Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/sijNlEKoLVRaAa8-60P0ekJyr0s.roa
File: sijNlEKoLVRaAa8-60P0ekJyr0s.roa (raw, json)
Hash identifier: n3FBPZWk92+DfaUsMqReII1srRKdearKRLVHf1BqXhc=
Subject key identifier: B2:28:CD:94:42:A8:2D:54:5A:01:AF:3E:EB:43:F4:7A:42:72:AF:4B
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018CC94E2F8F555633047B212E816CB54968
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/sijNlEKoLVRaAa8-60P0ekJyr0s.roa
Signing time: Tue 02 Jan 2024 08:33:13 +0000
ROA not before: Tue 02 Jan 2024 08:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20776
IP address blocks: 212.198.242.0/23 maxlen: 24
212.198.254.0/23 maxlen: 24
89.157.88.0/21 maxlen: 24
89.157.96.0/19 maxlen: 24
89.3.240.0/21 maxlen: 21
89.3.248.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:2f:8f:55:56:33:04:7b:21:2e:81:6c:b5:49:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 08:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b228cd9442a82d545a01af3eeb43f47a4272af4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7b:cf:4d:14:0a:65:ac:23:a9:f7:49:8e:15:
b8:9c:ec:0f:0a:f6:ae:d9:f7:12:ae:d7:81:f8:97:
5e:99:77:31:7c:0a:97:4c:51:fb:47:dc:61:13:24:
c7:88:d0:0d:cd:10:b3:a4:ef:f7:ea:a5:b1:bf:56:
a4:e7:1c:ac:ad:96:7e:f3:a7:fa:6e:9a:5d:ff:95:
3b:4e:44:1e:0f:b7:e4:44:8c:38:ca:d9:e3:2f:04:
2c:52:2c:79:f8:0d:55:59:bd:26:cb:26:de:ec:a4:
33:35:fb:f1:8c:3a:52:cb:0f:83:d0:9b:fa:33:16:
4d:f3:4a:b5:95:a8:02:ae:4b:76:60:63:87:09:db:
2d:b3:e9:9e:40:96:27:be:41:74:d0:22:b2:f9:10:
09:bf:94:17:97:b0:75:53:88:a9:e8:53:81:cb:16:
20:c3:f5:3b:4f:61:77:fa:4f:b9:c2:9e:75:b7:18:
e9:8e:bd:b4:21:b9:db:b1:d1:13:eb:4b:80:0e:b3:
a8:90:aa:bb:06:db:34:06:76:95:a9:ef:6f:e5:dd:
9c:78:ce:4b:82:3e:05:46:c5:7c:82:30:46:43:08:
7f:b3:2a:7d:33:86:5c:1c:f0:04:92:22:d9:f3:b6:
4d:39:28:be:1a:35:42:c2:3d:12:10:57:e2:3b:4a:
4f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:28:CD:94:42:A8:2D:54:5A:01:AF:3E:EB:43:F4:7A:42:72:AF:4B
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/sijNlEKoLVRaAa8-60P0ekJyr0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.3.240.0/20
89.157.88.0-89.157.127.255
212.198.242.0/23
212.198.254.0/23
Signature Algorithm: sha256WithRSAEncryption
91:a1:d0:7d:79:3f:0a:e8:5a:24:f0:5b:56:a0:67:09:76:ec:
5c:76:87:ea:73:51:49:b0:d2:46:ec:e7:1c:46:98:b6:e9:53:
4e:4b:b4:ec:63:ec:86:97:2a:cf:d7:26:17:e0:a1:43:cc:17:
5c:59:63:1a:b8:4a:f0:94:86:d6:b0:3b:52:ff:65:dd:86:b4:
b2:c2:63:f4:ee:f0:63:2a:42:7e:42:97:66:cd:55:9c:22:b7:
aa:f7:6a:27:dc:33:d3:cb:12:eb:2e:63:89:33:b5:79:fd:12:
f9:d8:5b:4a:82:d8:6a:8c:39:87:fb:82:0b:a8:8b:e6:db:b8:
08:05:3f:cd:dd:42:37:47:f4:7a:10:62:49:c5:50:1c:00:6b:
dc:62:55:7b:45:54:7c:38:b3:3a:54:4f:3c:ef:b2:e4:af:ec:
d5:4f:73:3c:0a:1e:3f:7d:a6:c1:fc:44:8b:b0:7d:62:f9:b5:
70:43:08:78:94:3d:d3:f7:4a:64:3e:c5:e2:d6:ae:f3:35:61:
ff:24:87:0d:97:73:0b:2c:33:fd:64:e8:2f:64:92:9e:67:38:
65:f0:e3:7f:f7:e3:17:7c:ca:29:13:77:87:41:65:33:c9:69:
55:4b:18:3c:88:35:82:38:e6:8b:88:49:51:10:8a:8d:98:ed:
f2:bd:87:b6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzJTi+PVVYzBHshLoFstUloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjI4Y2Q5NDQyYTgyZDU0NWEwMWFmM2VlYjQzZjQ3YTQyNzJhZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXvPTRQKZawjqfdJjhW4nOwPCvau
2fcSrteB+JdemXcxfAqXTFH7R9xhEyTHiNANzRCzpO/36qWxv1ak5xysrZZ+86f6
bppd/5U7TkQeD7fkRIw4ytnjLwQsUix5+A1VWb0myybe7KQzNfvxjDpSyw+D0Jv6
MxZN80q1lagCrkt2YGOHCdsts+meQJYnvkF00CKy+RAJv5QXl7B1U4ip6FOByxYg
w/U7T2F3+k+5wp51txjpjr20IbnbsdET60uADrOokKq7Bts0BnaVqe9v5d2ceM5L
gj4FRsV8gjBGQwh/syp9M4ZcHPAEkiLZ87ZNOSi+GjVCwj0SEFfiO0pPIQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLIozZRCqC1UWgGvPutD9HpCcq9LMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvc2lqTmxFS29MVlJhQWE4LTYwUDBla0p5cjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEWQPwMAwD
BANZnVgDBAdZnQADBAHUxvIDBAHUxv4wDQYJKoZIhvcNAQELBQADggEBAJGh0H15
PwroWiTwW1agZwl27Fx2h+pzUUmw0kbs5xxGmLbpU05LtOxj7IaXKs/XJhfgoUPM
F1xZYxq4SvCUhtawO1L/Zd2GtLLCY/Tu8GMqQn5Cl2bNVZwit6r3aifcM9PLEusu
Y4kztXn9EvnYW0qC2GqMOYf7gguoi+bbuAgFP83dQjdH9HoQYknFUBwAa9xiVXtF
VHw4szpUTzzvsuSv7NVPczwKHj99psH8RIuwfWL5tXBDCHiUPdP3SmQ+xeLWrvM1
Yf8khw2XcwssM/1k6C9kkp5nOGXw43/34xd8yikTd4dBZTPJaVVLGDyINYI45ouI
SVEQio2Y7fK9h7Y=
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:00:19 2025 by rpki-client