Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/TRtQyNK3sHkuXSWRykdDUsKHX-0.roa
File: TRtQyNK3sHkuXSWRykdDUsKHX-0.roa (raw, json)
Hash identifier: Ymbce1rZjBQEPiPIIWUev4IdvBorXsu5mWWVqpho3v4=
Subject key identifier: 4D:1B:50:C8:D2:B7:B0:79:2E:5D:25:91:CA:47:43:52:C2:87:5F:ED
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0191EF7A333CAAE0B2CA10625A75C78F0CB0
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/TRtQyNK3sHkuXSWRykdDUsKHX-0.roa
Signing time: Sat 14 Sep 2024 07:40:48 +0000
ROA not before: Sat 14 Sep 2024 07:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ef:7a:33:3c:aa:e0:b2:ca:10:62:5a:75:c7:8f:0c:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Sep 14 07:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d1b50c8d2b7b0792e5d2591ca474352c2875fed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:05:23:fb:bf:f8:27:c2:9a:02:ac:7d:a4:64:
bc:8b:67:76:9a:c9:6c:47:a0:3c:00:82:f7:36:3c:
39:9b:97:04:75:c9:57:54:8a:b3:fd:ca:23:94:9e:
52:e5:0a:e4:f8:52:e6:64:68:cf:ae:57:3f:5f:89:
f6:e2:2f:98:d5:b3:5e:30:21:ae:c1:f1:f0:00:ea:
54:ed:3a:84:58:46:a7:5e:63:c1:5a:e2:1a:83:5d:
4c:53:23:ab:cf:7e:9f:e6:f9:82:62:7e:85:5c:5d:
0b:72:43:d4:87:c1:f6:5c:80:2f:02:99:83:47:64:
d3:cb:de:52:bd:26:88:0e:0d:4e:d1:cd:37:ef:74:
81:13:5f:de:cb:0b:bf:36:a7:43:b3:87:09:8f:7f:
40:96:cd:e5:6a:ff:b0:9a:66:0f:80:74:1c:ed:fe:
0e:40:18:2e:4b:a3:2a:32:29:28:5e:ba:b5:2e:63:
3f:f9:53:68:47:7d:d2:ef:87:03:63:63:55:b3:51:
1e:41:b6:f7:49:92:7f:fa:f3:18:66:de:3f:11:8b:
6d:6d:9c:a3:35:f7:55:bf:f9:e9:70:41:df:95:71:
31:39:c3:6f:5e:50:06:fb:91:b1:fc:3d:c3:f9:b8:
ad:b8:66:d5:fa:ba:78:c7:f8:2c:b2:e0:2f:04:41:
a4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:1B:50:C8:D2:B7:B0:79:2E:5D:25:91:CA:47:43:52:C2:87:5F:ED
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/TRtQyNK3sHkuXSWRykdDUsKHX-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
5d:b2:31:8d:a7:5a:88:25:c2:3a:4f:9f:82:b9:22:a5:ab:8b:
dc:07:d7:a9:2a:b9:c9:1c:ef:87:24:7d:0e:4c:66:d9:c1:10:
5d:e8:02:f9:15:83:40:ac:b7:a2:76:42:d8:80:7a:2e:4a:cb:
58:84:85:9b:b8:8d:94:fd:26:da:ad:d5:2a:63:37:dc:7d:e6:
32:33:c6:0e:5f:99:b6:6b:09:b8:58:2b:f6:bb:2d:34:f3:c4:
54:f0:e2:64:17:cd:18:46:89:21:e2:d1:e5:3e:6f:16:63:a0:
55:34:c1:31:3d:8c:5f:3b:ce:a6:45:56:28:42:40:48:19:24:
2b:1f:ad:1b:f5:55:5e:b3:0a:ff:80:e6:61:15:3d:f1:97:44:
9a:0a:49:64:ce:94:83:0a:f8:58:63:1c:05:d5:9b:96:03:50:
db:05:81:64:e2:ed:bf:42:fc:7a:f6:01:15:c7:58:d1:39:6f:
6d:fb:6d:17:4c:78:67:1e:e9:6b:d9:5b:cf:de:d0:aa:9d:0e:
7a:df:83:44:89:b7:4a:ca:03:c0:10:bc:6e:ff:06:4c:4e:a6:
54:a7:16:9c:cb:cc:2a:6e:74:0a:8a:3e:88:49:de:33:45:c4:
bb:2a:65:79:2a:9b:8b:4b:68:e1:e3:7c:0f:ab:21:59:57:92:
5a:4e:ee:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHvejM8quCyyhBiWnXHjwywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwOTE0MDc0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDFiNTBjOGQyYjdiMDc5MmU1ZDI1OTFjYTQ3NDM1MmMyODc1ZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQUj+7/4J8KaAqx9pGS8i2d2msls
R6A8AIL3Njw5m5cEdclXVIqz/cojlJ5S5Qrk+FLmZGjPrlc/X4n24i+Y1bNeMCGu
wfHwAOpU7TqEWEanXmPBWuIag11MUyOrz36f5vmCYn6FXF0LckPUh8H2XIAvApmD
R2TTy95SvSaIDg1O0c0373SBE1/eywu/NqdDs4cJj39Als3lav+wmmYPgHQc7f4O
QBguS6MqMikoXrq1LmM/+VNoR33S74cDY2NVs1EeQbb3SZJ/+vMYZt4/EYttbZyj
NfdVv/npcEHflXExOcNvXlAG+5Gx/D3D+bituGbV+rp4x/gssuAvBEGkhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE0bUMjSt7B5Ll0lkcpHQ1LCh1/tMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvVFJ0UXlOSzNzSGt1WFNXUnlrZERVc0tIWC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWfnAAwQB
WfnOAwQE1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQBdsjGNp1qIJcI6T5+CuSKlq4vc
B9epKrnJHO+HJH0OTGbZwRBd6AL5FYNArLeidkLYgHouSstYhIWbuI2U/SbardUq
YzfcfeYyM8YOX5m2awm4WCv2uy0088RU8OJkF80YRokh4tHlPm8WY6BVNMExPYxf
O86mRVYoQkBIGSQrH60b9VVeswr/gOZhFT3xl0SaCklkzpSDCvhYYxwF1ZuWA1Db
BYFk4u2/Qvx69gEVx1jROW9t+20XTHhnHulr2VvP3tCqnQ5634NEibdKygPAELxu
/wZMTqZUpxacy8wqbnQKij6ISd4zRcS7KmV5KpuLS2jh43wPqyFZV5JaTu6A
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:57 2025 by rpki-client