Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/11JeJRGNnCdmZMJyWRgFZrYOQ_E.roa
File: 11JeJRGNnCdmZMJyWRgFZrYOQ_E.roa (raw, json)
Hash identifier: 9djMm5p9gvr4fTQke+EuWlE9oo52rmS+BRznJRG5QNQ=
Subject key identifier: D7:52:5E:25:11:8D:9C:27:66:64:C2:72:59:18:05:66:B6:0E:43:F1
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 018CC2DAEC391F438C63A54636D0C19F166C
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/11JeJRGNnCdmZMJyWRgFZrYOQ_E.roa
Signing time: Mon 01 Jan 2024 02:29:36 +0000
ROA not before: Mon 01 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44070
IP address blocks: 89.31.8.0/21 maxlen: 21
78.41.8.0/21 maxlen: 21
2a10:c540::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ec:39:1f:43:8c:63:a5:46:36:d0:c1:9f:16:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 1 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7525e25118d9c276664c27259180566b60e43f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:68:55:c9:1e:81:80:6c:c6:d6:58:d3:f0:89:
ec:08:ce:5f:3d:10:55:02:bf:2d:38:8b:fe:26:2c:
f9:0e:84:ae:f6:78:ff:22:ce:5f:f3:eb:98:6b:f5:
8b:44:4c:0c:b0:d9:b5:54:13:51:c6:a6:29:73:7b:
d3:e2:d4:97:04:cc:0a:2e:4e:3c:09:12:d8:12:77:
3e:b6:69:2f:bb:6c:d6:89:c7:b6:50:73:79:f6:1e:
1d:ae:4c:f3:93:76:fd:ad:b3:d9:24:7c:c4:6f:b6:
0a:d5:b8:e5:a8:85:d4:cd:07:c1:e4:ce:4d:be:6c:
da:5d:96:cb:4b:98:f9:67:2c:2f:bb:28:a8:ad:57:
95:d1:cc:5d:90:bc:d3:a6:9c:65:7d:08:04:ad:ba:
6c:d6:d9:0a:eb:d7:aa:73:88:df:3e:d8:27:d2:03:
a0:b2:43:f0:cd:de:98:4c:8c:6d:32:c5:b9:c9:cc:
f5:bc:51:33:5a:a6:c5:c6:4a:0d:0a:12:24:e7:6e:
6a:f1:b5:b4:b8:e0:1b:bc:63:57:67:79:40:c1:8f:
2a:d1:ec:b4:46:7f:b2:0f:90:ae:35:6a:0c:7d:dd:
07:a6:96:bb:81:de:24:6e:55:7c:34:34:f4:5e:36:
22:0a:87:05:b5:2b:29:74:db:91:6a:7f:8f:12:fa:
e6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:52:5E:25:11:8D:9C:27:66:64:C2:72:59:18:05:66:B6:0E:43:F1
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/11JeJRGNnCdmZMJyWRgFZrYOQ_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.8.0/21
89.31.8.0/21
IPv6:
2a10:c540::/29
Signature Algorithm: sha256WithRSAEncryption
97:1d:ff:eb:1e:a8:24:2c:19:d2:be:d8:8d:0e:e6:90:45:52:
e2:b3:c1:a7:c5:59:a1:88:bf:d5:85:37:15:eb:c9:dc:c0:aa:
65:cf:33:da:7c:6e:5f:b1:92:33:0d:e9:18:cb:40:3b:4f:4b:
67:fe:dc:4b:a9:f9:73:eb:d2:69:c1:a5:eb:80:1a:db:ac:a5:
a5:2c:7d:98:26:56:e3:6a:aa:de:88:22:dc:af:4c:5d:75:f8:
01:62:1e:1e:19:85:5d:86:dd:c8:b1:e8:77:84:e5:cc:b7:f7:
ea:40:62:a4:71:b0:b4:83:a0:36:6d:44:dc:d9:78:82:19:68:
24:4f:c2:0a:46:82:5a:56:e6:01:71:d0:3f:49:02:68:e0:50:
bd:df:fb:af:a5:82:62:73:d0:96:5b:05:2c:7d:26:df:0b:62:
74:fa:a8:0e:e0:15:da:b9:e0:0e:d1:c7:fc:75:71:7b:76:3e:
7b:d2:5b:91:55:8c:69:14:bb:76:c1:0f:59:ab:af:d0:3b:88:
1a:3a:53:59:f7:c0:a3:fc:75:b7:fa:89:e7:45:64:03:3a:e9:
d5:22:07:5a:76:8d:82:13:f0:47:ec:21:f3:b7:75:e5:30:9c:
1c:3b:8b:d4:26:62:e6:64:c9:ad:78:95:e0:d4:03:16:30:6a:
f9:4b:0a:4f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2uw5H0OMY6VGNtDBnxZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjQwMTAxMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzUyNWUyNTExOGQ5YzI3NjY2NGMyNzI1OTE4MDU2NmI2MGU0M2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmhVyR6BgGzG1ljT8InsCM5fPRBV
Ar8tOIv+Jiz5DoSu9nj/Is5f8+uYa/WLREwMsNm1VBNRxqYpc3vT4tSXBMwKLk48
CRLYEnc+tmkvu2zWice2UHN59h4drkzzk3b9rbPZJHzEb7YK1bjlqIXUzQfB5M5N
vmzaXZbLS5j5ZywvuyiorVeV0cxdkLzTppxlfQgErbps1tkK69eqc4jfPtgn0gOg
skPwzd6YTIxtMsW5ycz1vFEzWqbFxkoNChIk525q8bW0uOAbvGNXZ3lAwY8q0ey0
Rn+yD5CuNWoMfd0Hppa7gd4kblV8NDT0XjYiCocFtSspdNuRan+PEvrmdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNdSXiURjZwnZmTCclkYBWa2DkPxMB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvMTFKZUpSR05uQ2RtWk1KeVdSZ0ZacllPUV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUtZjBjMjFmODE4NmYw
LzEvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTikIAwQD
WR8IMA0EAgACMAcDBQMqEMVAMA0GCSqGSIb3DQEBCwUAA4IBAQCXHf/rHqgkLBnS
vtiNDuaQRVLis8GnxVmhiL/VhTcV68ncwKplzzPafG5fsZIzDekYy0A7T0tn/txL
qflz69JpwaXrgBrbrKWlLH2YJlbjaqreiCLcr0xddfgBYh4eGYVdht3Iseh3hOXM
t/fqQGKkcbC0g6A2bUTc2XiCGWgkT8IKRoJaVuYBcdA/SQJo4FC93/uvpYJic9CW
WwUsfSbfC2J0+qgO4BXaueAO0cf8dXF7dj570luRVYxpFLt2wQ9Zq6/QO4gaOlNZ
98Cj/HW3+onnRWQDOunVIgdado2CE/BH7CHzt3XlMJwcO4vUJmLmZMmteJXg1AMW
MGr5SwpP
-----END CERTIFICATE-----
Generated at Thu Jun 20 19:28:48 2024 by rpki-client on console-fra.rpki-client.org