Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/hbaY4Cvgpl8_OprKO1bnuby69JA.roa
File: hbaY4Cvgpl8_OprKO1bnuby69JA.roa (raw, json)
Hash identifier: /hO48/08seaOlhF8z4/Rid2bFV/J/T25X6blMSmBtpA=
Subject key identifier: 85:B6:98:E0:2B:E0:A6:5F:3F:3A:9A:CA:3B:56:E7:B9:BC:BA:F4:90
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D29598FB96B9B78497151695926985AF9
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/hbaY4Cvgpl8_OprKO1bnuby69JA.roa
Signing time: Sun 21 Jan 2024 00:09:11 +0000
ROA not before: Sun 21 Jan 2024 00:09:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.200.0/23 maxlen: 24
185.21.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:29:59:8f:b9:6b:9b:78:49:71:51:69:59:26:98:5a:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 21 00:09:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85b698e02be0a65f3f3a9aca3b56e7b9bcbaf490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c9:b2:46:9e:2a:ad:67:45:86:d4:02:ce:d5:
bf:6a:26:4f:2b:d1:30:70:aa:cd:12:69:2f:f7:97:
26:07:bc:d8:78:3d:d4:e5:27:69:f8:ec:af:a7:30:
b5:61:ea:91:90:f2:b7:5e:50:55:47:a8:7b:22:1a:
61:7e:d4:f8:9e:d0:6d:a8:f4:9b:bb:b5:23:2d:75:
72:67:e7:22:b4:85:44:b4:68:2f:60:92:ea:5f:b3:
f4:73:48:82:39:ab:aa:98:1b:5d:9a:67:a3:e9:65:
dc:79:bc:20:22:dc:d0:fc:23:f7:5e:4b:99:5f:31:
d5:81:b4:31:e9:dc:8d:f5:d9:f9:28:97:63:d0:3f:
f4:cb:af:0c:d3:98:f7:f5:c6:32:c0:d9:21:8e:8d:
ae:e7:92:db:3c:91:59:92:ff:37:e2:f2:d6:d2:b8:
d1:f6:92:0d:15:d9:cb:d6:4d:9b:b5:46:aa:0b:f0:
7a:4d:7c:25:18:c0:c9:7d:c4:cc:f1:a3:d4:2a:4e:
4d:9f:44:08:5c:5a:d2:2d:17:a3:ef:7d:14:9f:6f:
a9:be:9a:d0:ed:ce:f5:4a:62:a7:25:4a:ca:8d:73:
3a:96:0e:5d:23:71:2b:ae:9b:4b:52:c5:98:37:d5:
d6:09:80:af:41:20:e8:68:a2:2a:db:25:3a:70:c4:
e3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B6:98:E0:2B:E0:A6:5F:3F:3A:9A:CA:3B:56:E7:B9:BC:BA:F4:90
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/hbaY4Cvgpl8_OprKO1bnuby69JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0-89.249.201.255
185.21.252.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:b1:a4:f6:25:be:9e:d5:22:71:0f:bd:dc:56:ac:aa:13:08:
86:be:73:3c:85:a5:b1:66:f2:f3:0a:fd:d0:67:82:04:ae:73:
b7:ed:a5:da:dd:40:ee:24:ea:c6:3d:9c:f7:24:56:a7:18:90:
57:40:2a:e1:a0:ad:1d:e0:a4:cf:4c:49:a6:81:a1:78:33:e3:
6c:ec:22:7b:95:27:b6:5d:08:56:a6:20:f4:84:35:64:ae:7e:
f4:87:0d:cc:70:4d:11:2d:cf:b7:dc:bd:cd:7c:89:82:7c:98:
cd:ae:ff:ee:34:f0:2f:3f:9a:a0:c0:3b:c9:0d:4a:c9:e2:a3:
d4:cc:54:4d:f7:9b:90:45:77:19:e7:ca:ad:cb:d2:b6:90:52:
e2:6d:63:d3:67:8d:8a:4a:ff:08:47:36:db:b1:3c:8c:7b:1b:
d0:28:b0:fb:87:fd:dc:5b:c9:47:e1:e5:55:2c:c0:4b:11:17:
f2:86:7c:43:f3:c5:a1:7b:af:1a:e6:e4:1c:ad:b6:d4:d9:84:
44:3a:14:3e:f7:ab:66:85:bf:ca:f3:4a:a2:33:a0:92:7b:25:
b0:7f:6c:fa:a1:fb:dc:40:9b:33:98:e3:ea:bf:e1:3a:0f:9e:
90:b5:50:86:da:92:8f:15:ef:f6:d8:9c:5d:4a:93:66:a0:9f:
42:98:a6:1a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY0pWY+5a5t4SXFRaVkmmFr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTIxMDAwOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI2OThlMDJiZTBhNjVmM2YzYTlhY2EzYjU2ZTdiOWJjYmFmNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38myRp4qrWdFhtQCztW/aiZPK9Ew
cKrNEmkv95cmB7zYeD3U5Sdp+OyvpzC1YeqRkPK3XlBVR6h7IhphftT4ntBtqPSb
u7UjLXVyZ+citIVEtGgvYJLqX7P0c0iCOauqmBtdmmej6WXcebwgItzQ/CP3XkuZ
XzHVgbQx6dyN9dn5KJdj0D/0y68M05j39cYywNkhjo2u55LbPJFZkv834vLW0rjR
9pINFdnL1k2btUaqC/B6TXwlGMDJfcTM8aPUKk5Nn0QIXFrSLRej730Un2+pvprQ
7c71SmKnJUrKjXM6lg5dI3ErrptLUsWYN9XWCYCvQSDoaKIq2yU6cMTj4QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIW2mOAr4KZfPzqayjtW57m8uvSQMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvaGJhWTRDdmdwbDhfT3ByS08xYm51Ynk2OUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAZZ+cAD
BAFZ+cgDBAC5FfwwDQYJKoZIhvcNAQELBQADggEBAF6xpPYlvp7VInEPvdxWrKoT
CIa+czyFpbFm8vMK/dBnggSuc7ftpdrdQO4k6sY9nPckVqcYkFdAKuGgrR3gpM9M
SaaBoXgz42zsInuVJ7ZdCFamIPSENWSufvSHDcxwTREtz7fcvc18iYJ8mM2u/+40
8C8/mqDAO8kNSsnio9TMVE33m5BFdxnnyq3L0raQUuJtY9NnjYpK/whHNtuxPIx7
G9AosPuH/dxbyUfh5VUswEsRF/KGfEPzxaF7rxrm5BytttTZhEQ6FD73q2aFv8rz
SqIzoJJ7JbB/bPqh+9xAmzOY4+q/4ToPnpC1UIbako8V7/bYnF1Kk2agn0KYpho=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:05 2025 by rpki-client