Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Ljn8F8uqrgIdpgyvg7hmI6X2_KM.roa
File: Ljn8F8uqrgIdpgyvg7hmI6X2_KM.roa (raw, json)
Hash identifier: IdH+jTfciDYLllnyF8/z1Z/ZbpJyN8tHlbfeNlmXN50=
Subject key identifier: 2E:39:FC:17:CB:AA:AE:02:1D:A6:0C:AF:83:B8:66:23:A5:F6:FC:A3
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0193534FA9A369912B588109298A91C5D1F5
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Ljn8F8uqrgIdpgyvg7hmI6X2_KM.roa
Signing time: Fri 22 Nov 2024 09:59:09 +0000
ROA not before: Fri 22 Nov 2024 09:59:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.206.0/23 maxlen: 24
185.21.255.0/24 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:4f:a9:a3:69:91:2b:58:81:09:29:8a:91:c5:d1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Nov 22 09:59:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e39fc17cbaaae021da60caf83b86623a5f6fca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e1:f6:32:a3:3a:49:52:dc:55:7d:a8:39:2f:
54:b8:36:08:16:25:86:61:ac:4b:37:ce:b7:be:f5:
a1:80:d6:be:6c:a0:b5:ce:3c:63:2a:f1:d2:0d:d3:
92:b2:f8:f6:0a:9e:9f:ba:d5:94:d9:b8:0d:bb:8c:
3e:a1:36:b8:da:e0:21:27:14:36:fa:84:5f:c8:ef:
8d:1b:d3:f5:53:b7:6d:b8:c7:15:ad:1c:9d:2a:33:
68:23:d4:18:c3:2e:a7:70:83:65:cc:cc:23:8e:24:
43:e1:c7:0c:de:ae:f6:7c:12:5d:b9:9b:4e:b1:e4:
b4:c0:10:fa:ce:39:67:8c:cc:9b:34:38:92:9e:a0:
62:ac:9f:35:a7:ab:06:27:f1:ff:95:3a:ac:5b:50:
32:6c:9c:1f:04:91:f6:72:03:a2:a0:b9:f9:be:46:
85:b0:ab:44:3c:20:b1:15:5c:eb:38:ef:aa:10:10:
06:bf:c6:8e:7d:8d:21:5b:9d:d4:ac:58:c7:f8:ae:
43:03:a8:ac:29:30:4c:7e:6e:51:9b:f8:52:83:12:
8e:f2:ac:1d:e2:b1:1d:e6:5c:3a:9a:47:cd:be:72:
7f:ef:48:e3:f3:70:1d:3a:cc:1c:78:e5:d4:c3:3e:
40:7c:25:00:b0:2d:c6:97:7c:27:a9:94:38:f7:b3:
ee:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:39:FC:17:CB:AA:AE:02:1D:A6:0C:AF:83:B8:66:23:A5:F6:FC:A3
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Ljn8F8uqrgIdpgyvg7hmI6X2_KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.206.0/23
185.21.255.0/24
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:22:4f:7c:48:e9:4a:49:d5:24:2c:2c:f0:74:9e:ac:cc:3b:
68:fb:8f:07:38:c2:c8:c2:ce:31:9a:bb:75:96:73:ff:55:8e:
23:2c:96:a1:9d:86:b6:6e:41:c9:57:45:31:1b:59:8e:c6:fc:
2f:a7:21:75:89:0e:6f:22:9f:2d:1c:ae:52:ca:1f:91:17:62:
f8:6b:72:a2:57:40:6d:7e:1b:86:04:30:5b:07:97:3d:ea:04:
d5:d0:9c:32:62:1c:a4:4d:ae:91:28:ef:d8:63:82:56:83:28:
8c:4e:58:0d:77:19:99:b2:cb:c8:3b:e0:fd:95:50:5e:33:13:
e0:37:a4:7b:bd:55:31:ae:15:6e:7d:a2:8a:8c:85:db:41:55:
a8:55:91:69:23:bf:8f:1b:ed:e0:76:7d:6d:10:78:7a:f1:df:
88:f6:13:15:96:3a:ed:42:7d:3a:ad:e8:67:22:e9:59:eb:a2:
61:bd:a6:63:ad:d8:33:33:e6:77:89:b4:09:d4:f9:01:4a:89:
24:07:ba:51:e4:3e:ac:07:a4:76:1b:e0:a2:df:0f:d7:56:8c:
1f:e8:b7:9d:e9:50:4d:6a:51:51:d5:dd:38:39:61:df:18:83:
9b:94:a7:ba:28:6f:84:cf:e7:23:02:d1:c8:38:f3:30:7a:1d:
d0:44:3c:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZNTT6mjaZErWIEJKYqRxdH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMTIyMDk1OTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTM5ZmMxN2NiYWFhZTAyMWRhNjBjYWY4M2I4NjYyM2E1ZjZmY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+H2MqM6SVLcVX2oOS9UuDYIFiWG
YaxLN863vvWhgNa+bKC1zjxjKvHSDdOSsvj2Cp6futWU2bgNu4w+oTa42uAhJxQ2
+oRfyO+NG9P1U7dtuMcVrRydKjNoI9QYwy6ncINlzMwjjiRD4ccM3q72fBJduZtO
seS0wBD6zjlnjMybNDiSnqBirJ81p6sGJ/H/lTqsW1AybJwfBJH2cgOioLn5vkaF
sKtEPCCxFVzrOO+qEBAGv8aOfY0hW53UrFjH+K5DA6isKTBMfm5Rm/hSgxKO8qwd
4rEd5lw6mkfNvnJ/70jj83AdOswceOXUwz5AfCUAsC3Gl3wnqZQ497PuTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC45/BfLqq4CHaYMr4O4ZiOl9vyjMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvTGpuOEY4dXFyZ0lkcGd5dmc3aG1JNlgyX0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDWfnAAwQB
WfnOAwQAuRX/AwQE1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQA9Ik98SOlKSdUkLCzw
dJ6szDto+48HOMLIws4xmrt1lnP/VY4jLJahnYa2bkHJV0UxG1mOxvwvpyF1iQ5v
Ip8tHK5Syh+RF2L4a3KiV0BtfhuGBDBbB5c96gTV0JwyYhykTa6RKO/YY4JWgyiM
TlgNdxmZssvIO+D9lVBeMxPgN6R7vVUxrhVufaKKjIXbQVWoVZFpI7+PG+3gdn1t
EHh68d+I9hMVljrtQn06rehnIulZ66JhvaZjrdgzM+Z3ibQJ1PkBSokkB7pR5D6s
B6R2G+Ci3w/XVowf6Led6VBNalFR1d04OWHfGIOblKe6KG+Ez+cjAtHIOPMweh3Q
RDyY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:57 2025 by rpki-client