1:bb:38:53:67:ad:29:d8:0e:90:d3:21:f1:89:2e:55:
29:5b:11:59:49:f5:0d:8f:16:09:07:b6:6d:32:28:92:cf:96:
55:2a:bf:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZN912uiEef7QUYqfkX+DiowMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMTMwMTYxMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRhNjU3NTc5ZTZkMGM1N2Q1NjQ5MmUzMmU2ZDExZTE3ZDNjOTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh/MA6LwMKCEJxCxev2e8cvXaWXr
3MKtsRNj3ZUHGDkXYs+H/y7V8Z+wEUfX2dd4dAc6MVS5cH8Y4gyqNeJ878i2qylN
DPhi71ajfvNNj23lwNSyvUWx5xQFwKRqIKf5DhnEtzoo/PejE8LjTvHHwnvTGoBH
afzG5WS6yXAKkWElkoaykuJPDrC1ZP1uC5bCi8ze10Wu6ogchZPQbUSydl2/8Gyz
YndRmShCx+9APbclzbbIYQOKy8a0Nph6TLYgz/vrSNJkOVR3wAPlVtrXlRrcRqBj
Sd6tZN57Ks3c8hIjfeBp4mnbLprqxWp6ts7FV7O+ppFHV6xpr7IoB7jrYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCVKZXV55tDFfVZJLjLm0R4X08lyMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvSlVwbGRYbm0wTVY5VmtrdU11YlJIaGZUeVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnPMA0G
CSqGSIb3DQEBCwUAA4IBAQASOVVpfFCPmQcWR90QUWl/jPoJfgoFGZR4v2HTwaSf
dFtmXsNwKqCGMaAmqGdmhUIlN4ADAN1EkYkDHJNP69TOa63KhTE+kkIqlkTTUDsI
Q7cnRqwKu/Vvi6md+g8j7ITFzCAyt1+avJtm59S4OWSAt0haKUwOoKKugZWaJitV
23YxWdgdVCp2VpvH0rRNf4iPNpGRAgm9swhOpMQ81mmIDACM+978b1bEpbQX2c3G
CFSHK6a+cwE4YZKlDQI9osuxuNtcQkZ7/+uHvIQkU0hrn/YCHENcvTi6Q7G7OFNn
rSnYDpDTIfGJLlUpWxFZSfUNjxYJB7ZtMiiSz5ZVKr83
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:31 2025 by rpki-client