Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/6ZX8OszHhJsECzIT2pWthbGNYA4.roa
File: 6ZX8OszHhJsECzIT2pWthbGNYA4.roa (raw, json)
Hash identifier: yAmivsrz6/2HJ5FMGGP7u21yzZpmlon/kbzZpQ7zXlU=
Subject key identifier: E9:95:FC:3A:CC:C7:84:9B:04:0B:32:13:DA:95:AD:85:B1:8D:60:0E
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F90C151ACB47FD582AFFBA8FCE871
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/6ZX8OszHhJsECzIT2pWthbGNYA4.roa
Signing time: Thu 02 Jan 2025 05:49:13 +0000
ROA not before: Thu 02 Jan 2025 05:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203120
IP address blocks: 89.34.74.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:90:c1:51:ac:b4:7f:d5:82:af:fb:a8:fc:e8:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e995fc3accc7849b040b3213da95ad85b18d600e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f5:c3:6a:e3:a3:79:31:62:07:f0:7a:17:96:
26:0c:dd:73:13:6f:11:74:0b:ee:00:76:2f:c1:93:
28:30:93:de:02:ca:1f:31:d2:ca:a2:a3:54:53:81:
cb:23:36:19:50:96:0c:ae:b6:68:83:5f:cb:8c:8e:
f3:46:f0:81:ec:3f:20:08:ad:f8:03:ba:0a:e3:b8:
94:e7:5f:2e:ab:54:7f:70:48:4c:94:6c:9e:58:ed:
87:cc:34:b9:75:55:d4:3b:3b:1a:42:1d:6b:c4:9e:
cf:80:c4:af:bd:df:b6:f7:52:9a:86:90:04:66:e8:
87:17:39:c4:e3:96:3a:10:58:62:6b:60:4f:d9:68:
30:01:2e:32:d2:32:2f:b0:45:c4:9d:6f:a4:86:fc:
41:75:66:95:c4:d3:9b:7c:68:d3:d7:e3:3d:fc:83:
8e:c8:35:3f:22:9b:88:7b:c1:a7:f9:e7:6d:98:bb:
63:a6:c2:26:98:8b:db:7b:ce:88:80:f2:4f:3c:13:
ac:18:93:ad:eb:44:da:8a:4a:b6:2e:28:e8:d9:46:
d8:ae:d1:d8:d8:2d:a0:26:46:36:84:0f:4f:b3:6e:
6b:85:17:39:c3:b5:c7:51:c6:51:54:d8:85:31:7c:
79:3d:e1:4b:72:95:b7:d3:f9:08:60:6b:83:e2:59:
3c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:95:FC:3A:CC:C7:84:9B:04:0B:32:13:DA:95:AD:85:B1:8D:60:0E
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/6ZX8OszHhJsECzIT2pWthbGNYA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.74.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:63:0b:c4:9d:e4:a0:8d:fd:5b:dd:90:c3:86:f7:e0:cb:bc:
de:f8:0e:be:49:ca:b3:52:a4:65:aa:c6:db:54:ea:14:f2:d2:
25:c7:82:e7:7a:18:d6:f4:f9:52:ce:a7:22:98:29:57:fe:a4:
d4:b1:be:fa:b8:80:36:86:92:5f:61:e3:dd:82:1d:a8:5f:63:
84:7f:7b:b8:d2:a7:45:32:48:5f:cf:60:eb:a6:3b:d6:3c:33:
eb:50:bc:d7:a7:59:f9:81:05:2d:3f:f7:81:58:2c:71:e4:ed:
5b:6d:93:9d:b4:64:e0:3a:59:82:2b:82:1b:3e:d1:75:f7:ee:
3a:29:cc:3b:4d:ea:62:ab:96:a0:e3:0b:4c:64:57:bd:fa:e3:
a8:a6:db:46:47:22:e5:1a:c0:b7:4e:13:2e:c9:11:bf:57:cb:
9f:19:4d:25:09:80:8d:b9:00:19:f9:af:86:08:ca:57:13:56:
39:a8:cd:9b:79:73:34:ea:7b:08:0b:09:85:d3:c5:cc:7b:24:
5f:7f:53:65:6a:3b:62:c9:88:4d:30:95:c9:a8:a9:b2:4a:3c:
2d:51:2f:63:f8:43:30:18:05:2c:a4:35:b1:10:92:d9:c6:1a:
6c:72:fa:0c:b7:0b:43:02:64:23:92:a3:98:cb:45:a0:16:d4:
e0:2c:8c:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj5DBUay0f9WCr/uo/OhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTk1ZmMzYWNjYzc4NDliMDQwYjMyMTNkYTk1YWQ4NWIxOGQ2MDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/XDauOjeTFiB/B6F5YmDN1zE28R
dAvuAHYvwZMoMJPeAsofMdLKoqNUU4HLIzYZUJYMrrZog1/LjI7zRvCB7D8gCK34
A7oK47iU518uq1R/cEhMlGyeWO2HzDS5dVXUOzsaQh1rxJ7PgMSvvd+291KahpAE
ZuiHFznE45Y6EFhia2BP2WgwAS4y0jIvsEXEnW+khvxBdWaVxNObfGjT1+M9/IOO
yDU/IpuIe8Gn+edtmLtjpsImmIvbe86IgPJPPBOsGJOt60Taikq2Lijo2UbYrtHY
2C2gJkY2hA9Ps25rhRc5w7XHUcZRVNiFMXx5PeFLcpW30/kIYGuD4lk8JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOmV/DrMx4SbBAsyE9qVrYWxjWAOMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvNlpYOE9zekhoSnNFQ3pJVDJwV3RoYkdOWUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSJKMA0G
CSqGSIb3DQEBCwUAA4IBAQB8YwvEneSgjf1b3ZDDhvfgy7ze+A6+ScqzUqRlqsbb
VOoU8tIlx4LnehjW9PlSzqcimClX/qTUsb76uIA2hpJfYePdgh2oX2OEf3u40qdF
Mkhfz2DrpjvWPDPrULzXp1n5gQUtP/eBWCxx5O1bbZOdtGTgOlmCK4IbPtF19+46
Kcw7Tepiq5ag4wtMZFe9+uOopttGRyLlGsC3ThMuyRG/V8ufGU0lCYCNuQAZ+a+G
CMpXE1Y5qM2beXM06nsICwmF08XMeyRff1NlajtiyYhNMJXJqKmySjwtUS9j+EMw
GAUspDWxEJLZxhpscvoMtwtDAmQjkqOYy0WgFtTgLIwz
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:22:16 2025 by rpki-client