Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/jGZYefHQq6Y8AYOONDYy88E4Br4.roa
File: jGZYefHQq6Y8AYOONDYy88E4Br4.roa (raw, json)
Hash identifier: Lj1s749dWrjqbrH19DnvzoDKF8WIdVLB6NuaVG1iEu8=
Subject key identifier: 8C:66:58:79:F1:D0:AB:A6:3C:01:83:8E:34:36:32:F3:C1:38:06:BE
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018F258FA85857E6A403994574AF6CEEBCFA
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/jGZYefHQq6Y8AYOONDYy88E4Br4.roa
Signing time: Sun 28 Apr 2024 16:35:22 +0000
ROA not before: Sun 28 Apr 2024 16:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.249.201.0/24 maxlen: 24
89.249.204.0/24 maxlen: 24
89.249.206.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:25:8f:a8:58:57:e6:a4:03:99:45:74:af:6c:ee:bc:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Apr 28 16:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c665879f1d0aba63c01838e343632f3c13806be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2b:62:6a:6b:bd:8b:3a:d5:bb:56:e4:bf:12:
68:8f:47:b8:30:a5:56:00:e7:7b:64:d8:28:a6:5b:
01:0c:9a:a3:15:d7:1d:c1:19:33:17:ea:be:5f:fc:
44:75:54:7f:52:56:df:5b:83:5c:54:2a:27:7c:cc:
d1:22:2a:58:f8:3b:ea:e0:3a:94:01:8f:42:a6:a4:
4b:85:1e:d3:3c:c3:4a:58:20:bc:1d:2c:99:ae:d1:
89:b6:5f:8b:7c:e2:95:b1:f8:93:20:d0:cd:3a:2d:
da:b1:b1:79:c4:76:6a:78:42:f5:77:2c:4a:14:d9:
6b:6d:56:2a:c8:a5:c6:3b:d6:7b:28:8b:04:26:c0:
0b:ab:f7:55:9d:f7:ae:2d:78:a3:58:36:2c:f7:d2:
3d:9e:2a:5b:39:9d:6a:30:73:99:8a:34:ed:25:66:
6b:93:89:f3:7b:51:cd:08:db:1a:a4:bc:e2:53:dd:
57:a2:36:f6:d2:e7:1d:ae:37:30:c9:47:ac:cd:61:
de:ed:2e:f5:b9:b1:69:6d:22:0d:f1:a6:49:4f:63:
71:05:b7:72:cd:12:53:e4:51:b3:85:af:bb:4b:4e:
7f:f8:75:fe:3a:f6:05:0e:f6:c8:4e:b0:f2:4f:14:
3c:7c:f2:4f:c4:31:9e:c8:56:90:e7:0b:89:de:08:
16:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:66:58:79:F1:D0:AB:A6:3C:01:83:8E:34:36:32:F3:C1:38:06:BE
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/jGZYefHQq6Y8AYOONDYy88E4Br4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.201.0/24
89.249.204.0/24
89.249.206.0/23
Signature Algorithm: sha256WithRSAEncryption
01:35:34:45:58:90:97:9c:4f:b4:f4:28:85:c3:57:f0:49:2a:
f6:72:d5:90:c3:46:40:ae:4b:1f:e5:37:91:4f:e1:6e:af:95:
43:5b:1d:c8:fe:92:c3:38:44:f2:00:ac:64:3b:2b:73:a1:2c:
65:fc:ed:96:d9:38:d9:fd:83:b7:3a:9d:b8:ae:2a:ad:b9:6c:
85:4d:9c:2b:9f:eb:d2:af:c1:2c:e8:4b:2c:27:80:57:59:7e:
aa:50:4d:2a:4f:da:00:85:5f:11:ed:20:c9:5a:ff:51:f4:8b:
3d:51:c3:49:4c:26:08:83:df:1d:e4:89:d8:a9:ae:da:76:ce:
a5:fc:d4:c6:30:b9:8c:98:d0:79:03:ad:83:1c:cc:ea:0d:25:
e0:7f:d2:22:8a:04:b2:0b:90:e8:e6:05:4e:29:be:6c:4a:91:
ab:31:9a:6b:e9:03:ca:95:a7:b2:04:28:5f:dd:32:d5:1a:c1:
fb:0d:31:c1:69:6e:bf:96:1d:5f:b1:f0:a5:cc:c1:1e:00:a9:
64:df:d7:b2:ed:de:ed:0f:99:49:d0:b7:68:60:d5:85:b3:ca:
f4:c4:54:90:81:ee:24:4a:ae:58:e6:ab:ca:c1:e6:a3:99:6b:
30:6d:c4:1c:a1:be:18:a1:17:61:ff:77:02:75:a4:ff:ea:f9:
43:9c:a9:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8lj6hYV+akA5lFdK9s7rz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNDI4MTYzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzY2NTg3OWYxZDBhYmE2M2MwMTgzOGUzNDM2MzJmM2MxMzgwNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkitiamu9izrVu1bkvxJoj0e4MKVW
AOd7ZNgoplsBDJqjFdcdwRkzF+q+X/xEdVR/UlbfW4NcVConfMzRIipY+Dvq4DqU
AY9CpqRLhR7TPMNKWCC8HSyZrtGJtl+LfOKVsfiTINDNOi3asbF5xHZqeEL1dyxK
FNlrbVYqyKXGO9Z7KIsEJsALq/dVnfeuLXijWDYs99I9nipbOZ1qMHOZijTtJWZr
k4nze1HNCNsapLziU91Xojb20ucdrjcwyUeszWHe7S71ubFpbSIN8aZJT2NxBbdy
zRJT5FGzha+7S05/+HX+OvYFDvbITrDyTxQ8fPJPxDGeyFaQ5wuJ3ggWWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIxmWHnx0KumPAGDjjQ2MvPBOAa+MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvakdaWWVmSFFxNlk4QVlPT05EWXk4OEU0QnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfnJAwQA
WfnMAwQBWfnOMA0GCSqGSIb3DQEBCwUAA4IBAQABNTRFWJCXnE+09CiFw1fwSSr2
ctWQw0ZArksf5TeRT+Fur5VDWx3I/pLDOETyAKxkOytzoSxl/O2W2TjZ/YO3Op24
riqtuWyFTZwrn+vSr8Es6EssJ4BXWX6qUE0qT9oAhV8R7SDJWv9R9Is9UcNJTCYI
g98d5InYqa7ads6l/NTGMLmMmNB5A62DHMzqDSXgf9IiigSyC5Do5gVOKb5sSpGr
MZpr6QPKlaeyBChf3TLVGsH7DTHBaW6/lh1fsfClzMEeAKlk39ey7d7tD5lJ0Ldo
YNWFs8r0xFSQge4kSq5Y5qvKweajmWswbcQcob4YoRdh/3cCdaT/6vlDnKkP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:39 2025 by rpki-client