Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/h33vkaFv7W2bS2XS0nJ2q8Bcca8.roa
File: h33vkaFv7W2bS2XS0nJ2q8Bcca8.roa (raw, json)
Hash identifier: IMCadrX/OCrSB86E6mMh4005Sl2AM3ho60/cXQHhPVI=
Subject key identifier: 87:7D:EF:91:A1:6F:ED:6D:9B:4B:65:D2:D2:72:76:AB:C0:5C:71:AF
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01942369933EDE2F2F8B76427B886FBE98B4
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/h33vkaFv7W2bS2XS0nJ2q8Bcca8.roa
Signing time: Wed 01 Jan 2025 19:48:28 +0000
ROA not before: Wed 01 Jan 2025 19:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42123
IP address blocks: 89.41.136.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:93:3e:de:2f:2f:8b:76:42:7b:88:6f:be:98:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=877def91a16fed6d9b4b65d2d27276abc05c71af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9b:1e:71:ce:c3:c5:c3:36:28:3f:6c:f3:90:
2b:63:8d:99:d0:94:93:c4:bb:9a:af:db:13:30:e3:
ca:a5:8b:f2:e6:2d:5a:76:b9:4c:c1:4e:d4:49:59:
3f:8c:b6:8c:71:75:9d:f8:4b:ce:59:d3:ee:09:fa:
63:55:46:ab:4f:72:8f:72:81:88:c0:e6:a0:33:ee:
0c:bf:97:4b:37:ae:fc:fb:05:dd:1a:31:3f:02:78:
bc:2f:a1:c4:00:a7:c0:79:89:11:65:d4:d8:94:0d:
2b:39:6b:cc:2b:5f:c2:1b:76:18:ab:ee:b9:05:39:
e1:73:71:ec:90:d4:77:27:cd:89:7d:ce:aa:0a:a9:
53:72:7c:b5:12:ff:40:ef:9c:89:b4:f1:a9:41:4b:
be:53:02:70:b5:17:e1:43:0b:44:cc:bb:9b:22:86:
31:c7:de:2d:fb:ba:48:04:da:ff:f4:74:ff:e9:4f:
db:04:41:2e:9e:04:16:b5:9c:0a:3d:1a:cb:2f:2a:
7c:76:ab:aa:12:88:de:c6:d8:38:0f:42:9d:99:b5:
3e:0d:0d:73:75:a2:8d:3f:c7:83:08:c4:6e:fa:62:
4e:0c:75:e2:6a:c7:58:92:6f:9d:3b:73:e1:f8:61:
cc:ad:fd:41:23:4b:ca:71:59:bb:08:66:c3:5a:f5:
0a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7D:EF:91:A1:6F:ED:6D:9B:4B:65:D2:D2:72:76:AB:C0:5C:71:AF
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/h33vkaFv7W2bS2XS0nJ2q8Bcca8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.41.136.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:e4:3d:7a:b1:46:ba:f8:42:11:eb:a8:dd:28:74:39:25:bf:
1f:c6:e6:48:df:db:4a:47:fe:7f:ed:0e:a5:2e:7b:78:a4:40:
4b:c5:1f:0b:74:df:61:df:04:74:1c:2e:44:34:99:59:9a:f1:
e1:7a:db:fb:f7:84:b6:0f:16:32:42:45:82:58:a3:a6:15:d0:
02:21:8c:03:6f:3a:75:05:80:f1:22:51:6a:f7:84:6b:e6:25:
05:8d:fd:c2:9b:14:d9:e7:40:3e:f3:59:60:81:6c:bd:6a:5a:
29:58:73:a1:04:6e:75:cd:17:5b:80:e4:60:ee:b8:82:89:4c:
74:3d:89:eb:75:69:3d:d5:af:12:4c:5c:e3:b2:47:24:80:a2:
16:f6:1a:53:12:49:d3:69:36:d2:38:4e:31:ca:25:9c:6f:63:
25:3b:2c:bd:88:4f:16:6d:d3:02:8d:69:5d:90:13:d9:b3:34:
81:9e:ff:76:de:cd:e8:9d:bc:39:c2:4e:fe:00:eb:84:6a:1c:
9c:f5:55:bd:8e:91:7e:90:1e:58:75:54:f5:a4:d6:08:8b:8f:
b3:52:e4:1a:bb:ef:84:b8:5b:48:4d:02:85:78:05:50:fa:50:
cf:45:e1:c9:31:fc:22:6f:a5:3e:f8:e8:bb:a0:b3:00:1d:24:
b1:2c:5c:69
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjaZM+3i8vi3ZCe4hvvpi0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzdkZWY5MWExNmZlZDZkOWI0YjY1ZDJkMjcyNzZhYmMwNWM3MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZsecc7DxcM2KD9s85ArY42Z0JST
xLuar9sTMOPKpYvy5i1adrlMwU7USVk/jLaMcXWd+EvOWdPuCfpjVUarT3KPcoGI
wOagM+4Mv5dLN678+wXdGjE/Ani8L6HEAKfAeYkRZdTYlA0rOWvMK1/CG3YYq+65
BTnhc3HskNR3J82Jfc6qCqlTcny1Ev9A75yJtPGpQUu+UwJwtRfhQwtEzLubIoYx
x94t+7pIBNr/9HT/6U/bBEEungQWtZwKPRrLLyp8dquqEojextg4D0KdmbU+DQ1z
daKNP8eDCMRu+mJODHXiasdYkm+dO3Ph+GHMrf1BI0vKcVm7CGbDWvUKiwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFId975Ghb+1tm0tl0tJydqvAXHGvMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2gzM3ZrYUZ2N1cyYlMyWFMwbkoycThCY2NhOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFZKYgw
DQYJKoZIhvcNAQELBQADggEBAHvkPXqxRrr4QhHrqN0odDklvx/G5kjf20pH/n/t
DqUue3ikQEvFHwt032HfBHQcLkQ0mVma8eF62/v3hLYPFjJCRYJYo6YV0AIhjANv
OnUFgPEiUWr3hGvmJQWN/cKbFNnnQD7zWWCBbL1qWilYc6EEbnXNF1uA5GDuuIKJ
THQ9iet1aT3VrxJMXOOyRySAohb2GlMSSdNpNtI4TjHKJZxvYyU7LL2ITxZt0wKN
aV2QE9mzNIGe/3bezeidvDnCTv4A64RqHJz1Vb2OkX6QHlh1VPWk1giLj7NS5Bq7
74S4W0hNAoV4BVD6UM9F4ckx/CJvpT746LugswAdJLEsXGk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:51 2025 by rpki-client