Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/A9Icp-ZRfKifCkfnPk9yjey5XkY.roa
File: A9Icp-ZRfKifCkfnPk9yjey5XkY.roa (raw, json)
Hash identifier: +Ce0sJNrKo5IK0lasgCJfOGHYGoNR3VzLuRRSsP1/NA=
Subject key identifier: 03:D2:1C:A7:E6:51:7C:A8:9F:0A:47:E7:3E:4F:72:8D:EC:B9:5E:46
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 0187E1008EC31C09ABD461BFB348B9E4F28E
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/A9Icp-ZRfKifCkfnPk9yjey5XkY.roa
Signing time: Wed 03 May 2023 09:45:22 +0000
ROA not before: Wed 03 May 2023 09:45:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133499
IP address blocks: 89.184.208.0/20 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:00:8e:c3:1c:09:ab:d4:61:bf:b3:48:b9:e4:f2:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: May 3 09:45:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03d21ca7e6517ca89f0a47e73e4f728decb95e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9d:cc:21:2d:34:4a:54:c4:49:4b:23:74:bd:
d7:b3:90:40:2f:8b:6a:ef:2a:5a:cc:4b:fb:d9:2d:
9f:21:1b:1b:19:09:a7:8a:e3:5c:87:df:a0:6f:ac:
d4:5b:cc:d4:b2:da:3d:4c:23:d5:90:df:e0:9d:28:
22:f2:7e:bd:70:40:ab:0f:86:06:a8:b7:d2:93:f2:
eb:2f:52:aa:ef:ad:5f:ac:58:cc:96:3b:8e:94:49:
08:05:85:84:4f:d9:6f:88:61:0c:8f:88:8a:16:70:
f9:01:07:38:c4:13:a9:98:03:f3:ab:a0:a0:5b:94:
78:13:e4:6d:ff:0c:69:32:9d:b1:fe:f1:25:19:3c:
12:11:bc:ac:31:4f:9e:76:c6:ce:fe:5e:87:d8:89:
97:d6:34:cd:1c:b8:31:d9:dd:e7:14:1b:9e:0a:c5:
a5:ce:07:7c:68:5f:65:39:16:02:66:4b:fa:ea:57:
c2:a0:e4:b7:c7:5e:ab:1d:1a:f2:6e:cb:ad:17:e5:
fc:1b:e1:db:39:93:5f:7e:c3:16:9c:90:45:db:49:
c3:a0:6e:fe:0e:84:6c:c8:a9:5a:f6:62:c8:0b:7e:
58:4e:6c:ce:99:64:9f:7e:29:ed:ea:b8:e4:00:3e:
d1:74:b2:f1:c4:fd:99:5b:31:7b:46:26:42:ab:50:
e0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D2:1C:A7:E6:51:7C:A8:9F:0A:47:E7:3E:4F:72:8D:EC:B9:5E:46
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/A9Icp-ZRfKifCkfnPk9yjey5XkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.184.208.0/20
Signature Algorithm: sha256WithRSAEncryption
76:da:34:07:02:13:64:7e:ff:71:f7:d6:1a:5a:be:68:0a:a5:
e5:54:75:6c:a4:2b:ac:09:ff:f8:f0:c1:f1:a5:4b:c1:30:6d:
6b:5b:58:b1:e4:60:e6:84:4f:ff:6a:7d:27:27:58:0a:0a:27:
7c:42:4a:57:57:8a:99:64:5a:a3:cc:02:cd:5c:c3:bd:00:98:
da:cf:78:ba:2a:65:01:a3:93:42:3a:a4:ac:e9:12:d6:f3:fa:
72:22:eb:ba:39:7a:07:90:61:dd:93:60:ca:2e:6a:b9:03:47:
a5:fc:16:e7:bf:56:28:b1:88:81:58:58:da:ca:be:54:02:f6:
5f:c6:da:23:7d:d4:5d:4d:17:d9:59:b6:fb:fb:66:13:24:dc:
49:2c:f0:de:95:29:c6:32:b1:cd:20:4d:1b:04:4d:03:d0:75:
24:44:d1:19:05:cc:7a:dc:ea:db:a2:1f:bb:10:2c:d0:7f:82:
21:dd:ce:4d:d5:fb:02:90:6a:1f:09:23:c1:61:b5:6f:9d:83:
1a:d3:36:b8:5a:4b:56:d9:3e:70:33:f6:49:1f:c0:f4:72:e8:
6e:e2:e1:01:46:bd:45:52:1f:dc:c7:08:0b:49:ab:04:ce:66:
dc:29:5d:74:26:20:38:f1:94:70:f2:b8:e0:2d:31:c9:6a:1b:
e8:c6:9d:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfhAI7DHAmr1GG/s0i55PKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjMwNTAzMDk0NTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2QyMWNhN2U2NTE3Y2E4OWYwYTQ3ZTczZTRmNzI4ZGVjYjk1ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw53MIS00SlTESUsjdL3Xs5BAL4tq
7ypazEv72S2fIRsbGQmniuNch9+gb6zUW8zUsto9TCPVkN/gnSgi8n69cECrD4YG
qLfSk/LrL1Kq761frFjMljuOlEkIBYWET9lviGEMj4iKFnD5AQc4xBOpmAPzq6Cg
W5R4E+Rt/wxpMp2x/vElGTwSEbysMU+edsbO/l6H2ImX1jTNHLgx2d3nFBueCsWl
zgd8aF9lORYCZkv66lfCoOS3x16rHRrybsutF+X8G+HbOZNffsMWnJBF20nDoG7+
DoRsyKla9mLIC35YTmzOmWSffint6rjkAD7RdLLxxP2ZWzF7RiZCq1DgBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAPSHKfmUXyonwpH5z5Pco3suV5GMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvQTlJY3AtWlJmS2lmQ2tmblBrOXlqZXk1WGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWbjQMA0G
CSqGSIb3DQEBCwUAA4IBAQB22jQHAhNkfv9x99YaWr5oCqXlVHVspCusCf/48MHx
pUvBMG1rW1ix5GDmhE//an0nJ1gKCid8QkpXV4qZZFqjzALNXMO9AJjaz3i6KmUB
o5NCOqSs6RLW8/pyIuu6OXoHkGHdk2DKLmq5A0el/Bbnv1YosYiBWFjayr5UAvZf
xtojfdRdTRfZWbb7+2YTJNxJLPDelSnGMrHNIE0bBE0D0HUkRNEZBcx63Orboh+7
ECzQf4Ih3c5N1fsCkGofCSPBYbVvnYMa0za4WktW2T5wM/ZJH8D0cuhu4uEBRr1F
Uh/cxwgLSasEzmbcKV10JiA48ZRw8rjgLTHJahvoxp3o
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:08 2025 by rpki-client