Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/85f3ec-06b9-440a-8baf-34dcd749a6cb/1/3Ya1y7vsC1Gb-NT5OCOux8TdJeY.roa
File: 3Ya1y7vsC1Gb-NT5OCOux8TdJeY.roa (raw, json)
Hash identifier: ZvotkU4jJW8kdKQ9QSUnstXcV1pPDh1BEJa6UNGXKAc=
Subject key identifier: DD:86:B5:CB:BB:EC:0B:51:9B:F8:D4:F9:38:23:AE:C7:C4:DD:25:E6
Certificate issuer: /CN=056da9ca949c0b0964f66c9683ab2bb54111be17
Certificate serial: 0994FF28
Authority key identifier: 05:6D:A9:CA:94:9C:0B:09:64:F6:6C:96:83:AB:2B:B5:41:11:BE:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BW2pypScCwlk9myWg6srtUERvhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/85f3ec-06b9-440a-8baf-34dcd749a6cb/1/3Ya1y7vsC1Gb-NT5OCOux8TdJeY.roa
Signing time: Sat 01 Jan 2022 01:55:43 +0000
ROA not before: Sat 01 Jan 2022 01:55:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57704
IP address blocks: 152.89.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160759592 (0x994ff28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056da9ca949c0b0964f66c9683ab2bb54111be17
Validity
Not Before: Jan 1 01:55:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd86b5cbbbec0b519bf8d4f93823aec7c4dd25e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2b:22:e8:a9:3d:7a:8b:c9:0c:42:ea:69:3c:
bf:a4:5e:bd:f9:cd:75:5c:26:b2:39:da:a3:c8:ee:
06:e8:89:57:fa:e0:b6:6e:97:af:3e:15:8a:0b:b6:
f6:ac:2d:32:b6:9c:30:8d:71:7b:ac:bb:81:ce:15:
40:29:1b:76:67:d7:22:39:69:68:a2:20:61:67:fa:
5b:a7:15:27:3c:a3:ad:8b:6c:f6:c3:06:48:f9:4a:
e2:74:50:bb:c0:b7:ef:7a:89:d7:f5:e5:0b:95:6f:
46:1b:ef:a7:97:3b:fd:19:1a:db:05:c7:e4:19:26:
0b:f4:f9:7f:8c:05:08:24:20:41:34:1a:7d:7e:5e:
d4:03:a3:2c:f3:b3:39:e4:60:ef:f5:5a:45:ed:1d:
6c:4c:d6:5f:fb:f6:c4:7c:28:66:aa:fd:b5:17:80:
72:d2:ed:ed:fb:81:0a:b7:1f:9f:b7:b2:b7:01:37:
07:81:9e:b5:8c:93:64:33:52:cf:3f:19:1e:f5:68:
ae:ff:61:84:dc:28:41:0b:6c:f8:b5:84:fa:66:67:
6d:88:cf:d1:19:a3:d1:dd:0d:2b:39:63:61:ef:9f:
3d:75:1d:d5:15:d7:a2:c6:43:cc:ba:84:4a:4c:7b:
ab:47:f2:68:91:3f:01:e0:df:a9:53:7a:88:01:29:
77:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:86:B5:CB:BB:EC:0B:51:9B:F8:D4:F9:38:23:AE:C7:C4:DD:25:E6
X509v3 Authority Key Identifier:
keyid:05:6D:A9:CA:94:9C:0B:09:64:F6:6C:96:83:AB:2B:B5:41:11:BE:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BW2pypScCwlk9myWg6srtUERvhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85f3ec-06b9-440a-8baf-34dcd749a6cb/1/3Ya1y7vsC1Gb-NT5OCOux8TdJeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/85f3ec-06b9-440a-8baf-34dcd749a6cb/1/BW2pypScCwlk9myWg6srtUERvhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.40.0/22
Signature Algorithm: sha256WithRSAEncryption
62:f5:3b:7c:52:a1:d7:69:8e:31:b7:a3:ff:7e:6c:3d:26:ce:
09:79:3e:f5:f3:ec:a8:d8:ce:37:a0:5d:8f:91:82:04:2c:d4:
00:75:5f:72:38:82:8a:45:0c:c1:4f:14:da:02:e2:55:42:42:
8b:58:6b:55:4c:7e:f5:f7:19:89:77:e8:e5:15:cf:98:d8:59:
ab:a1:49:4d:c9:89:2d:a2:d4:aa:c1:d7:e7:6a:ff:85:e4:90:
c8:09:51:49:0e:82:b6:a5:c8:e3:e4:87:12:20:1b:cc:2d:1d:
f1:70:0b:24:af:84:d4:26:a4:a8:9f:1e:21:a3:51:2c:8d:88:
8a:e0:72:ba:f2:cf:47:4c:92:cb:4a:f8:e1:9a:da:9f:6e:57:
5c:38:ef:11:ae:f6:bf:22:a1:6e:39:bb:cb:df:18:19:77:69:
de:83:87:51:45:4a:82:53:f0:5a:aa:80:27:62:f7:5e:6e:60:
4f:ca:3c:f7:3d:14:b2:e6:be:30:34:87:01:9f:9b:80:c9:f5:
78:f9:bc:4e:5d:47:16:52:b1:e6:87:ab:32:7f:d4:b9:d5:fd:
12:75:2e:8e:86:65:f1:fa:a4:dd:f3:18:36:d1:99:c0:c7:f0:
af:77:46:4a:72:7e:21:91:b8:54:8f:42:d0:52:7d:24:0b:3f:
78:4e:4c:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECZT/KDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTZkYTljYTk0OWMwYjA5NjRmNjZjOTY4M2FiMmJiNTQxMTFiZTE3MB4XDTIyMDEw
MTAxNTU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ4NmI1Y2JiYmVj
MGI1MTliZjhkNGY5MzgyM2FlYzdjNGRkMjVlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYrIuipPXqLyQxC6mk8v6RevfnNdVwmsjnao8juBuiJV/rg
tm6Xrz4Vigu29qwtMracMI1xe6y7gc4VQCkbdmfXIjlpaKIgYWf6W6cVJzyjrYts
9sMGSPlK4nRQu8C373qJ1/XlC5VvRhvvp5c7/Rka2wXH5BkmC/T5f4wFCCQgQTQa
fX5e1AOjLPOzOeRg7/VaRe0dbEzWX/v2xHwoZqr9tReActLt7fuBCrcfn7eytwE3
B4GetYyTZDNSzz8ZHvVorv9hhNwoQQts+LWE+mZnbYjP0Rmj0d0NKzljYe+fPXUd
1RXXosZDzLqESkx7q0fyaJE/AeDfqVN6iAEpd+UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTdhrXLu+wLUZv41Pk4I67HxN0l5jAfBgNVHSMEGDAWgBQFbanKlJwLCWT2
bJaDqyu1QRG+FzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JXMnB5cFNjQ3dsazlteVdnNnNydFVFUnZoYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvODVmM2VjLTA2YjktNDQwYS04YmFmLTM0ZGNkNzQ5YTZjYi8x
LzNZYTF5N3ZzQzFHYi1OVDVPQ091eDhUZEplWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
ODVmM2VjLTA2YjktNDQwYS04YmFmLTM0ZGNkNzQ5YTZjYi8xL0JXMnB5cFNjQ3ds
azlteVdnNnNydFVFUnZoYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAphZKDANBgkqhkiG9w0BAQsFAAOC
AQEAYvU7fFKh12mOMbej/35sPSbOCXk+9fPsqNjON6Bdj5GCBCzUAHVfcjiCikUM
wU8U2gLiVUJCi1hrVUx+9fcZiXfo5RXPmNhZq6FJTcmJLaLUqsHX52r/heSQyAlR
SQ6CtqXI4+SHEiAbzC0d8XALJK+E1CakqJ8eIaNRLI2IiuByuvLPR0ySy0r44Zra
n25XXDjvEa72vyKhbjm7y98YGXdp3oOHUUVKglPwWqqAJ2L3Xm5gT8o89z0Usua+
MDSHAZ+bgMn1ePm8Tl1HFlKx5oerMn/UudX9EnUujoZl8fqk3fMYNtGZwMfwr3dG
SnJ+IZG4VI9C0FJ9JAs/eE5M2w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:41 2025 by rpki-client