Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/8db579-c1fc-4215-90f4-f4673ba52c00/1/2dNcgj6MvN9n_fYFlGVJH7IP5P0.roa
File: 2dNcgj6MvN9n_fYFlGVJH7IP5P0.roa (raw, json)
Hash identifier: NdXmI8eBdfB68znJPh1CIG8Aqd8Jvbrd0RbmQ639jeY=
Subject key identifier: D9:D3:5C:82:3E:8C:BC:DF:67:FD:F6:05:94:65:49:1F:B2:0F:E4:FD
Certificate issuer: /CN=d07267bf23b2971a4795a83ef8478a821bafb1db
Certificate serial: 019420D5BEC7F38AF0FF116CA1FDA4B7CF09
Authority key identifier: D0:72:67:BF:23:B2:97:1A:47:95:A8:3E:F8:47:8A:82:1B:AF:B1:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0HJnvyOylxpHlag--EeKghuvsds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/8db579-c1fc-4215-90f4-f4673ba52c00/1/2dNcgj6MvN9n_fYFlGVJH7IP5P0.roa
Signing time: Wed 01 Jan 2025 07:47:46 +0000
ROA not before: Wed 01 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8445
IP address blocks: 89.26.23.0/24 maxlen: 24
194.37.0.0/24 maxlen: 24
2a03:c400::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:be:c7:f3:8a:f0:ff:11:6c:a1:fd:a4:b7:cf:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07267bf23b2971a4795a83ef8478a821bafb1db
Validity
Not Before: Jan 1 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9d35c823e8cbcdf67fdf6059465491fb20fe4fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f6:1c:1f:cf:e3:9c:57:4c:ba:c8:91:56:da:
e5:26:17:49:84:d0:02:34:76:aa:e8:8f:28:4f:4d:
91:49:d3:e9:97:8e:84:fc:44:88:35:83:59:04:e0:
77:1b:9d:a1:76:45:b6:6d:e4:91:eb:e9:e5:6e:4d:
75:c4:27:64:99:c0:a0:22:f8:2b:d0:ab:cd:36:12:
fb:97:f3:31:f4:a9:60:fc:f1:ff:22:e0:5d:07:e5:
8b:ff:34:fd:b8:05:fe:c8:4d:f9:e5:02:aa:70:84:
c3:75:6b:ed:91:b4:48:da:99:ac:63:f6:62:4c:7f:
a2:11:38:7a:4a:79:f0:2c:5d:d7:7b:fc:f5:c2:90:
f1:d1:5a:30:f4:f8:37:e9:78:f4:82:f4:c0:95:7a:
f3:a8:a7:e7:0e:c1:7d:2e:94:28:4d:a5:ef:f9:99:
ed:06:4e:65:a2:81:81:2c:93:d9:6a:b9:14:47:64:
c8:52:da:80:a0:d4:38:39:35:6c:81:00:0d:fa:4b:
bb:5f:0e:dc:99:a0:27:eb:25:0b:f7:3a:f9:2e:04:
46:cf:6d:90:44:52:42:10:10:04:38:23:71:e3:96:
03:a9:87:12:0c:3d:ad:e3:b1:f9:42:4c:0d:ec:94:
40:51:2e:50:d7:ae:bc:af:5e:49:14:9e:57:36:a4:
6d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D3:5C:82:3E:8C:BC:DF:67:FD:F6:05:94:65:49:1F:B2:0F:E4:FD
X509v3 Authority Key Identifier:
keyid:D0:72:67:BF:23:B2:97:1A:47:95:A8:3E:F8:47:8A:82:1B:AF:B1:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0HJnvyOylxpHlag--EeKghuvsds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/8db579-c1fc-4215-90f4-f4673ba52c00/1/2dNcgj6MvN9n_fYFlGVJH7IP5P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/8db579-c1fc-4215-90f4-f4673ba52c00/1/0HJnvyOylxpHlag--EeKghuvsds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.26.23.0/24
194.37.0.0/24
IPv6:
2a03:c400::/32
Signature Algorithm: sha256WithRSAEncryption
90:0e:35:8e:8a:59:dd:e9:20:25:80:b2:3c:08:d1:0e:27:6d:
91:6b:ab:cf:89:d4:50:8c:49:9e:d1:2b:ad:9b:6e:2d:60:ca:
8b:e8:67:ee:c3:84:39:33:9d:e1:3b:53:9e:21:5d:2b:6d:56:
b8:24:44:82:10:2c:c0:17:6e:b2:d2:b3:ff:c3:bc:7c:c1:31:
e6:42:84:6a:14:a1:bb:98:ce:bd:15:99:83:0f:60:26:43:35:
2d:41:5e:93:ab:bc:26:9d:dc:ec:06:0e:56:95:09:2c:46:bd:
6b:1c:d8:51:80:e1:13:75:9a:9a:32:92:67:4e:9a:e9:68:11:
f5:93:93:8d:d2:73:b8:af:a2:6a:d0:2e:5b:b5:d1:0c:71:84:
d5:42:8f:d0:b1:ba:e3:f8:14:46:4f:04:39:92:8a:12:fa:2a:
5f:46:09:5b:a6:fa:58:22:5b:c9:1a:ab:b4:e3:b2:06:d5:1a:
cb:77:b3:3f:85:5c:0d:73:b9:96:e9:f5:fc:76:7e:77:1d:0a:
70:58:da:c0:2a:6c:9e:8e:18:1d:28:74:4c:3e:9a:b9:5f:f9:
c0:66:5f:a9:84:a2:cc:88:fd:67:b4:4b:80:57:ef:2f:1d:7a:
fc:9a:be:f8:c6:94:4e:41:65:40:27:a5:83:a9:a3:01:22:41:
2e:78:99:35
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQg1b7H84rw/xFsof2kt88JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNzI2N2JmMjNiMjk3MWE0Nzk1YTgzZWY4NDc4YTgyMWJh
ZmIxZGIwHhcNMjUwMTAxMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQzNWM4MjNlOGNiY2RmNjdmZGY2MDU5NDY1NDkxZmIyMGZlNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvYcH8/jnFdMusiRVtrlJhdJhNAC
NHaq6I8oT02RSdPpl46E/ESINYNZBOB3G52hdkW2beSR6+nlbk11xCdkmcCgIvgr
0KvNNhL7l/Mx9Klg/PH/IuBdB+WL/zT9uAX+yE355QKqcITDdWvtkbRI2pmsY/Zi
TH+iETh6SnnwLF3Xe/z1wpDx0Vow9Pg36Xj0gvTAlXrzqKfnDsF9LpQoTaXv+Znt
Bk5looGBLJPZarkUR2TIUtqAoNQ4OTVsgQAN+ku7Xw7cmaAn6yUL9zr5LgRGz22Q
RFJCEBAEOCNx45YDqYcSDD2t47H5QkwN7JRAUS5Q1668r15JFJ5XNqRtDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNnTXII+jLzfZ/32BZRlSR+yD+T9MB8GA1UdIwQY
MBaAFNByZ78jspcaR5WoPvhHioIbr7HbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEhKbnZ5T3lseHBIbGFnLS1FZUtnaHV2c2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS84ZGI1NzktYzFmYy00MjE1LTkwZjQt
ZjQ2NzNiYTUyYzAwLzEvMmROY2dqNk12TjluX2ZZRmxHVkpIN0lQNVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS84ZGI1NzktYzFmYy00MjE1LTkwZjQtZjQ2NzNiYTUyYzAw
LzEvMEhKbnZ5T3lseHBIbGFnLS1FZUtnaHV2c2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWRoXAwQA
wiUAMA0EAgACMAcDBQAqA8QAMA0GCSqGSIb3DQEBCwUAA4IBAQCQDjWOilnd6SAl
gLI8CNEOJ22Ra6vPidRQjEme0Sutm24tYMqL6Gfuw4Q5M53hO1OeIV0rbVa4JESC
ECzAF26y0rP/w7x8wTHmQoRqFKG7mM69FZmDD2AmQzUtQV6Tq7wmndzsBg5WlQks
Rr1rHNhRgOETdZqaMpJnTprpaBH1k5ON0nO4r6Jq0C5btdEMcYTVQo/Qsbrj+BRG
TwQ5kooS+ipfRglbpvpYIlvJGqu047IG1RrLd7M/hVwNc7mW6fX8dn53HQpwWNrA
KmyejhgdKHRMPpq5X/nAZl+phKLMiP1ntEuAV+8vHXr8mr74xpROQWVAJ6WDqaMB
IkEueJk1
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:48 2025 by rpki-client