Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/ctB9P_7LyiERDKdanL8OrI9ojHc.roa
File: ctB9P_7LyiERDKdanL8OrI9ojHc.roa (raw, json)
Hash identifier: PsmayPTDLoe3kgQqS7Df37gqZ4cFmCcdYXmSErv1uJ0=
Subject key identifier: 72:D0:7D:3F:FE:CB:CA:21:11:0C:A7:5A:9C:BF:0E:AC:8F:68:8C:77
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 0193968615BB518F7C4353EA4E4842B90C09
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/ctB9P_7LyiERDKdanL8OrI9ojHc.roa
Signing time: Thu 05 Dec 2024 11:13:09 +0000
ROA not before: Thu 05 Dec 2024 11:13:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 86.110.52.0/24 maxlen: 24
86.110.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:86:15:bb:51:8f:7c:43:53:ea:4e:48:42:b9:0c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Dec 5 11:13:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72d07d3ffecbca21110ca75a9cbf0eac8f688c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b1:39:fe:b7:63:7a:e3:d1:9b:06:a5:33:2f:
2f:53:e0:52:e4:be:ee:38:cd:23:a4:3a:be:ee:57:
da:79:37:f0:43:ee:0c:67:7a:89:0c:66:ff:9f:64:
29:fb:5c:07:0f:b0:57:bd:21:e3:31:5f:ea:32:01:
02:31:27:04:52:19:0e:e1:1a:7d:d2:03:e9:66:bb:
15:f4:80:f1:b8:c8:e4:37:46:35:70:b0:e5:bc:14:
0d:e6:e8:4d:4b:d8:df:a9:de:a3:61:15:17:e2:8f:
11:6e:c1:fe:83:73:5c:8e:d8:bf:ef:60:ed:15:7f:
60:5f:70:e1:6b:e7:51:27:81:2f:5c:84:5f:1b:14:
40:10:44:29:dc:16:50:b8:bf:d1:b7:26:96:05:46:
c6:99:5e:b6:ab:d0:ab:05:07:bf:8d:bd:da:9d:32:
c0:0c:01:de:e6:ae:9c:8a:79:cf:2f:fa:ee:a7:81:
1b:80:a2:10:d2:30:d8:b1:da:0d:10:f6:25:99:53:
b1:5a:0b:20:4b:b3:6b:d6:df:70:72:39:d2:98:fe:
4e:7c:ad:22:67:01:8c:87:54:f1:bc:e7:23:7f:e3:
a7:22:cb:d0:3c:31:f1:1d:39:81:9f:4a:ed:72:d3:
e7:fb:0e:f1:62:7d:44:80:b2:81:48:1f:a9:49:f2:
49:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D0:7D:3F:FE:CB:CA:21:11:0C:A7:5A:9C:BF:0E:AC:8F:68:8C:77
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/ctB9P_7LyiERDKdanL8OrI9ojHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.52.0/24
86.110.59.0/24
Signature Algorithm: sha256WithRSAEncryption
44:bf:b8:0c:31:b9:fc:f3:7b:39:10:af:db:c6:db:18:c7:39:
bb:2e:3e:63:08:24:58:43:b7:4b:32:6e:47:52:98:c4:f4:09:
38:b4:91:b5:04:08:1b:d1:0c:91:d4:52:e1:b0:bc:39:5a:a5:
0f:c5:1d:92:43:cb:89:fb:2b:be:ba:16:57:88:16:f4:c7:34:
64:7c:b3:7f:5e:ca:4d:54:ab:7c:6b:c9:08:0c:66:bf:be:37:
65:48:c6:e4:aa:70:a3:5d:2c:74:fa:c9:de:03:be:ef:93:5d:
6b:84:4f:77:3a:e9:bf:68:a2:29:c5:85:6a:3d:6a:70:db:05:
c4:29:8c:b0:00:84:df:4c:1f:94:29:41:91:43:55:ae:e9:6b:
d6:7a:13:08:e7:a3:e1:6e:68:fa:1e:75:5c:e7:ab:63:39:27:
c7:5b:ba:1d:3f:89:a2:db:c6:e0:c4:d8:63:b6:82:6b:dd:68:
4d:e0:9c:f2:eb:49:f5:a7:b5:75:11:14:83:71:10:37:dd:38:
d0:be:cf:0b:b7:33:10:fb:1d:14:3b:61:6b:18:54:0f:5c:b9:
eb:6a:18:f3:f9:90:22:d9:92:0c:c0:5d:c8:01:ef:b8:c1:5f:
4c:bc:d7:2d:a8:2c:8d:ce:21:dd:f2:c3:72:98:9c:7d:61:e5:
45:6c:90:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOWhhW7UY98Q1PqTkhCuQwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjQxMjA1MTExMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQwN2QzZmZlY2JjYTIxMTEwY2E3NWE5Y2JmMGVhYzhmNjg4Yzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47E5/rdjeuPRmwalMy8vU+BS5L7u
OM0jpDq+7lfaeTfwQ+4MZ3qJDGb/n2Qp+1wHD7BXvSHjMV/qMgECMScEUhkO4Rp9
0gPpZrsV9IDxuMjkN0Y1cLDlvBQN5uhNS9jfqd6jYRUX4o8RbsH+g3Ncjti/72Dt
FX9gX3Dha+dRJ4EvXIRfGxRAEEQp3BZQuL/RtyaWBUbGmV62q9CrBQe/jb3anTLA
DAHe5q6cinnPL/rup4EbgKIQ0jDYsdoNEPYlmVOxWgsgS7Nr1t9wcjnSmP5OfK0i
ZwGMh1TxvOcjf+OnIsvQPDHxHTmBn0rtctPn+w7xYn1EgLKBSB+pSfJJBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHLQfT/+y8ohEQynWpy/DqyPaIx3MB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvY3RCOVBfN0x5aUVSREtkYW5MOE9ySTlvakhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVm40AwQA
Vm47MA0GCSqGSIb3DQEBCwUAA4IBAQBEv7gMMbn883s5EK/bxtsYxzm7Lj5jCCRY
Q7dLMm5HUpjE9Ak4tJG1BAgb0QyR1FLhsLw5WqUPxR2SQ8uJ+yu+uhZXiBb0xzRk
fLN/XspNVKt8a8kIDGa/vjdlSMbkqnCjXSx0+sneA77vk11rhE93Oum/aKIpxYVq
PWpw2wXEKYywAITfTB+UKUGRQ1Wu6WvWehMI56Phbmj6HnVc56tjOSfHW7odP4mi
28bgxNhjtoJr3WhN4Jzy60n1p7V1ERSDcRA33TjQvs8LtzMQ+x0UO2FrGFQPXLnr
ahjz+ZAi2ZIMwF3IAe+4wV9MvNctqCyNziHd8sNymJx9YeVFbJAk
-----END CERTIFICATE-----
Generated at Tue Apr 8 16:03:12 2025 by rpki-client