Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/lHOBT8H-RtOhIctyswgjrGmgMoY.roa
File: lHOBT8H-RtOhIctyswgjrGmgMoY.roa (raw, json)
Hash identifier: Ih5ysxywS2RWFZe1IL5qjxvfGGjUDiKC0C1ibQELx3M=
Subject key identifier: 94:73:81:4F:C1:FE:46:D3:A1:21:CB:72:B3:08:23:AC:69:A0:32:86
Certificate issuer: /CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Certificate serial: 018D1254A806C3F15462140173B85871E6F5
Authority key identifier: 01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/lHOBT8H-RtOhIctyswgjrGmgMoY.roa
Signing time: Tue 16 Jan 2024 12:52:34 +0000
ROA not before: Tue 16 Jan 2024 12:52:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8638
IP address blocks: 89.247.125.0/24 maxlen: 24
2001:1438:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:54:a8:06:c3:f1:54:62:14:01:73:b8:58:71:e6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Validity
Not Before: Jan 16 12:52:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9473814fc1fe46d3a121cb72b30823ac69a03286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:33:6d:80:98:08:fc:78:b9:21:bc:97:84:f6:
05:46:57:93:2c:f1:01:05:72:84:d3:af:34:e3:43:
54:38:ba:6f:cc:62:67:3d:06:0c:a8:fb:51:d0:f6:
a6:5a:89:d0:b7:7e:00:a3:72:a9:a2:d5:cf:c4:56:
56:14:b3:fa:b6:7b:3d:a0:01:d8:70:eb:4e:0d:b1:
41:ef:b9:8d:92:2f:57:be:86:cd:c1:b2:53:12:22:
ec:42:63:9b:f8:be:c4:a2:7b:a8:46:26:68:b5:45:
8b:80:66:c9:c7:69:c5:9f:a0:86:4b:f8:8a:31:72:
ce:71:c5:16:92:dd:b3:fb:b1:06:0e:40:7f:4f:fe:
b1:6f:58:68:84:30:83:b4:af:e4:5a:d2:c9:09:4d:
cb:47:b9:0a:ea:e4:04:3d:3f:75:8f:e6:16:3f:5a:
f9:6b:60:c2:7a:b5:76:98:85:7d:f4:0c:84:c4:66:
60:66:b8:73:c1:6b:7f:1a:f0:2f:98:c3:ed:8d:40:
de:19:6c:e9:11:ce:aa:d3:70:6d:0d:f1:33:5d:79:
3e:06:37:0d:16:48:bd:90:4e:78:cc:89:23:1e:3c:
25:2a:89:1f:01:49:76:7c:0c:f7:90:fd:05:b1:ac:
11:83:ee:26:1d:44:03:86:44:b4:c9:8d:4c:fa:3c:
cf:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:73:81:4F:C1:FE:46:D3:A1:21:CB:72:B3:08:23:AC:69:A0:32:86
X509v3 Authority Key Identifier:
keyid:01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/lHOBT8H-RtOhIctyswgjrGmgMoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.247.125.0/24
IPv6:
2001:1438:f000::/36
Signature Algorithm: sha256WithRSAEncryption
72:89:fd:0a:0f:ed:b0:ef:9d:25:22:7b:17:3b:43:d1:aa:75:
73:07:6b:12:53:4c:f3:2b:95:87:41:6b:28:46:5e:38:7d:e1:
12:17:f1:d9:48:b7:f3:d4:f5:6f:94:0e:11:5e:9b:4e:24:90:
0f:8f:46:82:bb:0e:5b:52:44:38:6e:c6:27:d1:a9:5e:70:7e:
a4:64:1f:63:95:f6:7a:5a:d6:54:f9:7e:62:49:bd:2d:21:6e:
6e:1d:97:fc:5c:98:bf:8c:bd:38:2e:d2:61:f9:c2:6c:2c:6f:
30:52:38:a3:95:b2:13:21:92:94:1c:0f:b7:2a:2c:02:6d:ba:
bb:9f:2b:73:bd:12:f1:d6:60:66:18:2a:65:d0:92:68:8f:57:
dc:00:b3:69:be:b1:c9:95:f6:1f:81:f7:c9:7a:ac:b7:ce:b5:
15:ce:36:a5:4a:d4:5b:2f:b4:42:8a:8c:a0:d1:0d:81:9a:7f:
b7:09:20:50:03:fd:32:e1:0e:db:1a:01:b3:67:a0:73:fd:9d:
40:4d:aa:58:68:80:4f:e5:75:e4:e7:c9:24:f7:6b:be:33:9b:
3f:53:8b:0e:7d:56:4b:c3:37:96:36:49:4e:b1:c7:60:4f:29:
1d:55:5f:26:a8:b9:58:a6:63:b7:d8:06:c4:05:dc:97:0d:8f:
d7:79:11:c8
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY0SVKgGw/FUYhQBc7hYceb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZDFhMTM1M2Y3ZjhiNTA1ZmM5ODc1MGU4Njc4N2Y0ZTA0
NjQzMmUwHhcNMjQwMTE2MTI1MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDczODE0ZmMxZmU0NmQzYTEyMWNiNzJiMzA4MjNhYzY5YTAzMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDNtgJgI/Hi5IbyXhPYFRleTLPEB
BXKE068040NUOLpvzGJnPQYMqPtR0PamWonQt34Ao3KpotXPxFZWFLP6tns9oAHY
cOtODbFB77mNki9XvobNwbJTEiLsQmOb+L7EonuoRiZotUWLgGbJx2nFn6CGS/iK
MXLOccUWkt2z+7EGDkB/T/6xb1hohDCDtK/kWtLJCU3LR7kK6uQEPT91j+YWP1r5
a2DCerV2mIV99AyExGZgZrhzwWt/GvAvmMPtjUDeGWzpEc6q03BtDfEzXXk+BjcN
Fki9kE54zIkjHjwlKokfAUl2fAz3kP0FsawRg+4mHUQDhkS0yY1M+jzPZwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJRzgU/B/kbToSHLcrMII6xpoDKGMB8GA1UdIwQY
MBaAFAHRoTU/f4tQX8mHUOhnh/TgRkMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEt
NjQzYTQxNTlhYjQ2LzEvbEhPQlQ4SC1SdE9oSWN0eXN3Z2pyR21nTW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEtNjQzYTQxNTlhYjQ2
LzEvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAWfd9MA4E
AgACMAgDBgQgARQ48DANBgkqhkiG9w0BAQsFAAOCAQEAcon9Cg/tsO+dJSJ7FztD
0ap1cwdrElNM8yuVh0FrKEZeOH3hEhfx2Ui389T1b5QOEV6bTiSQD49GgrsOW1JE
OG7GJ9GpXnB+pGQfY5X2elrWVPl+Ykm9LSFubh2X/FyYv4y9OC7SYfnCbCxvMFI4
o5WyEyGSlBwPtyosAm26u58rc70S8dZgZhgqZdCSaI9X3ACzab6xyZX2H4H3yXqs
t861Fc42pUrUWy+0QoqMoNENgZp/twkgUAP9MuEO2xoBs2egc/2dQE2qWGiAT+V1
5OfJJPdrvjObP1OLDn1WS8M3ljZJTrHHYE8pHVVfJqi5WKZjt9gGxAXclw2P13kR
yA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 15:03:46 2025 by rpki-client