Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/xz-uO7194D2Ranxiwa_ZWKJf5NI.roa
File: xz-uO7194D2Ranxiwa_ZWKJf5NI.roa (raw, json)
Hash identifier: 2cmElx9gXpDTItIAb6iEZM2eZVtOHUAea8BM0RWoiwc=
Subject key identifier: C7:3F:AE:3B:BD:7D:E0:3D:91:6A:7C:62:C1:AF:D9:58:A2:5F:E4:D2
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01905F4CF9D9C91591CE1BB0024B5385CA3E
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/xz-uO7194D2Ranxiwa_ZWKJf5NI.roa
Signing time: Fri 28 Jun 2024 14:43:18 +0000
ROA not before: Fri 28 Jun 2024 14:43:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.204.0/24 maxlen: 24
89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5f:4c:f9:d9:c9:15:91:ce:1b:b0:02:4b:53:85:ca:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jun 28 14:43:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c73fae3bbd7de03d916a7c62c1afd958a25fe4d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:01:50:ff:a2:8f:8f:0a:d0:22:38:04:e7:2e:
3f:39:83:2f:29:ef:14:5c:0e:7b:91:6f:82:54:30:
9e:c9:4a:41:bb:f8:24:23:c6:a7:93:11:56:1e:5f:
11:4e:b4:b4:0e:84:1d:da:4b:34:4f:fa:dd:9f:d1:
26:9b:ec:2d:01:5e:a5:e1:d3:90:d1:40:ad:c6:b9:
e1:33:91:d8:32:79:48:52:5e:a5:f4:4b:51:68:95:
2f:b8:41:77:ec:1e:f3:29:2b:fd:32:87:fe:0c:d2:
5b:90:3c:f8:64:12:5d:f7:ba:83:23:3f:1b:79:56:
c6:99:c9:65:9d:cc:23:f8:98:88:ec:28:e8:54:ac:
46:cb:52:c8:92:bf:77:f6:e9:80:c7:d4:8f:80:c4:
ca:11:60:df:2d:f7:bb:83:59:a8:fe:78:e8:49:ee:
d2:51:9a:1e:7e:d1:a8:f9:69:5f:2e:e1:a6:b6:51:
21:82:52:e7:fa:f8:ee:77:ab:f7:18:5a:8b:5d:f1:
97:d4:d6:81:c0:fd:3a:42:99:e2:b0:d5:eb:72:0c:
5a:78:54:e0:6d:91:50:e2:59:9e:a4:a3:e7:00:52:
5e:fe:57:fe:da:19:87:f4:0f:c2:8b:cf:0e:90:70:
7c:a4:87:a9:3e:83:ce:33:6d:9b:fb:99:32:35:21:
ef:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3F:AE:3B:BD:7D:E0:3D:91:6A:7C:62:C1:AF:D9:58:A2:5F:E4:D2
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/xz-uO7194D2Ranxiwa_ZWKJf5NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.204.0/24
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:70:01:8e:55:44:47:43:44:8c:eb:c5:60:53:68:ff:03:e5:
77:8e:f8:6e:a6:dc:18:15:87:04:68:7d:e7:74:10:2b:54:a4:
e7:59:e6:5f:f5:3f:d4:2e:0e:d1:fb:cc:61:cb:c9:db:7d:64:
d9:34:4d:26:ac:60:52:78:e1:be:29:84:6a:eb:59:2c:26:e6:
23:f5:5b:b6:98:ca:4a:34:2c:9e:78:da:60:61:9f:03:ea:6b:
4f:42:ec:d0:45:b9:c7:00:63:48:76:95:1a:3a:52:6b:74:a7:
04:4d:73:b1:1e:c2:27:d4:d8:e7:a9:c3:38:46:be:05:74:c7:
fb:d3:e4:6a:26:e6:d3:ea:45:b8:0a:62:05:2a:0e:15:02:ba:
b9:41:05:71:a7:88:aa:04:a7:dc:8d:e1:ce:2f:86:25:98:bc:
a6:7c:9a:91:ab:d5:b0:2a:1b:9c:fe:4c:0a:f5:3b:a6:d7:3b:
1d:57:fa:2f:7e:3d:88:14:5f:e8:af:d1:5a:1a:61:e3:73:02:
b2:a8:80:45:d3:bc:e5:8e:94:56:f4:25:c3:89:35:4e:72:4f:
18:3d:42:1c:df:db:13:d8:9c:74:fa:aa:f8:07:ac:08:bc:73:
8f:94:f2:36:ca:b9:e6:d9:bb:04:ee:3c:36:da:d4:0a:07:9e:
47:17:86:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBfTPnZyRWRzhuwAktThco+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNjI4MTQ0MzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzNmYWUzYmJkN2RlMDNkOTE2YTdjNjJjMWFmZDk1OGEyNWZlNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwFQ/6KPjwrQIjgE5y4/OYMvKe8U
XA57kW+CVDCeyUpBu/gkI8ankxFWHl8RTrS0DoQd2ks0T/rdn9Emm+wtAV6l4dOQ
0UCtxrnhM5HYMnlIUl6l9EtRaJUvuEF37B7zKSv9Mof+DNJbkDz4ZBJd97qDIz8b
eVbGmcllncwj+JiI7CjoVKxGy1LIkr939umAx9SPgMTKEWDfLfe7g1mo/njoSe7S
UZoeftGo+WlfLuGmtlEhglLn+vjud6v3GFqLXfGX1NaBwP06QpnisNXrcgxaeFTg
bZFQ4lmepKPnAFJe/lf+2hmH9A/Ci88OkHB8pIepPoPOM22b+5kyNSHvSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMc/rju9feA9kWp8YsGv2ViiX+TSMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEveHotdU83MTk0RDJSYW54aXdhX1pXS0pmNU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfnMAwQB
WfnOAwQE1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQB/cAGOVURHQ0SM68VgU2j/A+V3
jvhuptwYFYcEaH3ndBArVKTnWeZf9T/ULg7R+8xhy8nbfWTZNE0mrGBSeOG+KYRq
61ksJuYj9Vu2mMpKNCyeeNpgYZ8D6mtPQuzQRbnHAGNIdpUaOlJrdKcETXOxHsIn
1NjnqcM4Rr4FdMf70+RqJubT6kW4CmIFKg4VArq5QQVxp4iqBKfcjeHOL4YlmLym
fJqRq9WwKhuc/kwK9Tum1zsdV/ovfj2IFF/or9FaGmHjcwKyqIBF07zljpRW9CXD
iTVOck8YPUIc39sT2Jx0+qr4B6wIvHOPlPI2yrnm2bsE7jw22tQKB55HF4Zx
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:10 2025 by rpki-client