Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/XSB5ZXVIR43mArLmAS_GJzAGa_o.roa
File: XSB5ZXVIR43mArLmAS_GJzAGa_o.roa (raw, json)
Hash identifier: l9qE+zNj0SIPyDT3pkEsEVSR93g0Fd5ZG9RzPSKiulA=
Subject key identifier: 5D:20:79:65:75:48:47:8D:E6:02:B2:E6:01:2F:C6:27:30:06:6B:FA
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018BD4620D1D4F5B6E84DED8E5F5CEED6D0F
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/XSB5ZXVIR43mArLmAS_GJzAGa_o.roa
Signing time: Wed 15 Nov 2023 19:07:57 +0000
ROA not before: Wed 15 Nov 2023 19:07:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.249.202.0/24 maxlen: 24
89.249.206.0/24 maxlen: 24
185.21.254.0/24 maxlen: 24
89.249.204.0/24 maxlen: 24
89.249.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d4:62:0d:1d:4f:5b:6e:84:de:d8:e5:f5:ce:ed:6d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Nov 15 19:07:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d2079657548478de602b2e6012fc62730066bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:02:99:c1:8b:28:86:9e:66:44:03:ac:4f:a8:
43:07:5f:d4:e1:89:62:8d:66:c5:84:df:45:0e:34:
47:fc:5f:20:d7:5d:83:58:38:c6:66:62:ca:ab:01:
03:f6:77:17:95:5a:e9:82:50:a3:2b:b4:77:b8:49:
21:06:94:2f:e7:e6:e8:e5:19:dc:ee:40:8f:4b:52:
b8:6e:5b:fc:8d:8e:60:02:66:fa:4b:8c:73:2e:61:
08:51:b4:ac:31:37:7c:9c:2b:2e:f3:c9:e2:be:3d:
f9:55:05:51:9b:d4:ad:99:ee:9f:27:d9:17:b6:d7:
f5:58:cf:6d:aa:b2:d0:d7:b4:5e:34:95:80:bd:8a:
54:ef:f6:88:8b:06:c4:c5:42:10:ba:86:dd:06:3a:
4a:57:a5:ea:0d:57:dd:48:f8:42:a0:b1:6a:9c:0e:
48:c7:dd:38:e5:02:38:86:ea:2b:3b:6c:f6:75:c0:
e1:41:77:4f:d7:fd:5c:12:5d:ce:19:fe:2e:29:58:
3e:2c:7f:eb:f6:2f:58:e2:0d:19:f3:f5:03:ea:56:
9d:f5:19:07:61:ba:1f:16:67:c3:8a:45:d5:1c:9d:
b1:d8:ac:6c:ff:00:27:75:64:39:17:94:de:9a:94:
41:9a:32:8b:23:0b:c6:e6:35:fa:92:33:cc:69:28:
94:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:20:79:65:75:48:47:8D:E6:02:B2:E6:01:2F:C6:27:30:06:6B:FA
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/XSB5ZXVIR43mArLmAS_GJzAGa_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.202.0/24
89.249.204.0/24
89.249.206.0/23
185.21.254.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:f2:c5:ec:70:0a:30:e4:f3:a6:16:d0:a8:4a:08:ec:ef:d1:
07:4a:3f:30:2d:bc:d2:9f:22:a3:b6:18:7c:15:0e:94:36:d1:
bf:00:fb:58:b2:4b:6e:da:ae:20:f7:c1:55:68:2f:8a:9e:75:
9c:f8:51:67:f9:68:a9:41:97:bd:a3:dd:30:9b:ef:52:00:7b:
2c:21:5e:ca:37:44:a0:f6:9d:b5:a7:91:d5:5a:83:6e:c2:80:
94:7a:d0:2a:c5:b8:36:b6:d4:80:f3:36:ac:bf:bc:6b:18:ab:
e9:3b:2a:09:5e:62:c3:e5:8c:bc:e5:3b:b6:02:5d:d4:35:b5:
57:6a:90:36:93:01:40:ae:a3:d5:60:b6:0d:5f:6a:9e:26:43:
72:f6:73:97:6d:b5:c2:1b:4e:49:fe:6f:35:7b:4f:33:bb:ca:
7b:ac:8a:4f:c6:77:d6:ee:6e:97:b4:65:e9:4d:a5:df:5e:a7:
98:79:a5:72:94:5a:7e:b4:db:79:56:25:ed:a2:0e:c6:99:c7:
c0:f5:fa:58:8a:6c:71:82:c5:a3:88:47:1b:11:a8:5c:eb:00:
e3:7a:3a:65:f5:e1:fa:22:e1:d0:7d:d8:d3:5a:e7:d0:8c:34:
72:c5:72:ad:00:83:a5:dd:c3:50:7e:97:dc:e6:f5:c9:73:be:
e0:ad:a7:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvUYg0dT1tuhN7Y5fXO7W0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMxMTE1MTkwNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDIwNzk2NTc1NDg0NzhkZTYwMmIyZTYwMTJmYzYyNzMwMDY2YmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgKZwYsohp5mRAOsT6hDB1/U4Yli
jWbFhN9FDjRH/F8g112DWDjGZmLKqwED9ncXlVrpglCjK7R3uEkhBpQv5+bo5Rnc
7kCPS1K4blv8jY5gAmb6S4xzLmEIUbSsMTd8nCsu88nivj35VQVRm9Stme6fJ9kX
ttf1WM9tqrLQ17ReNJWAvYpU7/aIiwbExUIQuobdBjpKV6XqDVfdSPhCoLFqnA5I
x9045QI4huorO2z2dcDhQXdP1/1cEl3OGf4uKVg+LH/r9i9Y4g0Z8/UD6lad9RkH
YbofFmfDikXVHJ2x2Kxs/wAndWQ5F5TempRBmjKLIwvG5jX6kjPMaSiUvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF0geWV1SEeN5gKy5gEvxicwBmv6MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvWFNCNVpYVklSNDNtQXJMbUFTX0dKekFHYV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWfnKAwQA
WfnMAwQBWfnOAwQAuRX+MA0GCSqGSIb3DQEBCwUAA4IBAQAu8sXscAow5POmFtCo
Sgjs79EHSj8wLbzSnyKjthh8FQ6UNtG/APtYsktu2q4g98FVaC+KnnWc+FFn+Wip
QZe9o90wm+9SAHssIV7KN0Sg9p21p5HVWoNuwoCUetAqxbg2ttSA8zasv7xrGKvp
OyoJXmLD5Yy85Tu2Al3UNbVXapA2kwFArqPVYLYNX2qeJkNy9nOXbbXCG05J/m81
e08zu8p7rIpPxnfW7m6XtGXpTaXfXqeYeaVylFp+tNt5ViXtog7GmcfA9fpYimxx
gsWjiEcbEahc6wDjejpl9eH6IuHQfdjTWufQjDRyxXKtAIOl3cNQfpfc5vXJc77g
rad1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:09 2025 by rpki-client