Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Oe9AANPIXmYacTHPqvAXkiIjA88.roa
File: Oe9AANPIXmYacTHPqvAXkiIjA88.roa (raw, json)
Hash identifier: UvelTNNc3/1zIvu9LDcXeE0TwA+sAAbbX8GLSnb7CKE=
Subject key identifier: 39:EF:40:00:D3:C8:5E:66:1A:71:31:CF:AA:F0:17:92:22:23:03:CF
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018B6B48D09244481A9B43DF2FABBCAD37D8
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Oe9AANPIXmYacTHPqvAXkiIjA88.roa
Signing time: Thu 26 Oct 2023 09:20:15 +0000
ROA not before: Thu 26 Oct 2023 09:20:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.249.206.0/24 maxlen: 24
89.249.200.0/24 maxlen: 24
89.249.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:48:d0:92:44:48:1a:9b:43:df:2f:ab:bc:ad:37:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Oct 26 09:20:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39ef4000d3c85e661a7131cfaaf01792222303cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3e:55:a7:7b:43:f9:cf:63:05:6d:9c:68:05:
22:5c:9c:8e:9d:c2:41:b1:0c:10:2f:e5:67:66:b0:
f4:a9:6e:55:cd:b7:f6:0a:34:e7:a2:9e:ed:90:25:
49:87:dc:54:15:00:ef:f2:6a:46:de:1a:71:08:66:
f5:9c:52:6a:6f:c4:b2:76:08:72:bd:1c:67:dd:5b:
fa:53:1d:f8:de:b0:b9:cc:61:3d:05:2f:6f:b8:59:
1b:6e:87:14:bb:94:9e:17:fc:bf:72:16:4e:2d:a9:
e9:96:b6:9f:0d:6d:06:76:0a:e7:82:dc:ae:99:08:
2b:28:9e:64:d1:8b:d8:29:c8:f1:18:32:3a:b4:9d:
41:5c:de:44:02:e5:68:87:a3:0c:89:98:d0:7c:b3:
53:c5:e7:8a:5d:80:55:95:bd:3f:cd:94:a6:22:0b:
50:00:ae:8f:a5:44:86:55:87:9c:5d:ce:d4:97:d9:
28:8e:69:e2:84:2d:cd:cf:45:05:47:f5:cc:12:04:
ed:14:ce:66:67:8b:ea:99:17:84:1e:11:09:42:38:
1f:3b:7c:ca:43:d0:8c:0a:05:b6:1e:fa:73:a7:de:
92:71:c9:81:5e:a3:e2:6e:1d:a8:97:c4:6e:b2:9f:
2f:2b:c6:11:36:b2:42:f8:10:6d:4a:cb:c0:65:4f:
9e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:EF:40:00:D3:C8:5E:66:1A:71:31:CF:AA:F0:17:92:22:23:03:CF
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Oe9AANPIXmYacTHPqvAXkiIjA88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.200.0/24
89.249.206.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:f6:56:50:2b:06:7a:38:62:c2:6c:11:8c:33:a4:78:01:61:
29:19:91:b4:06:fc:2a:11:65:d0:29:47:ae:1d:94:8f:56:e8:
dd:49:7d:2f:d5:3a:dd:81:b3:09:dc:77:12:ab:14:55:33:ac:
e0:33:9d:41:80:5c:20:87:89:c6:72:59:5b:45:21:6d:90:4d:
10:96:43:d2:6f:01:4c:c4:38:6f:80:1d:e3:b5:f5:0c:62:f1:
a2:28:93:3d:ce:53:a9:41:df:fe:d2:65:90:8a:28:61:7a:42:
0f:ab:6b:d6:54:72:35:11:68:e6:ee:1b:70:ad:dd:da:69:c8:
1b:9c:23:85:42:ec:20:94:63:d4:fd:a3:09:62:79:64:6d:03:
97:35:72:0f:f5:3a:07:72:17:a3:88:78:c3:79:67:cb:a4:ac:
76:37:8f:e7:2c:7b:23:cb:d2:76:cc:4e:39:f7:a3:38:13:d9:
6c:cc:db:4d:ef:63:d2:a1:0e:04:e1:9a:f8:99:71:6a:72:ae:
39:4a:9a:1f:bd:80:f5:d7:7c:4f:c8:15:4a:d4:79:b4:ff:9f:
bd:ba:79:70:d9:52:5e:e1:d1:62:dc:7b:d5:30:20:7c:09:fb:
c0:63:e6:75:a1:de:a3:33:05:b5:fe:30:76:f7:64:b5:23:8d:
5c:6d:75:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtrSNCSREgam0PfL6u8rTfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMxMDI2MDkyMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWVmNDAwMGQzYzg1ZTY2MWE3MTMxY2ZhYWYwMTc5MjIyMjMwM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3T5Vp3tD+c9jBW2caAUiXJyOncJB
sQwQL+VnZrD0qW5Vzbf2CjTnop7tkCVJh9xUFQDv8mpG3hpxCGb1nFJqb8Sydghy
vRxn3Vv6Ux343rC5zGE9BS9vuFkbbocUu5SeF/y/chZOLanplrafDW0Gdgrngtyu
mQgrKJ5k0YvYKcjxGDI6tJ1BXN5EAuVoh6MMiZjQfLNTxeeKXYBVlb0/zZSmIgtQ
AK6PpUSGVYecXc7Ul9kojmnihC3Nz0UFR/XMEgTtFM5mZ4vqmReEHhEJQjgfO3zK
Q9CMCgW2Hvpzp96SccmBXqPibh2ol8Rusp8vK8YRNrJC+BBtSsvAZU+epQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDnvQADTyF5mGnExz6rwF5IiIwPPMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvT2U5QUFOUElYbVlhY1RIUHF2QVhraUlqQTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfnIAwQB
WfnOMA0GCSqGSIb3DQEBCwUAA4IBAQB89lZQKwZ6OGLCbBGMM6R4AWEpGZG0Bvwq
EWXQKUeuHZSPVujdSX0v1TrdgbMJ3HcSqxRVM6zgM51BgFwgh4nGcllbRSFtkE0Q
lkPSbwFMxDhvgB3jtfUMYvGiKJM9zlOpQd/+0mWQiihhekIPq2vWVHI1EWjm7htw
rd3aacgbnCOFQuwglGPU/aMJYnlkbQOXNXIP9ToHchejiHjDeWfLpKx2N4/nLHsj
y9J2zE4596M4E9lszNtN72PSoQ4E4Zr4mXFqcq45SpofvYD113xPyBVK1Hm0/5+9
unlw2VJe4dFi3HvVMCB8CfvAY+Z1od6jMwW1/jB292S1I41cbXXE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:54 2025 by rpki-client