Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/g176hYbC9loxWh0mBS8eAUe2-Lc.roa
File: g176hYbC9loxWh0mBS8eAUe2-Lc.roa (raw, json)
Hash identifier: WJTg9QfXGUkKJKqdzH+vgt4xBHEndusyeLKv6LJ7Tts=
Subject key identifier: 83:5E:FA:85:86:C2:F6:5A:31:5A:1D:26:05:2F:1E:01:47:B6:F8:B7
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D7DF43F9F7839EBCFD94C11031C7C78CD
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/g176hYbC9loxWh0mBS8eAUe2-Lc.roa
Signing time: Tue 06 Feb 2024 10:26:15 +0000
ROA not before: Tue 06 Feb 2024 10:26:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.201.0/24 maxlen: 24
89.249.203.0/24 maxlen: 24
185.21.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:f4:3f:9f:78:39:eb:cf:d9:4c:11:03:1c:7c:78:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Feb 6 10:26:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=835efa8586c2f65a315a1d26052f1e0147b6f8b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8f:2b:4c:4b:5d:57:44:05:5c:aa:04:57:e5:
02:ad:27:2f:f6:04:50:c6:c1:d9:53:13:dc:e8:fc:
9c:f2:56:ed:66:b3:71:f2:76:ae:d5:f8:30:fc:fb:
ef:1c:c0:6d:b5:66:ba:90:5a:a1:e5:f6:83:7a:1b:
79:1d:7b:f0:fb:82:e2:dc:19:eb:56:95:97:d8:28:
38:1c:a6:cb:d8:dd:20:a6:1c:00:e7:73:39:7d:87:
82:18:bf:df:d0:88:52:34:c7:0a:36:2d:9a:7b:0a:
b6:23:4d:5f:31:d0:e4:9c:4a:e2:39:ae:ae:43:e9:
06:b9:5b:0c:f1:bc:01:ef:62:82:dc:4f:f5:b5:19:
cf:53:da:9c:83:71:df:1f:5f:d6:60:9e:47:cf:83:
6b:64:e3:16:64:6d:0c:fa:45:db:ba:31:0b:41:2b:
68:80:db:c2:54:92:0b:fa:42:43:4b:63:1d:3a:79:
01:99:c5:d4:86:8b:a2:99:62:89:a7:1c:ec:04:01:
43:a3:6b:38:31:db:b3:e6:57:29:d1:c0:57:fb:3c:
fb:0a:4c:e8:2e:f0:12:ec:99:c5:5d:69:ab:f2:87:
8c:e2:52:b5:2f:d6:ba:be:03:43:73:9e:a9:67:9f:
7b:3f:7d:02:73:33:0d:50:e6:03:06:ec:14:93:16:
aa:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:5E:FA:85:86:C2:F6:5A:31:5A:1D:26:05:2F:1E:01:47:B6:F8:B7
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/g176hYbC9loxWh0mBS8eAUe2-Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.201.0/24
89.249.203.0/24
185.21.254.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:9e:31:c7:7c:d9:bf:27:e1:0a:1d:2f:b2:f2:fc:2e:94:4b:
70:7e:e5:7c:ee:29:cf:7d:90:b8:b1:a0:4a:24:d2:7b:eb:8b:
2c:39:bd:14:14:0d:38:cc:36:84:0b:87:1f:6d:4d:cf:99:85:
44:79:76:d4:d1:3d:b0:ad:f6:b5:f0:9b:c7:98:fb:11:16:c0:
8e:43:3b:e0:7b:d4:3a:6a:44:bd:c9:f4:73:1c:6f:4c:4b:5b:
88:87:1f:6f:d0:24:33:2e:95:a1:ad:a4:1e:7b:e0:0f:4a:80:
7e:2c:c8:66:26:b3:68:80:02:ba:21:2b:f6:42:14:b5:07:cd:
aa:3a:28:9d:89:f4:9b:2c:3f:1a:11:45:4c:9f:cd:17:ab:51:
b8:a8:71:d0:c9:2f:70:06:4c:9f:10:d8:d3:40:2c:02:e9:84:
8e:2c:d6:7e:c4:47:79:5b:7c:92:eb:78:88:c7:9e:7f:6a:40:
9c:38:0a:a1:f7:ed:69:e6:57:7d:59:38:3e:73:a2:8c:57:b7:
7a:07:ab:2b:b5:2c:7a:1d:ef:3d:39:28:00:42:8a:9e:ac:36:
db:0f:c0:f0:53:a6:53:52:a9:46:fc:ec:db:26:38:2e:eb:a9:
9a:6e:76:cd:84:ef:9d:51:8d:7b:40:15:9c:73:1b:2b:53:3b:
5b:56:02:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY199D+feDnrz9lMEQMcfHjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMjA2MTAyNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzVlZmE4NTg2YzJmNjVhMzE1YTFkMjYwNTJmMWUwMTQ3YjZmOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgI8rTEtdV0QFXKoEV+UCrScv9gRQ
xsHZUxPc6Pyc8lbtZrNx8nau1fgw/PvvHMBttWa6kFqh5faDeht5HXvw+4Li3Bnr
VpWX2Cg4HKbL2N0gphwA53M5fYeCGL/f0IhSNMcKNi2aewq2I01fMdDknEriOa6u
Q+kGuVsM8bwB72KC3E/1tRnPU9qcg3HfH1/WYJ5Hz4NrZOMWZG0M+kXbujELQSto
gNvCVJIL+kJDS2MdOnkBmcXUhouimWKJpxzsBAFDo2s4Mduz5lcp0cBX+zz7Ckzo
LvAS7JnFXWmr8oeM4lK1L9a6vgNDc56pZ597P30CczMNUOYDBuwUkxaqZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFINe+oWGwvZaMVodJgUvHgFHtvi3MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvZzE3NmhZYkM5bG94V2gwbUJTOGVBVWUyLUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfnJAwQA
WfnLAwQAuRX+MA0GCSqGSIb3DQEBCwUAA4IBAQBvnjHHfNm/J+EKHS+y8vwulEtw
fuV87inPfZC4saBKJNJ764ssOb0UFA04zDaEC4cfbU3PmYVEeXbU0T2wrfa18JvH
mPsRFsCOQzvge9Q6akS9yfRzHG9MS1uIhx9v0CQzLpWhraQee+APSoB+LMhmJrNo
gAK6ISv2QhS1B82qOiidifSbLD8aEUVMn80Xq1G4qHHQyS9wBkyfENjTQCwC6YSO
LNZ+xEd5W3yS63iIx55/akCcOAqh9+1p5ld9WTg+c6KMV7d6B6srtSx6He89OSgA
QoqerDbbD8DwU6ZTUqlG/OzbJjgu66mabnbNhO+dUY17QBWccxsrUztbVgIw
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:03 2025 by rpki-client