Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/ba391b-cb89-4e21-944a-ef33d85a4a86/1/kGTMJp8YWdhCRnyfOKgxhKChBJQ.roa
File: kGTMJp8YWdhCRnyfOKgxhKChBJQ.roa (raw, json)
Hash identifier: ZVU5RQX8MRgj32JsdxWQo2xXu6d3VcvuzIOlJ8aVzuA=
Subject key identifier: 90:64:CC:26:9F:18:59:D8:42:46:7C:9F:38:A8:31:84:A0:A1:04:94
Certificate issuer: /CN=61323397d6e529dff06c7cf14d1760d6e706aa6f
Certificate serial: 0194258E626D29E319BB0CA84DA784E6DB7A
Authority key identifier: 61:32:33:97:D6:E5:29:DF:F0:6C:7C:F1:4D:17:60:D6:E7:06:AA:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YTIzl9blKd_wbHzxTRdg1ucGqm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/ba391b-cb89-4e21-944a-ef33d85a4a86/1/kGTMJp8YWdhCRnyfOKgxhKChBJQ.roa
Signing time: Thu 02 Jan 2025 05:47:55 +0000
ROA not before: Thu 02 Jan 2025 05:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202663
IP address blocks: 89.35.135.0/24 maxlen: 24
171.22.240.0/24 maxlen: 24
2a0e:9400::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:62:6d:29:e3:19:bb:0c:a8:4d:a7:84:e6:db:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61323397d6e529dff06c7cf14d1760d6e706aa6f
Validity
Not Before: Jan 2 05:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9064cc269f1859d842467c9f38a83184a0a10494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9b:ab:07:22:1b:d0:a6:f6:31:9f:66:42:44:
19:45:ad:e3:22:5d:bb:0c:6d:26:12:3c:2a:08:e4:
3e:42:5a:ef:4c:92:a3:95:84:98:9b:09:d1:7a:4c:
c9:59:0d:ef:84:c3:74:c7:04:be:29:15:0d:4e:88:
6f:99:a9:6b:18:c4:30:bd:8a:8f:82:2b:c8:74:ba:
ab:d4:ac:10:8e:39:c6:e2:ca:ee:7e:61:18:f6:51:
6a:8d:31:01:92:80:b1:77:74:2f:e9:03:1c:e1:05:
2b:76:79:a0:52:18:10:6e:3f:c4:7a:03:cd:e2:82:
36:4a:de:02:7e:ab:d5:37:32:5a:72:3e:89:e6:1d:
d1:f6:81:8e:ca:e3:1e:2b:7e:3c:c9:70:9b:0f:37:
29:13:2c:16:df:ac:8a:5b:a8:23:d0:bc:c6:28:8f:
42:f8:0e:38:e3:50:30:6e:52:5a:b7:3d:a2:a2:39:
2b:2c:3d:3b:c9:0f:e6:bd:c4:ad:f9:00:6b:86:06:
e5:a2:b9:8a:0a:ba:4f:2e:42:93:4d:bf:ec:bc:9c:
0c:78:21:ed:87:2a:c6:fe:7e:5c:47:89:7c:61:fa:
ad:40:55:4f:81:6d:d1:77:52:5d:df:c1:5b:6e:ae:
60:01:eb:3c:f4:ec:22:b8:9a:fc:ae:16:5e:13:d2:
76:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:64:CC:26:9F:18:59:D8:42:46:7C:9F:38:A8:31:84:A0:A1:04:94
X509v3 Authority Key Identifier:
keyid:61:32:33:97:D6:E5:29:DF:F0:6C:7C:F1:4D:17:60:D6:E7:06:AA:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YTIzl9blKd_wbHzxTRdg1ucGqm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/ba391b-cb89-4e21-944a-ef33d85a4a86/1/kGTMJp8YWdhCRnyfOKgxhKChBJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/ba391b-cb89-4e21-944a-ef33d85a4a86/1/YTIzl9blKd_wbHzxTRdg1ucGqm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.135.0/24
171.22.240.0/24
IPv6:
2a0e:9400::/29
Signature Algorithm: sha256WithRSAEncryption
1a:a7:74:57:6a:65:d8:7c:49:47:d2:74:c3:3a:2e:fe:44:74:
46:f1:9e:2f:f5:03:41:f6:dd:12:18:65:cc:46:81:7d:4f:e0:
b6:eb:77:80:fd:12:31:a2:f5:68:98:40:f9:ba:be:1d:55:37:
22:61:39:9d:27:0f:5d:2d:e7:b6:c2:a2:0e:a2:b7:e3:82:f6:
14:bf:fe:bc:e7:c9:d2:77:e7:0c:90:e3:4d:5a:d4:44:b3:13:
e8:b8:a8:e9:93:01:e6:cb:e2:47:26:68:9e:62:e8:62:2d:35:
79:72:f3:37:eb:22:82:5f:32:57:84:39:f3:ff:e2:05:42:aa:
35:fb:23:33:7c:cf:de:1a:9d:23:27:7e:00:6c:2e:6f:cb:9e:
57:0e:23:81:77:0b:b6:28:16:c6:6a:bc:ff:51:17:c8:2d:2b:
91:a6:b0:32:4d:02:af:56:da:47:6d:b6:12:ae:32:53:d7:b2:
06:56:0b:19:ca:b4:2a:88:c5:f6:09:a2:b9:97:f7:e0:97:a6:
4c:ef:eb:0e:13:3a:27:48:45:0f:c1:1a:e7:32:d4:7e:f9:db:
c9:61:13:85:30:36:fc:45:2e:74:54:a1:b6:49:26:fc:ef:ae:
60:b2:7b:2c:30:e2:ca:c8:2c:38:6d:97:37:2f:fd:84:c8:d0:
95:e0:8b:c3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQljmJtKeMZuwyoTaeE5tt6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMzIzMzk3ZDZlNTI5ZGZmMDZjN2NmMTRkMTc2MGQ2ZTcw
NmFhNmYwHhcNMjUwMTAyMDU0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDY0Y2MyNjlmMTg1OWQ4NDI0NjdjOWYzOGE4MzE4NGEwYTEwNDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpurByIb0Kb2MZ9mQkQZRa3jIl27
DG0mEjwqCOQ+QlrvTJKjlYSYmwnRekzJWQ3vhMN0xwS+KRUNTohvmalrGMQwvYqP
givIdLqr1KwQjjnG4srufmEY9lFqjTEBkoCxd3Qv6QMc4QUrdnmgUhgQbj/EegPN
4oI2St4CfqvVNzJacj6J5h3R9oGOyuMeK348yXCbDzcpEywW36yKW6gj0LzGKI9C
+A4441AwblJatz2iojkrLD07yQ/mvcSt+QBrhgblormKCrpPLkKTTb/svJwMeCHt
hyrG/n5cR4l8YfqtQFVPgW3Rd1Jd38Fbbq5gAes89OwiuJr8rhZeE9J2nQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJBkzCafGFnYQkZ8nzioMYSgoQSUMB8GA1UdIwQY
MBaAFGEyM5fW5Snf8Gx88U0XYNbnBqpvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVRJemw5YmxLZF93Ykh6eFRSZGcxdWNHcW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iYTM5MWItY2I4OS00ZTIxLTk0NGEt
ZWYzM2Q4NWE0YTg2LzEva0dUTUpwOFlXZGhDUm55Zk9LZ3hoS0NoQkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9iYTM5MWItY2I4OS00ZTIxLTk0NGEtZWYzM2Q4NWE0YTg2
LzEvWVRJemw5YmxLZF93Ykh6eFRSZGcxdWNHcW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWSOHAwQA
qxbwMA0EAgACMAcDBQMqDpQAMA0GCSqGSIb3DQEBCwUAA4IBAQAap3RXamXYfElH
0nTDOi7+RHRG8Z4v9QNB9t0SGGXMRoF9T+C263eA/RIxovVomED5ur4dVTciYTmd
Jw9dLee2wqIOorfjgvYUv/6858nSd+cMkONNWtREsxPouKjpkwHmy+JHJmieYuhi
LTV5cvM36yKCXzJXhDnz/+IFQqo1+yMzfM/eGp0jJ34AbC5vy55XDiOBdwu2KBbG
arz/URfILSuRprAyTQKvVtpHbbYSrjJT17IGVgsZyrQqiMX2CaK5l/fgl6ZM7+sO
EzonSEUPwRrnMtR++dvJYROFMDb8RS50VKG2SSb8765gsnssMOLKyCw4bZc3L/2E
yNCV4IvD
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:10 2025 by rpki-client