Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/J1fhB-SDIE5ZbRW-ur6RIovD03o.roa
File: J1fhB-SDIE5ZbRW-ur6RIovD03o.roa (raw, json)
Hash identifier: Z/Nha17cV55BTOeUCEusqBgeIZdjR+b4jVP/iwisUgU=
Subject key identifier: 27:57:E1:07:E4:83:20:4E:59:6D:15:BE:BA:BE:91:22:8B:C3:D3:7A
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01942748448D6883F9578D32BD55904332C2
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/J1fhB-SDIE5ZbRW-ur6RIovD03o.roa
Signing time: Thu 02 Jan 2025 13:50:35 +0000
ROA not before: Thu 02 Jan 2025 13:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203704
IP address blocks: 89.190.152.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:44:8d:68:83:f9:57:8d:32:bd:55:90:43:32:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2757e107e483204e596d15bebabe91228bc3d37a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:26:ce:0e:72:77:c3:4a:d6:40:10:1d:46:90:
a1:db:90:40:9e:78:36:9d:07:40:2c:19:fa:f0:26:
14:6a:e2:b3:57:cb:a7:1d:a3:ea:65:ca:b0:97:68:
58:3c:46:02:10:eb:5e:b7:1e:de:04:2b:e2:d5:65:
96:2e:b1:71:f1:a6:d4:2b:fe:4c:dd:cd:ac:91:85:
19:20:49:e8:b8:ea:fa:62:1a:1c:77:40:c9:7f:3c:
d6:94:07:9d:92:e1:4d:2f:c6:ef:0b:c4:61:e7:82:
6a:e2:dc:b1:c9:0a:c7:e6:e9:c6:d5:fd:d6:58:7e:
4b:57:43:86:51:67:5c:cd:ce:36:53:bb:b4:e6:ca:
c1:ec:a0:cf:9a:09:7f:09:c9:99:05:57:bb:e4:8c:
a3:17:17:88:33:3c:65:dd:a5:68:77:a6:a6:52:2a:
a0:90:99:c2:bb:4c:a4:c7:c7:64:a8:82:ff:60:3d:
d4:e3:5d:79:0f:df:14:e7:63:cc:30:ed:79:71:8d:
7e:c4:77:d3:dd:0c:96:f6:98:52:c2:b7:2c:4e:3c:
84:2d:d7:41:5f:f5:0d:b2:5b:73:07:ad:6c:64:f4:
fe:24:f8:37:c0:f7:07:e8:f9:fd:d4:9e:4c:76:4b:
c5:d5:d5:2b:bc:3b:7c:2c:3e:f4:2b:00:2a:99:7d:
f6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:57:E1:07:E4:83:20:4E:59:6D:15:BE:BA:BE:91:22:8B:C3:D3:7A
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/J1fhB-SDIE5ZbRW-ur6RIovD03o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.152.0/22
Signature Algorithm: sha256WithRSAEncryption
10:df:71:83:f1:1e:09:03:24:7a:c8:dc:79:85:2f:c7:2e:d1:
3e:7e:3c:fe:e5:b0:f5:ca:29:8d:71:36:28:f7:e0:76:f6:5b:
8a:18:83:92:d8:40:53:9a:77:8f:b2:cb:df:98:5a:70:c0:ea:
cb:20:12:31:76:a4:82:43:4f:ee:e6:3c:b1:91:14:0f:03:38:
83:c2:b0:e7:c7:20:09:32:b1:5e:ac:56:7e:b6:28:c3:d0:1f:
d0:2e:3d:37:4a:47:e0:1d:7e:fc:ae:cb:a8:61:98:27:cd:b2:
9c:15:95:bd:75:68:be:c4:3b:e7:b0:54:f8:5f:02:ff:62:49:
41:3c:a1:6c:74:91:bd:fe:19:54:05:e8:04:ca:0b:d4:8a:7b:
19:dc:a6:32:cd:c2:5c:f3:da:dc:8b:ec:9d:b0:97:67:6a:34:
9e:c6:bd:13:51:48:3a:9f:0c:b8:39:c0:9b:0d:e3:df:d3:8a:
be:6e:79:a5:df:60:7d:f6:bb:a3:9f:8f:d0:06:36:b5:45:7a:
5a:44:eb:23:0c:84:f0:30:ca:82:95:2f:1e:62:61:8f:ed:53:
69:9c:f4:ef:96:9e:8a:b8:45:dc:ad:62:3e:0f:e2:32:f5:9d:
be:08:55:3b:ca:61:a6:5d:6c:f7:94:5e:32:91:be:1f:24:4c:
8c:81:f7:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSESNaIP5V40yvVWQQzLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzU3ZTEwN2U0ODMyMDRlNTk2ZDE1YmViYWJlOTEyMjhiYzNkMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CbODnJ3w0rWQBAdRpCh25BAnng2
nQdALBn68CYUauKzV8unHaPqZcqwl2hYPEYCEOtetx7eBCvi1WWWLrFx8abUK/5M
3c2skYUZIEnouOr6Yhocd0DJfzzWlAedkuFNL8bvC8Rh54Jq4tyxyQrH5unG1f3W
WH5LV0OGUWdczc42U7u05srB7KDPmgl/CcmZBVe75IyjFxeIMzxl3aVod6amUiqg
kJnCu0ykx8dkqIL/YD3U4115D98U52PMMO15cY1+xHfT3QyW9phSwrcsTjyELddB
X/UNsltzB61sZPT+JPg3wPcH6Pn91J5MdkvF1dUrvDt8LD70KwAqmX32jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCdX4QfkgyBOWW0Vvrq+kSKLw9N6MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvSjFmaEItU0RJRTVaYlJXLXVyNlJJb3ZEMDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWb6YMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ33GD8R4JAyR6yNx5hS/HLtE+fjz+5bD1yimNcTYo
9+B29luKGIOS2EBTmnePssvfmFpwwOrLIBIxdqSCQ0/u5jyxkRQPAziDwrDnxyAJ
MrFerFZ+tijD0B/QLj03SkfgHX78rsuoYZgnzbKcFZW9dWi+xDvnsFT4XwL/YklB
PKFsdJG9/hlUBegEygvUinsZ3KYyzcJc89rci+ydsJdnajSexr0TUUg6nwy4OcCb
DePf04q+bnml32B99rujn4/QBja1RXpaROsjDITwMMqClS8eYmGP7VNpnPTvlp6K
uEXcrWI+D+Iy9Z2+CFU7ymGmXWz3lF4ykb4fJEyMgffn
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:27:01 2025 by rpki-client