Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/cYuIBO8Pm-Md3Naftwxr0aCdI2Q.roa
File: cYuIBO8Pm-Md3Naftwxr0aCdI2Q.roa (raw, json)
Hash identifier: aBTA1MeDv9fCqUnTq/q3d9HmhmLBYOQUiWzEJnxvAUE=
Subject key identifier: 71:8B:88:04:EF:0F:9B:E3:1D:DC:D6:9F:B7:0C:6B:D1:A0:9D:23:64
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018CC8DE34BD27EBEC4E3BD06FAD4C03F53C
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/cYuIBO8Pm-Md3Naftwxr0aCdI2Q.roa
Signing time: Tue 02 Jan 2024 06:30:54 +0000
ROA not before: Tue 02 Jan 2024 06:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 89.249.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:34:bd:27:eb:ec:4e:3b:d0:6f:ad:4c:03:f5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 2 06:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=718b8804ef0f9be31ddcd69fb70c6bd1a09d2364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6d:7a:d9:93:93:7c:37:d1:c5:74:1a:53:b2:
82:64:f7:65:83:be:77:70:fe:00:1d:c2:66:fb:be:
10:9a:7e:67:3d:ce:d1:61:ba:96:cc:1c:11:31:f6:
6a:4a:17:17:c3:3e:38:b5:48:cd:64:fd:b3:46:36:
19:9f:0e:8c:6f:b3:ad:f3:96:68:df:69:cd:50:08:
45:78:67:33:c6:85:2c:5a:7a:a7:36:a2:83:61:81:
8b:69:42:7f:c9:e5:60:5d:3c:c5:df:10:33:1c:e8:
1f:b7:c7:fc:4d:46:15:88:27:0d:e4:bd:02:4b:fb:
d0:3d:38:97:c1:eb:17:c2:92:fe:c1:8f:d8:24:85:
e8:c9:de:b6:20:c1:ba:56:35:06:03:e9:ee:41:32:
63:7b:bc:15:0d:7a:09:8e:e9:a3:c7:c6:f6:de:aa:
74:ee:f1:1d:bd:19:6b:a6:6b:57:f7:3d:f8:44:b3:
a5:49:cc:a9:d0:14:c8:81:04:ee:8d:28:fc:0c:f7:
10:10:81:ba:44:c2:45:07:f2:ba:7e:ad:77:fb:8b:
17:69:16:4a:e5:75:0a:c1:a1:41:a7:18:9d:af:5e:
dd:d0:5d:7e:91:b0:ac:74:d4:ad:e2:56:22:9f:d3:
4e:58:fe:6f:6e:96:d5:61:42:0f:b5:2c:13:10:2b:
3b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:8B:88:04:EF:0F:9B:E3:1D:DC:D6:9F:B7:0C:6B:D1:A0:9D:23:64
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/cYuIBO8Pm-Md3Naftwxr0aCdI2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.205.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:ba:75:ef:c6:98:ae:f1:2d:7a:a5:5d:0f:5e:42:d6:90:a0:
11:4e:93:15:45:69:a8:81:3c:a7:37:44:79:37:88:27:0e:b2:
cc:fd:b8:24:5d:4d:cf:cb:f1:72:b0:b4:74:25:89:f4:c9:c1:
32:6f:64:12:b7:c7:d4:ab:ac:fd:4a:ce:07:8e:7a:34:d0:6c:
58:c0:37:c7:9d:ae:05:8b:ea:c6:32:63:d3:74:a1:ee:af:e5:
21:af:b5:58:ff:3d:fc:ea:65:90:08:15:ce:58:05:0d:17:f6:
f9:62:2c:ef:60:21:35:65:ab:4b:ac:16:b9:76:0d:0d:60:2d:
9c:4b:f1:00:d0:e0:c8:17:22:58:27:f8:1a:2f:03:26:21:99:
33:65:72:2f:3c:52:11:1c:22:e4:01:1f:fd:8f:c8:91:82:a0:
e1:28:52:bc:d9:dd:28:cb:29:26:36:b0:59:9e:90:6e:e2:1b:
e6:39:37:d0:dc:24:16:18:e4:bd:14:c2:26:9c:68:11:36:05:
49:23:e3:97:c1:07:ab:4f:8f:fc:b3:0e:72:1c:b2:d1:90:2d:
9a:91:de:ee:b9:87:92:7f:70:15:dd:bf:9a:65:44:e3:1a:97:
2c:6e:c8:c9:f3:15:0c:86:43:10:14:1e:04:d7:e2:19:b6:86:
67:4e:c4:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3jS9J+vsTjvQb61MA/U8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTAyMDYzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MThiODgwNGVmMGY5YmUzMWRkY2Q2OWZiNzBjNmJkMWEwOWQyMzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArW162ZOTfDfRxXQaU7KCZPdlg753
cP4AHcJm+74Qmn5nPc7RYbqWzBwRMfZqShcXwz44tUjNZP2zRjYZnw6Mb7Ot85Zo
32nNUAhFeGczxoUsWnqnNqKDYYGLaUJ/yeVgXTzF3xAzHOgft8f8TUYViCcN5L0C
S/vQPTiXwesXwpL+wY/YJIXoyd62IMG6VjUGA+nuQTJje7wVDXoJjumjx8b23qp0
7vEdvRlrpmtX9z34RLOlScyp0BTIgQTujSj8DPcQEIG6RMJFB/K6fq13+4sXaRZK
5XUKwaFBpxidr17d0F1+kbCsdNSt4lYin9NOWP5vbpbVYUIPtSwTECs7FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHGLiATvD5vjHdzWn7cMa9GgnSNkMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvY1l1SUJPOFBtLU1kM05hZnR3eHIwYUNkSTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnNMA0G
CSqGSIb3DQEBCwUAA4IBAQAeunXvxpiu8S16pV0PXkLWkKARTpMVRWmogTynN0R5
N4gnDrLM/bgkXU3Py/FysLR0JYn0ycEyb2QSt8fUq6z9Ss4Hjno00GxYwDfHna4F
i+rGMmPTdKHur+Uhr7VY/z386mWQCBXOWAUNF/b5YizvYCE1ZatLrBa5dg0NYC2c
S/EA0ODIFyJYJ/gaLwMmIZkzZXIvPFIRHCLkAR/9j8iRgqDhKFK82d0oyykmNrBZ
npBu4hvmOTfQ3CQWGOS9FMImnGgRNgVJI+OXwQerT4/8sw5yHLLRkC2akd7uuYeS
f3AV3b+aZUTjGpcsbsjJ8xUMhkMQFB4E1+IZtoZnTsTq
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:56 2025 by rpki-client