Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ihR49JKhgcHTzjH18t0vmt7d2FM.roa
File: ihR49JKhgcHTzjH18t0vmt7d2FM.roa (raw, json)
Hash identifier: vIARpPhrcVgZugbrXpAk4FrOyXJxbpsgHiDDF7OGXeQ=
Subject key identifier: 8A:14:78:F4:92:A1:81:C1:D3:CE:31:F5:F2:DD:2F:9A:DE:DD:D8:53
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0193817FB329432A2F9E52F31FF60FCA1E45
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ihR49JKhgcHTzjH18t0vmt7d2FM.roa
Signing time: Sun 01 Dec 2024 09:14:10 +0000
ROA not before: Sun 01 Dec 2024 09:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.206.0/23 maxlen: 24
185.21.254.0/24 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:81:7f:b3:29:43:2a:2f:9e:52:f3:1f:f6:0f:ca:1e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Dec 1 09:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a1478f492a181c1d3ce31f5f2dd2f9adeddd853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:4c:4d:56:bc:ab:ed:0e:d2:6c:70:ae:de:d4:
80:4a:14:50:81:a7:e2:6b:19:14:07:0f:a4:c5:f6:
e7:af:13:fc:42:be:6a:83:4f:92:61:b9:99:ed:74:
f3:7f:5d:ee:8d:0a:5e:95:82:df:62:e3:99:4a:90:
d9:fd:f9:25:cc:6d:1d:9a:36:ad:7f:7c:b2:08:66:
01:e0:82:1e:f2:c4:2e:3f:d7:78:fa:7c:12:dc:9d:
5d:8b:b7:e4:a4:51:6b:73:c6:8e:82:83:26:30:bc:
80:b0:a7:5b:99:65:6a:26:7b:ce:07:92:94:f1:dd:
c4:29:56:fe:25:db:59:1d:a7:96:59:bb:af:d9:29:
eb:1b:1c:66:1f:d8:dd:34:5c:e1:f8:e8:f3:07:ed:
26:55:66:14:08:28:38:9b:35:fa:f2:72:93:87:b8:
36:05:93:ac:1e:27:93:e3:92:5e:ad:98:9d:a7:bb:
0c:04:6e:73:0e:97:62:cf:46:ca:97:e2:a6:fc:94:
9b:a6:65:98:76:98:d2:00:19:0d:09:ea:bc:93:22:
67:5c:bb:aa:d5:97:7b:52:56:8e:03:b8:25:de:b2:
13:11:1c:a6:b2:ab:06:88:c5:68:d0:cd:74:4a:65:
d4:17:d7:c0:50:2a:c3:f4:02:27:21:68:34:b3:3a:
46:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:14:78:F4:92:A1:81:C1:D3:CE:31:F5:F2:DD:2F:9A:DE:DD:D8:53
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ihR49JKhgcHTzjH18t0vmt7d2FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.206.0/23
185.21.254.0/24
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
80:24:b7:da:88:59:28:ad:50:9d:cd:b7:39:bf:91:1f:f6:6d:
f7:17:7b:ee:37:43:93:bb:4e:cf:2a:3c:49:07:52:ff:bd:c3:
f5:01:89:70:6c:0c:db:3e:67:18:bf:ec:07:43:35:f5:9d:9a:
b7:92:fa:70:25:60:48:a3:b1:a9:ff:e8:61:8c:7d:c3:36:15:
a8:f6:2e:ee:b6:23:f0:af:4f:be:1f:d1:eb:45:31:84:56:c3:
66:d1:44:92:a5:aa:6b:11:d4:00:06:40:fc:47:9a:a6:88:2e:
3a:d7:85:ba:ed:35:72:c2:a1:9e:ae:f7:6b:e5:99:88:18:09:
db:14:be:2a:aa:67:9f:c1:f1:be:f7:b9:12:14:d2:60:6b:28:
c0:a6:24:70:23:d4:81:e8:3e:34:80:2a:35:97:a3:d4:26:9c:
62:be:a8:06:40:4f:0d:4a:5c:ac:3d:f6:b2:46:7f:e1:81:a1:
98:eb:a0:37:c8:d7:7d:dd:5d:10:d8:02:fa:e9:9a:92:21:c7:
97:3a:3f:73:9d:4f:24:4a:27:cd:2f:31:6a:57:ea:41:11:6c:
23:09:c4:2c:b5:09:ea:dd:7d:b3:93:31:aa:9d:37:d0:7b:3d:
94:71:e5:ed:28:d7:a4:bf:21:1e:de:5e:35:8f:db:0a:9c:d1:
61:06:9e:fe
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZOBf7MpQyovnlLzH/YPyh5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMjAxMDkxNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE0NzhmNDkyYTE4MWMxZDNjZTMxZjVmMmRkMmY5YWRlZGRkODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50xNVryr7Q7SbHCu3tSAShRQgafi
axkUBw+kxfbnrxP8Qr5qg0+SYbmZ7XTzf13ujQpelYLfYuOZSpDZ/fklzG0dmjat
f3yyCGYB4IIe8sQuP9d4+nwS3J1di7fkpFFrc8aOgoMmMLyAsKdbmWVqJnvOB5KU
8d3EKVb+JdtZHaeWWbuv2SnrGxxmH9jdNFzh+OjzB+0mVWYUCCg4mzX68nKTh7g2
BZOsHieT45JerZidp7sMBG5zDpdiz0bKl+Km/JSbpmWYdpjSABkNCeq8kyJnXLuq
1Zd7UlaOA7gl3rITERymsqsGiMVo0M10SmXUF9fAUCrD9AInIWg0szpGOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIoUePSSoYHB084x9fLdL5re3dhTMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvaWhSNDlKS2hnY0hUempIMTh0MHZtdDdkMkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDWfnAAwQB
WfnOAwQAuRX+AwQE1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQCAJLfaiFkorVCdzbc5
v5Ef9m33F3vuN0OTu07PKjxJB1L/vcP1AYlwbAzbPmcYv+wHQzX1nZq3kvpwJWBI
o7Gp/+hhjH3DNhWo9i7utiPwr0++H9HrRTGEVsNm0USSpaprEdQABkD8R5qmiC46
14W67TVywqGervdr5ZmIGAnbFL4qqmefwfG+97kSFNJgayjApiRwI9SB6D40gCo1
l6PUJpxivqgGQE8NSlysPfayRn/hgaGY66A3yNd93V0Q2AL66ZqSIceXOj9znU8k
SifNLzFqV+pBEWwjCcQstQnq3X2zkzGqnTfQez2UceXtKNekvyEe3l41j9sKnNFh
Bp7+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:59 2025 by rpki-client