Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/o3E4tuCzrJrGsji5NuASGDB-HXs.roa
File: o3E4tuCzrJrGsji5NuASGDB-HXs.roa (raw, json)
Hash identifier: bSAUmFEcCz0OQZhQLj9JhVCVTIH61k4i+3xl0JyI4Fw=
Subject key identifier: A3:71:38:B6:E0:B3:AC:9A:C6:B2:38:B9:36:E0:12:18:30:7E:1D:7B
Certificate issuer: /CN=1242466f8f8645c9f39f04874ddadf0d7136f67f
Certificate serial: 01941F8C5E1C4CCE2FDB7136AAA4ADEE896B
Authority key identifier: 12:42:46:6F:8F:86:45:C9:F3:9F:04:87:4D:DA:DF:0D:71:36:F6:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EkJGb4-GRcnznwSHTdrfDXE29n8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/o3E4tuCzrJrGsji5NuASGDB-HXs.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203068
IP address blocks: 89.39.204.0/24 maxlen: 24
89.39.205.0/24 maxlen: 24
89.39.206.0/24 maxlen: 24
89.39.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5e:1c:4c:ce:2f:db:71:36:aa:a4:ad:ee:89:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1242466f8f8645c9f39f04874ddadf0d7136f67f
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a37138b6e0b3ac9ac6b238b936e01218307e1d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b6:cc:23:3a:b6:ed:7d:d1:d6:f8:f5:be:62:
8e:9c:de:2b:ec:fc:47:16:3b:5f:3e:a5:16:df:83:
d5:b0:a6:4e:dd:e4:b3:8f:6f:f5:79:a6:86:a6:7d:
49:9c:fc:2c:c5:a3:e5:78:e4:94:d0:4b:49:9a:2a:
b8:d9:b9:c3:7c:9c:b1:e8:6c:4e:b6:8f:13:cf:f3:
0a:20:56:db:c1:df:77:76:cc:22:00:bd:44:a9:f6:
f5:fb:90:a4:a1:63:a2:e2:79:28:7d:6a:d5:78:4e:
fd:51:8f:16:96:02:87:c0:31:87:eb:95:bc:e7:9b:
bb:9a:f2:3e:05:26:78:88:20:ce:a5:36:6f:29:c2:
d9:89:26:c8:22:a3:4b:fc:00:da:a0:19:30:b8:83:
73:b6:f7:ed:7e:93:5a:d8:39:69:03:32:00:4b:27:
1e:fe:c5:63:30:94:09:c2:2f:d5:a7:ca:8b:ca:b1:
02:87:03:81:99:5a:fe:31:cb:88:64:96:1b:e1:10:
3f:2a:0b:bd:b8:e8:73:b8:a2:e2:97:50:6f:b2:73:
08:f6:a8:86:00:3c:33:69:64:4c:e6:cc:7d:9e:b6:
55:0d:05:c9:cf:70:9e:00:ad:e3:8e:e9:a9:a2:a8:
f9:ba:f1:f6:04:a3:63:1d:4d:e0:5b:0b:a5:73:7c:
3c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:71:38:B6:E0:B3:AC:9A:C6:B2:38:B9:36:E0:12:18:30:7E:1D:7B
X509v3 Authority Key Identifier:
keyid:12:42:46:6F:8F:86:45:C9:F3:9F:04:87:4D:DA:DF:0D:71:36:F6:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EkJGb4-GRcnznwSHTdrfDXE29n8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/o3E4tuCzrJrGsji5NuASGDB-HXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/EkJGb4-GRcnznwSHTdrfDXE29n8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.204.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:a8:5a:0e:19:71:96:d2:53:e0:20:8c:a7:e9:87:f3:47:3c:
fa:38:c1:df:aa:8b:25:5e:17:60:a8:d7:0e:8a:fd:4e:75:bc:
4a:cf:2b:d3:c9:ee:1a:47:87:f5:c9:47:36:fd:56:a2:ce:ba:
c7:16:5f:a1:e7:20:09:da:5c:f1:39:77:7f:c2:b5:f9:14:33:
63:a0:5d:a4:b4:d5:a0:7a:a2:c6:e8:a5:31:33:c5:37:21:3e:
c2:60:bc:bf:83:ae:3b:19:c4:99:b7:d8:3c:1d:e9:fc:13:6d:
dc:5c:10:85:93:da:b1:1d:4a:42:44:4f:5d:57:50:f1:5f:85:
5a:1a:00:f7:fd:8f:5f:58:b8:e6:f2:4d:26:1c:11:a4:d9:33:
ac:c8:69:f1:fc:48:2e:b0:f7:83:fd:15:c6:4e:d9:dd:6c:ad:
f9:de:ee:f7:67:90:0f:ca:26:a9:9e:c2:12:38:cf:c2:7a:a2:
8c:45:a6:f7:6b:04:c5:a7:5b:65:28:2b:4b:7d:4d:f0:4c:20:
9c:60:5c:df:94:0d:f5:ae:7e:b9:f3:a5:ef:ee:a3:cc:3a:86:
c1:f4:9f:9e:a3:cf:da:b8:84:c3:8f:34:c1:78:7a:c3:89:eb:
07:00:b7:98:79:5e:9a:3c:c0:bb:a0:a7:12:33:26:3f:f0:07:
d3:94:c6:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjF4cTM4v23E2qqSt7olrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNDI0NjZmOGY4NjQ1YzlmMzlmMDQ4NzRkZGFkZjBkNzEz
NmY2N2YwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzcxMzhiNmUwYjNhYzlhYzZiMjM4YjkzNmUwMTIxODMwN2UxZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7bMIzq27X3R1vj1vmKOnN4r7PxH
FjtfPqUW34PVsKZO3eSzj2/1eaaGpn1JnPwsxaPleOSU0EtJmiq42bnDfJyx6GxO
to8Tz/MKIFbbwd93dswiAL1Eqfb1+5CkoWOi4nkofWrVeE79UY8WlgKHwDGH65W8
55u7mvI+BSZ4iCDOpTZvKcLZiSbIIqNL/ADaoBkwuINztvftfpNa2DlpAzIASyce
/sVjMJQJwi/Vp8qLyrEChwOBmVr+McuIZJYb4RA/Kgu9uOhzuKLil1BvsnMI9qiG
ADwzaWRM5sx9nrZVDQXJz3CeAK3jjumpoqj5uvH2BKNjHU3gWwulc3w8kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNxOLbgs6yaxrI4uTbgEhgwfh17MB8GA1UdIwQY
MBaAFBJCRm+PhkXJ858Eh03a3w1xNvZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWtKR2I0LUdSY256bndTSFRkcmZEWEUyOW44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85MzE0OWMtMDgyOS00ZmNkLWJkMzUt
MGY1NWVhMzNhZmUzLzEvbzNFNHR1Q3pySnJHc2ppNU51QVNHREItSFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC85MzE0OWMtMDgyOS00ZmNkLWJkMzUtMGY1NWVhMzNhZmUz
LzEvRWtKR2I0LUdSY256bndTSFRkcmZEWEUyOW44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSfMMA0G
CSqGSIb3DQEBCwUAA4IBAQAKqFoOGXGW0lPgIIyn6YfzRzz6OMHfqoslXhdgqNcO
iv1OdbxKzyvTye4aR4f1yUc2/VaizrrHFl+h5yAJ2lzxOXd/wrX5FDNjoF2ktNWg
eqLG6KUxM8U3IT7CYLy/g647GcSZt9g8Hen8E23cXBCFk9qxHUpCRE9dV1DxX4Va
GgD3/Y9fWLjm8k0mHBGk2TOsyGnx/EgusPeD/RXGTtndbK353u73Z5APyiapnsIS
OM/CeqKMRab3awTFp1tlKCtLfU3wTCCcYFzflA31rn6586Xv7qPMOobB9J+eo8/a
uITDjzTBeHrDiesHALeYeV6aPMC7oKcSMyY/8AfTlMaV
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:44:23 2025 by rpki-client