Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/X7-6cO9oyvjKfyFwOYMR8pFQlhk.roa
File: X7-6cO9oyvjKfyFwOYMR8pFQlhk.roa (raw, json)
Hash identifier: /CnBGq4Bqi4n1rKXbc10+yWHQweE0Axacr1Ihcw153w=
Subject key identifier: 5F:BF:BA:70:EF:68:CA:F8:CA:7F:21:70:39:83:11:F2:91:50:96:19
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018FE039AE431884AD5803F3E8EC1FDD1408
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/X7-6cO9oyvjKfyFwOYMR8pFQlhk.roa
Signing time: Mon 03 Jun 2024 22:30:27 +0000
ROA not before: Mon 03 Jun 2024 22:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.206.0/23 maxlen: 24
212.42.208.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e0:39:ae:43:18:84:ad:58:03:f3:e8:ec:1f:dd:14:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jun 3 22:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fbfba70ef68caf8ca7f2170398311f291509619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:65:cd:a1:75:ac:98:ac:cb:75:4f:64:50:26:
5e:21:25:23:57:04:84:2f:86:6b:fa:8e:9d:bc:2c:
49:87:02:7b:4f:3d:cb:88:35:e6:14:05:c0:63:55:
b1:a2:95:19:e3:5f:af:a9:64:5d:2b:83:35:07:55:
d4:0d:e3:d7:aa:73:5d:00:1d:49:0b:6c:6c:d2:5b:
ce:b2:64:3b:64:19:2c:41:e6:f8:92:6b:a9:7b:6e:
32:a9:1f:9a:9c:30:c1:2c:33:c4:9c:a5:24:67:28:
00:f3:82:07:6c:9b:6c:54:f6:d3:a8:e0:13:dd:93:
db:31:64:a5:19:92:dc:94:7b:af:bc:b8:95:78:d4:
6e:e2:f0:5f:76:05:f0:71:97:7b:8e:59:a2:c2:c5:
2b:36:35:80:2f:0b:c0:8e:3d:b2:ec:0e:b7:32:5a:
1f:a2:37:95:c1:21:39:c5:e6:16:c5:f8:39:c2:1c:
af:77:25:0b:95:84:4a:c4:f7:d4:c3:79:90:b6:48:
91:e8:7a:1f:b1:ab:e5:4a:58:31:30:5a:31:51:f4:
4e:16:92:89:9e:3f:b0:3f:5b:61:a7:b4:ff:12:e7:
8c:01:ef:ac:17:df:ec:74:a9:fb:c9:43:69:3f:cf:
8b:c7:5f:f4:d0:8e:e7:3b:78:a9:53:fb:82:67:68:
14:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:BF:BA:70:EF:68:CA:F8:CA:7F:21:70:39:83:11:F2:91:50:96:19
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/X7-6cO9oyvjKfyFwOYMR8pFQlhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.206.0/23
212.42.208.0/20
Signature Algorithm: sha256WithRSAEncryption
25:ba:bd:c7:c0:0e:30:45:80:bd:ff:eb:91:e8:14:e9:41:1a:
e4:a6:aa:81:4f:35:2c:27:0c:18:d9:53:8a:de:fe:12:02:c8:
2e:d1:b0:e2:62:5a:06:f6:fc:b9:61:ac:9e:f9:fb:72:fc:35:
f7:bb:12:f0:8c:a0:8a:47:23:4b:e9:8f:56:7b:9f:67:bc:70:
88:80:93:3f:ea:31:24:c1:10:f0:a5:c4:02:2b:87:0c:f2:63:
28:8e:5e:e7:e7:eb:af:a9:ef:11:f3:f9:90:87:83:f2:3c:85:
26:57:27:2c:05:93:6e:b1:6e:1b:eb:e3:6d:ef:0b:9d:ba:eb:
3e:ae:a5:a1:a9:9d:9b:91:84:1a:46:f1:24:5d:3b:5d:07:05:
66:06:a5:d1:82:4e:4f:ce:c6:99:81:bf:b4:88:c8:9d:c6:06:
3a:cc:03:8f:13:31:0a:53:bc:8d:9d:b3:25:27:d8:00:61:80:
33:28:f4:33:9d:cd:d2:51:96:b9:be:61:3b:45:95:6f:46:61:
7a:53:3a:3b:80:c6:2c:c9:36:7b:4d:75:30:b3:47:2c:0b:95:
40:26:1b:42:6a:95:ad:3a:0d:32:7b:61:8e:82:09:82:da:c5:
a1:d5:df:04:d7:a9:f8:5b:a0:1b:1c:7c:63:52:15:59:c4:4e:
de:e7:3a:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/gOa5DGIStWAPz6Owf3RQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNjAzMjIzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmJmYmE3MGVmNjhjYWY4Y2E3ZjIxNzAzOTgzMTFmMjkxNTA5NjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2XNoXWsmKzLdU9kUCZeISUjVwSE
L4Zr+o6dvCxJhwJ7Tz3LiDXmFAXAY1WxopUZ41+vqWRdK4M1B1XUDePXqnNdAB1J
C2xs0lvOsmQ7ZBksQeb4kmupe24yqR+anDDBLDPEnKUkZygA84IHbJtsVPbTqOAT
3ZPbMWSlGZLclHuvvLiVeNRu4vBfdgXwcZd7jlmiwsUrNjWALwvAjj2y7A63Mlof
ojeVwSE5xeYWxfg5whyvdyULlYRKxPfUw3mQtkiR6HofsavlSlgxMFoxUfROFpKJ
nj+wP1thp7T/EueMAe+sF9/sdKn7yUNpP8+Lx1/00I7nO3ipU/uCZ2gUNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF+/unDvaMr4yn8hcDmDEfKRUJYZMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvWDctNmNPOW95dmpLZnlGd09ZTVI4cEZRbGhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWfnOAwQE
1CrQMA0GCSqGSIb3DQEBCwUAA4IBAQAlur3HwA4wRYC9/+uR6BTpQRrkpqqBTzUs
JwwY2VOK3v4SAsgu0bDiYloG9vy5Yaye+fty/DX3uxLwjKCKRyNL6Y9We59nvHCI
gJM/6jEkwRDwpcQCK4cM8mMojl7n5+uvqe8R8/mQh4PyPIUmVycsBZNusW4b6+Nt
7wuduus+rqWhqZ2bkYQaRvEkXTtdBwVmBqXRgk5PzsaZgb+0iMidxgY6zAOPEzEK
U7yNnbMlJ9gAYYAzKPQznc3SUZa5vmE7RZVvRmF6Uzo7gMYsyTZ7TXUws0csC5VA
JhtCapWtOg0ye2GOggmC2sWh1d8E16n4W6AbHHxjUhVZxE7e5zp5
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:16 2025 by rpki-client