Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/xnXLu4TTl-k0bDcn0B3_QvRlPxM.roa
File: xnXLu4TTl-k0bDcn0B3_QvRlPxM.roa (raw, json)
Hash identifier: rGNTKc27+H54Qjs8aIhGlP4+aHXvK89pH9bDh5l06nU=
Subject key identifier: C6:75:CB:BB:84:D3:97:E9:34:6C:37:27:D0:1D:FF:42:F4:65:3F:13
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0192471320A986A3BC60D6D90294445EC95D
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/xnXLu4TTl-k0bDcn0B3_QvRlPxM.roa
Signing time: Tue 01 Oct 2024 07:54:48 +0000
ROA not before: Tue 01 Oct 2024 07:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.206.0/23 maxlen: 24
185.21.254.0/24 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:47:13:20:a9:86:a3:bc:60:d6:d9:02:94:44:5e:c9:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Oct 1 07:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c675cbbb84d397e9346c3727d01dff42f4653f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:98:37:a6:f0:0d:8f:45:f3:83:7b:5a:10:a6:
33:5a:38:61:f0:d1:28:90:f7:a7:c7:ee:3e:58:63:
2f:94:34:d3:13:76:50:91:90:aa:b5:fa:dd:91:8b:
6e:22:50:71:63:0e:77:d1:e3:76:95:e7:0d:e6:de:
7e:cf:66:df:a3:bd:e8:98:33:e4:40:ee:44:95:0c:
a7:9c:55:95:52:79:9a:8e:af:e7:a6:83:36:56:b7:
05:0b:57:29:53:b9:84:c2:70:e9:31:a6:70:28:40:
f0:b4:8e:1a:4a:99:6e:35:67:0a:37:ed:4b:4c:05:
81:12:00:83:88:f7:f2:93:ab:4b:87:ca:49:e4:c2:
d3:01:fe:42:f8:e3:92:1f:35:80:a9:c9:d5:77:a8:
92:ee:d8:f2:06:b0:e2:1e:c9:c2:fa:8d:53:f9:2a:
86:76:40:23:ff:a1:8f:2a:01:95:f3:28:3c:a6:a7:
df:0e:90:29:19:ff:7b:a0:98:1e:ee:f0:e1:ae:83:
6a:dd:bb:b1:bf:54:a6:1c:93:a5:66:80:c2:95:a0:
1a:55:56:c7:ed:0e:a9:d2:b5:77:cf:93:df:0d:13:
32:25:b0:36:1b:f8:87:8a:f9:2e:a8:b3:97:d0:57:
0b:64:b4:1d:6b:37:7f:6a:1d:f6:99:26:e2:d2:cc:
7a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:75:CB:BB:84:D3:97:E9:34:6C:37:27:D0:1D:FF:42:F4:65:3F:13
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/xnXLu4TTl-k0bDcn0B3_QvRlPxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.206.0/23
185.21.254.0/24
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
de:b3:e5:4a:30:8a:1b:9f:ae:cc:dd:96:d3:2a:a1:24:83:a3:
37:db:5f:37:12:16:af:bb:28:14:f1:37:0a:b3:30:62:fd:37:
35:3d:24:dc:e6:69:b5:92:f7:72:15:82:62:49:31:f4:10:7c:
fb:31:42:42:9e:7f:a0:f1:e6:2d:ac:ec:0c:a0:0d:de:c3:2e:
7f:27:17:67:4d:70:43:2d:18:ea:88:6f:f5:ab:4e:66:90:6d:
4a:1a:25:6f:0e:12:03:d7:f3:a6:61:f5:b4:6c:a2:67:a3:11:
aa:60:50:32:dd:af:0f:09:97:21:77:7a:27:f0:7c:6c:44:9b:
c1:34:1d:20:2c:89:bd:72:66:c9:b3:0c:5b:04:9c:a0:f8:5c:
8d:85:e3:ab:85:13:a1:b6:b4:12:1b:c4:07:53:fc:96:94:b6:
cc:1a:00:a6:6a:6f:5a:87:8e:5a:d9:3b:c8:26:d9:dd:51:32:
ac:5b:e4:03:85:f9:44:84:10:b8:77:eb:d1:4f:91:59:6f:9a:
14:42:02:58:a0:64:ae:7f:22:d5:fa:72:71:0c:6b:2d:1f:f9:
8a:d5:a5:d7:06:9d:a5:14:f0:81:8e:5c:a2:55:97:52:45:c5:
29:81:3f:6b:73:ef:01:a8:02:d5:44:64:ff:52:eb:07:98:5b:
07:45:a5:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJHEyCphqO8YNbZApREXsldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMDAxMDc1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjc1Y2JiYjg0ZDM5N2U5MzQ2YzM3MjdkMDFkZmY0MmY0NjUzZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Zg3pvANj0Xzg3taEKYzWjhh8NEo
kPenx+4+WGMvlDTTE3ZQkZCqtfrdkYtuIlBxYw530eN2lecN5t5+z2bfo73omDPk
QO5ElQynnFWVUnmajq/npoM2VrcFC1cpU7mEwnDpMaZwKEDwtI4aSpluNWcKN+1L
TAWBEgCDiPfyk6tLh8pJ5MLTAf5C+OOSHzWAqcnVd6iS7tjyBrDiHsnC+o1T+SqG
dkAj/6GPKgGV8yg8pqffDpApGf97oJge7vDhroNq3buxv1SmHJOlZoDClaAaVVbH
7Q6p0rV3z5PfDRMyJbA2G/iHivkuqLOX0FcLZLQdazd/ah32mSbi0sx6yQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMZ1y7uE05fpNGw3J9Ad/0L0ZT8TMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEveG5YTHU0VFRsLWswYkRjbjBCM19RdlJsUHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDWfnAAwQB
WfnOAwQAuRX+AwQE1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQDes+VKMIobn67M3ZbT
KqEkg6M32183EhavuygU8TcKszBi/Tc1PSTc5mm1kvdyFYJiSTH0EHz7MUJCnn+g
8eYtrOwMoA3ewy5/JxdnTXBDLRjqiG/1q05mkG1KGiVvDhID1/OmYfW0bKJnoxGq
YFAy3a8PCZchd3on8HxsRJvBNB0gLIm9cmbJswxbBJyg+FyNheOrhROhtrQSG8QH
U/yWlLbMGgCmam9ah45a2TvIJtndUTKsW+QDhflEhBC4d+vRT5FZb5oUQgJYoGSu
fyLV+nJxDGstH/mK1aXXBp2lFPCBjlyiVZdSRcUpgT9rc+8BqALVRGT/UusHmFsH
RaV8
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:16 2025 by rpki-client