Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/o6jnnKOXGqF0MX7M5TOFMba1Hgk.roa
File: o6jnnKOXGqF0MX7M5TOFMba1Hgk.roa (raw, json)
Hash identifier: VShpfhC9aFQWka5VxRKfnB5FAw3BdEAFz53GQe5R8kw=
Subject key identifier: A3:A8:E7:9C:A3:97:1A:A1:74:31:7E:CC:E5:33:85:31:B6:B5:1E:09
Certificate issuer: /CN=b53005619688efbaffd06e108a43bdf20643e0d6
Certificate serial: 01936E5F7526C50B3727B2E550B302C65AD3
Authority key identifier: B5:30:05:61:96:88:EF:BA:FF:D0:6E:10:8A:43:BD:F2:06:43:E0:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTAFYZaI77r_0G4QikO98gZD4NY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/o6jnnKOXGqF0MX7M5TOFMba1Hgk.roa
Signing time: Wed 27 Nov 2024 16:06:09 +0000
ROA not before: Wed 27 Nov 2024 16:06:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39759
IP address blocks: 89.186.32.0/19 maxlen: 19
89.186.32.0/20 maxlen: 20
89.186.32.0/21 maxlen: 21
89.186.40.0/21 maxlen: 21
89.186.42.0/24 maxlen: 24
89.186.43.0/24 maxlen: 24
89.186.48.0/20 maxlen: 20
89.186.48.0/24 maxlen: 24
89.186.49.0/24 maxlen: 24
89.186.50.0/24 maxlen: 24
89.186.53.0/24 maxlen: 24
89.186.54.0/24 maxlen: 24
89.186.55.0/24 maxlen: 24
89.186.56.0/24 maxlen: 24
89.186.57.0/24 maxlen: 24
89.186.58.0/24 maxlen: 24
89.186.59.0/24 maxlen: 24
89.186.60.0/24 maxlen: 24
89.186.61.0/24 maxlen: 24
89.186.62.0/24 maxlen: 24
89.186.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:5f:75:26:c5:0b:37:27:b2:e5:50:b3:02:c6:5a:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b53005619688efbaffd06e108a43bdf20643e0d6
Validity
Not Before: Nov 27 16:06:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3a8e79ca3971aa174317ecce5338531b6b51e09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ac:19:85:d4:b8:96:11:66:27:43:40:03:2e:
1b:9e:e3:85:3f:82:7b:95:61:d8:f4:e9:50:4c:78:
59:5d:7a:1c:2f:bd:c2:1c:06:09:5f:ae:76:9b:19:
78:98:31:41:83:80:4d:4c:43:26:7c:33:9e:f5:bd:
d2:7d:b2:57:4d:cd:54:6e:2f:46:e3:b0:2a:5a:1e:
11:2b:9f:45:f3:bb:4f:81:be:c6:f9:b7:4f:05:f2:
11:d9:c5:79:d6:2e:8c:e7:19:32:13:18:b5:44:67:
bc:bf:5d:30:a4:a2:af:81:4c:9c:31:7a:8a:96:7e:
1b:26:f5:d5:b4:9f:ec:1c:89:9e:78:cf:74:f3:3b:
59:de:4d:2c:a2:7a:93:1b:ea:18:1d:d0:aa:29:26:
6a:46:d1:5c:bb:85:39:84:bf:f6:a7:d0:96:f5:1d:
e6:6a:0a:39:e0:49:c4:ab:05:d0:42:36:ad:93:12:
e2:b6:f0:06:b8:16:f4:60:e0:b7:cc:60:54:41:39:
ef:e8:25:b0:93:6a:76:b4:7c:32:40:69:58:65:70:
02:d3:25:d8:11:b6:8b:90:10:59:0b:9f:68:49:b3:
94:3e:da:3b:c2:b1:20:98:72:e7:f4:e7:fa:b1:fc:
79:06:51:e7:8a:36:39:4a:14:af:0f:15:96:46:59:
c0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A8:E7:9C:A3:97:1A:A1:74:31:7E:CC:E5:33:85:31:B6:B5:1E:09
X509v3 Authority Key Identifier:
keyid:B5:30:05:61:96:88:EF:BA:FF:D0:6E:10:8A:43:BD:F2:06:43:E0:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTAFYZaI77r_0G4QikO98gZD4NY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/o6jnnKOXGqF0MX7M5TOFMba1Hgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/995fbd-91fb-43bb-8f26-cd4bd44275c5/1/tTAFYZaI77r_0G4QikO98gZD4NY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.186.32.0/19
Signature Algorithm: sha256WithRSAEncryption
53:6f:04:d1:97:fa:df:ba:f3:98:b9:a2:a4:fe:dc:df:9b:0e:
f4:e9:64:63:95:6e:b0:5f:e8:3d:2c:d9:76:66:3c:53:1f:3f:
6e:4f:21:90:0c:ed:3b:6a:ad:fd:a9:3c:32:ec:21:c4:42:fe:
0e:20:75:62:64:0a:c0:72:24:b9:23:1b:84:24:55:b2:33:71:
22:62:9a:b3:17:eb:d9:f3:25:a7:63:65:06:6d:02:58:1f:a9:
f6:5e:4b:69:19:f2:14:95:19:9f:19:bb:a5:58:33:0c:e6:9d:
14:19:9a:fe:24:2a:c5:19:6b:8b:08:18:bf:7b:7c:52:a1:f6:
33:6c:ff:62:d8:21:16:71:69:40:2b:14:6f:95:3f:f2:15:2a:
7f:78:ad:c1:5f:74:25:77:1e:3d:ba:99:ef:47:dc:bd:79:e7:
5a:d8:33:7a:4f:cc:f3:6b:bf:88:29:04:0d:18:f5:9c:c8:ac:
4c:6d:cb:ad:37:41:62:25:4a:60:43:00:47:49:79:05:b5:9e:
8c:40:8d:b4:4d:c8:a1:b1:f5:f4:ab:74:bb:8b:89:4e:90:69:
6f:f0:16:d0:84:e2:5d:b2:de:70:12:db:86:56:bc:35:15:d0:
6c:74:ac:d8:1e:ee:f5:18:21:32:b6:2b:7a:75:52:8d:b2:d1:
3d:e2:d7:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNuX3UmxQs3J7LlULMCxlrTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzAwNTYxOTY4OGVmYmFmZmQwNmUxMDhhNDNiZGYyMDY0
M2UwZDYwHhcNMjQxMTI3MTYwNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2E4ZTc5Y2EzOTcxYWExNzQzMTdlY2NlNTMzODUzMWI2YjUxZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5awZhdS4lhFmJ0NAAy4bnuOFP4J7
lWHY9OlQTHhZXXocL73CHAYJX652mxl4mDFBg4BNTEMmfDOe9b3SfbJXTc1Ubi9G
47AqWh4RK59F87tPgb7G+bdPBfIR2cV51i6M5xkyExi1RGe8v10wpKKvgUycMXqK
ln4bJvXVtJ/sHImeeM908ztZ3k0sonqTG+oYHdCqKSZqRtFcu4U5hL/2p9CW9R3m
ago54EnEqwXQQjatkxLitvAGuBb0YOC3zGBUQTnv6CWwk2p2tHwyQGlYZXAC0yXY
EbaLkBBZC59oSbOUPto7wrEgmHLn9Of6sfx5BlHnijY5ShSvDxWWRlnAvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOo55yjlxqhdDF+zOUzhTG2tR4JMB8GA1UdIwQY
MBaAFLUwBWGWiO+6/9BuEIpDvfIGQ+DWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRBRllaYUk3N3JfMEc0UWlrTzk4Z1pENE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy85OTVmYmQtOTFmYi00M2JiLThmMjYt
Y2Q0YmQ0NDI3NWM1LzEvbzZqbm5LT1hHcUYwTVg3TTVUT0ZNYmExSGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy85OTVmYmQtOTFmYi00M2JiLThmMjYtY2Q0YmQ0NDI3NWM1
LzEvdFRBRllaYUk3N3JfMEc0UWlrTzk4Z1pENE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFWbogMA0G
CSqGSIb3DQEBCwUAA4IBAQBTbwTRl/rfuvOYuaKk/tzfmw706WRjlW6wX+g9LNl2
ZjxTHz9uTyGQDO07aq39qTwy7CHEQv4OIHViZArAciS5IxuEJFWyM3EiYpqzF+vZ
8yWnY2UGbQJYH6n2XktpGfIUlRmfGbulWDMM5p0UGZr+JCrFGWuLCBi/e3xSofYz
bP9i2CEWcWlAKxRvlT/yFSp/eK3BX3Qldx49upnvR9y9eeda2DN6T8zza7+IKQQN
GPWcyKxMbcutN0FiJUpgQwBHSXkFtZ6MQI20TcihsfX0q3S7i4lOkGlv8BbQhOJd
st5wEtuGVrw1FdBsdKzYHu71GCEytit6dVKNstE94tcy
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:03:42 2025 by rpki-client