Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/yy8XXPBYm7p8FUZXCuRgPiVzyF8.roa
File: yy8XXPBYm7p8FUZXCuRgPiVzyF8.roa (raw, json)
Hash identifier: EiJtWGtxeLuq9J8SMBl8YcD2WuC+HNKTp7p+6nFot1g=
Subject key identifier: CB:2F:17:5C:F0:58:9B:BA:7C:15:46:57:0A:E4:60:3E:25:73:C8:5F
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0193534FAA475D48BF0929DD55CCA75016C0
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/yy8XXPBYm7p8FUZXCuRgPiVzyF8.roa
Signing time: Fri 22 Nov 2024 09:59:10 +0000
ROA not before: Fri 22 Nov 2024 09:59:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211975
IP address blocks: 89.249.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:4f:aa:47:5d:48:bf:09:29:dd:55:cc:a7:50:16:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Nov 22 09:59:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb2f175cf0589bba7c1546570ae4603e2573c85f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b6:aa:3f:29:62:f7:67:76:aa:a0:78:5d:67:
60:e7:d7:de:dd:2e:7b:83:a5:46:42:38:b0:32:3a:
82:77:32:a1:c7:b4:1b:4d:5b:95:a7:23:ca:63:2b:
dd:c4:3b:22:97:98:03:d8:01:87:7c:e5:04:cc:90:
4e:a0:e7:64:d8:be:88:95:c7:0c:ba:bd:b3:87:3a:
20:f9:38:f6:bc:f1:b8:76:40:a8:82:4b:5b:ad:65:
f9:82:c2:f3:32:ba:aa:7f:41:3e:21:ed:c6:0e:df:
fb:4e:e8:02:e4:71:ee:3f:25:45:1d:13:f6:dc:29:
cf:b0:de:f2:bb:08:c0:e3:dd:42:18:9a:32:89:46:
5e:7a:a8:18:f0:a4:ff:5b:7a:5f:ef:40:a9:15:7b:
50:13:ed:31:47:69:c4:bf:15:cf:d6:45:f1:0b:df:
2a:9e:34:4b:c0:aa:87:e0:9d:c8:db:ca:1c:75:a9:
83:21:cd:85:7a:b6:2a:b7:6d:9b:61:bd:f3:d7:d2:
4a:e7:52:73:5b:65:cd:46:13:dc:86:d2:e1:e9:6b:
21:bb:a9:34:ab:50:a7:d4:e0:49:42:c4:8f:de:fc:
ed:0d:b8:23:6a:e5:32:00:88:3a:eb:cf:9b:62:3a:
86:32:07:82:d1:4b:54:7e:c0:76:2a:5a:5c:f7:79:
6e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:2F:17:5C:F0:58:9B:BA:7C:15:46:57:0A:E4:60:3E:25:73:C8:5F
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/yy8XXPBYm7p8FUZXCuRgPiVzyF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.207.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:96:97:6e:a1:66:fe:33:41:0b:08:c6:40:2f:83:13:71:02:
df:af:66:41:26:3f:0a:45:82:c1:ee:e1:32:70:02:5b:b5:16:
86:b8:c6:40:91:b9:49:b3:f2:4a:4c:0d:23:e3:18:df:a7:d0:
80:b7:41:16:5a:06:79:71:34:85:3c:cc:ac:68:57:25:4d:bb:
d0:61:88:50:0f:7a:36:1d:21:2d:0a:6a:d3:1d:1f:8a:96:6d:
75:19:0c:f6:ed:7e:6d:66:b7:fa:c8:f8:da:e0:d6:bf:13:10:
07:fa:13:65:7a:4c:a4:11:7b:f5:2b:41:1e:65:58:9c:86:77:
ed:b2:6a:5a:59:d1:76:e4:f8:ad:94:f5:d8:5b:5a:fc:0d:80:
15:28:3c:08:8f:1e:13:e7:a2:ec:5f:2e:fe:c0:d7:5f:1a:ab:
51:df:b8:3a:98:c5:0f:b3:ce:bb:df:3d:ef:94:21:52:e2:14:
36:8c:19:c4:1f:c3:74:43:2b:1a:6b:fe:c0:64:8b:79:ba:3f:
87:9b:06:f0:6a:1d:51:32:1d:20:ed:30:29:27:0b:37:33:c8:
f9:c0:71:8e:08:68:86:31:f8:85:ab:6c:fc:2c:cf:16:2c:d9:
74:11:d4:ab:05:bc:23:92:68:7f:6a:3f:f2:c3:86:d7:9f:d0:
cd:ad:72:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNTT6pHXUi/CSndVcynUBbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMTIyMDk1OTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjJmMTc1Y2YwNTg5YmJhN2MxNTQ2NTcwYWU0NjAzZTI1NzNjODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7aqPyli92d2qqB4XWdg59fe3S57
g6VGQjiwMjqCdzKhx7QbTVuVpyPKYyvdxDsil5gD2AGHfOUEzJBOoOdk2L6IlccM
ur2zhzog+Tj2vPG4dkCogktbrWX5gsLzMrqqf0E+Ie3GDt/7TugC5HHuPyVFHRP2
3CnPsN7yuwjA491CGJoyiUZeeqgY8KT/W3pf70CpFXtQE+0xR2nEvxXP1kXxC98q
njRLwKqH4J3I28ocdamDIc2FerYqt22bYb3z19JK51JzW2XNRhPchtLh6Wshu6k0
q1Cn1OBJQsSP3vztDbgjauUyAIg668+bYjqGMgeC0UtUfsB2Klpc93luxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMsvF1zwWJu6fBVGVwrkYD4lc8hfMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEveXk4WFhQQlltN3A4RlVaWEN1UmdQaVZ6eUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnPMA0G
CSqGSIb3DQEBCwUAA4IBAQALlpduoWb+M0ELCMZAL4MTcQLfr2ZBJj8KRYLB7uEy
cAJbtRaGuMZAkblJs/JKTA0j4xjfp9CAt0EWWgZ5cTSFPMysaFclTbvQYYhQD3o2
HSEtCmrTHR+Klm11GQz27X5tZrf6yPja4Na/ExAH+hNlekykEXv1K0EeZVichnft
smpaWdF25PitlPXYW1r8DYAVKDwIjx4T56LsXy7+wNdfGqtR37g6mMUPs8673z3v
lCFS4hQ2jBnEH8N0Qysaa/7AZIt5uj+Hmwbwah1RMh0g7TApJws3M8j5wHGOCGiG
MfiFq2z8LM8WLNl0EdSrBbwjkmh/aj/yw4bXn9DNrXJi
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:33 2025 by rpki-client