Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/kNRJSmGTwbKKFJXhwCDYFb25B30.roa
File: kNRJSmGTwbKKFJXhwCDYFb25B30.roa (raw, json)
Hash identifier: Vrpax1KqsDn72oOeP7kDez29dVO5riT3CsWQTVWiNbo=
Subject key identifier: 90:D4:49:4A:61:93:C1:B2:8A:14:95:E1:C0:20:D8:15:BD:B9:07:7D
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018CC9BCA56FF2FAF88B42B02D92FA85D5CC
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/kNRJSmGTwbKKFJXhwCDYFb25B30.roa
Signing time: Tue 02 Jan 2024 10:33:52 +0000
ROA not before: Tue 02 Jan 2024 10:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 89.117.240.0/24 maxlen: 24
89.117.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a5:6f:f2:fa:f8:8b:42:b0:2d:92:fa:85:d5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 10:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90d4494a6193c1b28a1495e1c020d815bdb9077d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:dd:82:b2:54:b7:8c:99:5f:90:cf:e2:c7:ef:
d7:21:36:c9:ca:33:fc:50:2c:f7:cc:ef:73:d3:62:
77:4b:ed:2d:de:66:7d:8c:5f:14:b8:f4:cd:e3:28:
26:4e:7e:92:4a:c4:43:6d:a8:75:91:79:71:68:af:
09:51:1c:e4:fb:a4:84:61:15:51:17:3b:9e:fd:b0:
d8:99:f8:5d:0f:24:f5:37:20:ca:7d:77:f6:40:5b:
10:31:7c:9a:b1:ba:dd:ec:c5:d9:c1:f0:6a:a8:51:
70:37:ce:33:eb:80:5e:1a:17:90:6d:f6:10:19:43:
dd:e2:03:84:f1:07:a2:0b:31:64:12:e7:dd:2d:d9:
20:0c:5d:58:a6:eb:6a:69:c2:ef:a4:a5:5c:c8:01:
ec:aa:9f:48:49:e3:54:ff:bd:9e:24:7c:60:be:1c:
6f:aa:6d:1a:9e:97:61:d9:e6:91:8a:ce:06:07:83:
e6:90:71:bf:a1:1a:9f:60:38:83:71:ec:b5:07:f8:
e8:ed:af:36:d0:b4:1c:ae:4a:6a:04:39:e9:ff:2f:
f6:74:0e:7d:61:a9:1b:22:2d:34:e6:a0:e1:ac:fd:
6e:a6:1b:c3:5e:67:5f:cd:49:91:d2:cb:07:b8:81:
75:52:7e:b6:f3:24:33:ee:d3:c0:62:7d:06:50:c0:
d9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:D4:49:4A:61:93:C1:B2:8A:14:95:E1:C0:20:D8:15:BD:B9:07:7D
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/kNRJSmGTwbKKFJXhwCDYFb25B30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.117.240.0/24
89.117.242.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:22:bb:d2:1f:50:3f:19:38:87:64:9f:50:00:db:87:31:c9:
23:69:14:69:b4:1d:a8:fb:3a:44:6a:67:b4:2c:99:9a:8c:4c:
2e:6d:3f:2f:31:35:a8:a3:88:36:c2:d3:5e:cf:e8:5a:e3:c0:
63:9f:d1:7c:1c:5e:ab:d4:b1:95:b9:2a:23:0b:92:f1:46:32:
79:97:e4:a9:3a:a7:e7:47:81:ab:fd:76:7d:aa:d5:45:03:80:
03:38:31:96:4c:a3:7f:91:25:e7:66:f7:26:64:0a:9f:a6:99:
3d:f4:c5:ce:92:ed:f3:77:e2:b2:58:3f:75:0d:03:9f:11:b3:
74:19:79:0f:99:41:34:06:00:3c:ba:52:e1:ed:2b:75:88:07:
a3:d8:35:80:23:60:be:df:2e:0f:0c:11:4b:ce:ef:67:db:26:
51:cc:f3:0c:b6:bd:e8:96:76:d5:3b:04:66:5e:47:35:b5:01:
0a:40:71:1c:00:bb:b4:d3:84:b3:f7:b2:0a:b5:be:a1:74:85:
06:9b:40:6c:ad:cd:9c:97:0f:c6:11:92:ac:1c:6a:5e:d4:fb:
6e:6d:05:a7:e8:e2:a3:09:2a:86:56:2b:f3:b8:73:85:88:a9:
93:0c:04:e3:5b:0c:42:17:c3:db:01:22:1a:c8:ca:d5:ac:04:
2f:51:bb:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvKVv8vr4i0KwLZL6hdXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwMTAyMTAzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGQ0NDk0YTYxOTNjMWIyOGExNDk1ZTFjMDIwZDgxNWJkYjkwNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkt2CslS3jJlfkM/ix+/XITbJyjP8
UCz3zO9z02J3S+0t3mZ9jF8UuPTN4ygmTn6SSsRDbah1kXlxaK8JURzk+6SEYRVR
Fzue/bDYmfhdDyT1NyDKfXf2QFsQMXyasbrd7MXZwfBqqFFwN84z64BeGheQbfYQ
GUPd4gOE8QeiCzFkEufdLdkgDF1YputqacLvpKVcyAHsqp9ISeNU/72eJHxgvhxv
qm0anpdh2eaRis4GB4PmkHG/oRqfYDiDcey1B/jo7a820LQcrkpqBDnp/y/2dA59
YakbIi005qDhrP1uphvDXmdfzUmR0ssHuIF1Un628yQz7tPAYn0GUMDZTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJDUSUphk8GyihSV4cAg2BW9uQd9MB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEva05SSlNtR1R3YktLRkpYaHdDRFlGYjI1QjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWXXwAwQA
WXXyMA0GCSqGSIb3DQEBCwUAA4IBAQCgIrvSH1A/GTiHZJ9QANuHMckjaRRptB2o
+zpEame0LJmajEwubT8vMTWoo4g2wtNez+ha48Bjn9F8HF6r1LGVuSojC5LxRjJ5
l+SpOqfnR4Gr/XZ9qtVFA4ADODGWTKN/kSXnZvcmZAqfppk99MXOku3zd+KyWD91
DQOfEbN0GXkPmUE0BgA8ulLh7St1iAej2DWAI2C+3y4PDBFLzu9n2yZRzPMMtr3o
lnbVOwRmXkc1tQEKQHEcALu004Sz97IKtb6hdIUGm0Bsrc2clw/GEZKsHGpe1Ptu
bQWn6OKjCSqGVivzuHOFiKmTDATjWwxCF8PbASIayMrVrAQvUbsy
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:55 2025 by rpki-client