Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/i7DbNQ1Kxw_Bu2fl0ieTE1U3feY.roa
File: i7DbNQ1Kxw_Bu2fl0ieTE1U3feY.roa (raw, json)
Hash identifier: jtGSPmt1+JlibP3f+mQRFF19IpBxS2jsqx5EU2nJ5E4=
Subject key identifier: 8B:B0:DB:35:0D:4A:C7:0F:C1:BB:67:E5:D2:27:93:13:55:37:7D:E6
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018F05F64455D7305BCD0180E8A8A403414E
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/i7DbNQ1Kxw_Bu2fl0ieTE1U3feY.roa
Signing time: Mon 22 Apr 2024 13:19:36 +0000
ROA not before: Mon 22 Apr 2024 13:19:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12325
IP address blocks: 89.46.128.0/22 maxlen: 24
89.46.232.0/21 maxlen: 24
185.18.224.0/23 maxlen: 24
188.215.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:f6:44:55:d7:30:5b:cd:01:80:e8:a8:a4:03:41:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Apr 22 13:19:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bb0db350d4ac70fc1bb67e5d227931355377de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3b:da:18:dd:50:35:94:b5:2d:51:a1:40:12:
18:df:87:f4:db:e0:13:53:ea:55:6d:be:15:2c:d6:
54:13:db:23:d9:f9:ce:ab:40:1d:40:81:a4:78:fd:
f3:b0:62:6a:e9:d1:aa:0d:94:96:86:84:f6:1b:2a:
7a:f7:8d:b9:8c:ef:91:da:bb:d7:9d:f5:80:64:77:
14:40:2c:64:13:4b:b1:eb:1a:5e:5a:fe:3e:c8:09:
d4:bf:b0:0a:75:51:ed:dc:e0:46:c5:a9:4c:f3:29:
3a:0b:12:e5:54:b8:5a:77:06:e8:ff:51:2a:d3:4d:
99:16:50:40:c1:b0:7a:17:22:c3:37:db:6b:58:20:
ea:a0:e6:d5:fe:e4:99:57:5f:78:04:52:46:c4:32:
03:d8:a3:3c:a5:59:90:79:5b:89:e5:25:cf:f8:cf:
94:7a:75:d9:82:21:49:f0:41:28:1f:35:f2:c0:1f:
c0:58:6f:45:58:d0:ce:e1:ba:b0:18:4a:db:cd:a1:
d2:9b:10:9e:48:4e:db:c5:91:d6:e8:36:1e:50:c1:
65:58:0a:72:39:0b:0b:8a:bc:ff:18:13:01:a1:f2:
79:70:de:56:34:cf:cf:30:16:7c:40:94:fd:6b:44:
a1:3a:9a:2f:46:c9:8e:6b:e7:e0:3d:ed:f3:e7:65:
95:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B0:DB:35:0D:4A:C7:0F:C1:BB:67:E5:D2:27:93:13:55:37:7D:E6
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/i7DbNQ1Kxw_Bu2fl0ieTE1U3feY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.128.0/22
89.46.232.0/21
185.18.224.0/23
188.215.40.0/22
Signature Algorithm: sha256WithRSAEncryption
ef:97:02:bc:ad:dd:c3:29:df:a1:c8:1d:0e:96:84:ba:af:a7:
08:b5:bf:49:28:4c:5a:dd:e4:5a:d0:be:8d:90:4e:9e:f3:9b:
76:c5:7b:1a:c3:3a:fc:91:52:99:ae:82:37:eb:55:94:ba:67:
68:3c:2f:6f:26:b2:81:60:f8:d3:c7:6f:ff:62:85:cd:41:57:
85:60:72:25:26:8b:34:44:20:ea:1f:27:72:77:d9:cc:f4:6d:
b2:18:16:9b:d6:a9:2a:76:9d:18:3b:e0:62:6f:da:15:bb:22:
b3:cc:b7:e2:da:37:48:a9:98:c4:90:a6:bf:b5:ac:bd:d2:44:
7e:83:ee:53:09:e7:30:af:4c:ae:dd:5b:a2:f7:6a:54:69:64:
96:55:65:9b:64:3a:9b:45:f3:73:78:ca:64:6a:d1:2f:5e:45:
cf:a2:58:70:99:fb:c7:56:84:95:0a:f7:a4:ae:9c:dc:72:29:
a2:68:9c:ec:c3:98:ee:32:47:73:36:54:83:df:1f:0e:b7:17:
7b:0f:60:77:51:af:80:7b:08:99:a1:f5:f7:48:4d:47:e1:6c:
ab:2f:a0:c6:06:c3:cc:dd:7e:58:91:b0:e0:d0:12:75:2c:63:
b5:0b:bc:43:23:5d:eb:81:c1:46:1e:6a:35:9d:c1:b0:44:6c:
3f:9a:76:43
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY8F9kRV1zBbzQGA6KikA0FOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwNDIyMTMxOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmIwZGIzNTBkNGFjNzBmYzFiYjY3ZTVkMjI3OTMxMzU1Mzc3ZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTvaGN1QNZS1LVGhQBIY34f02+AT
U+pVbb4VLNZUE9sj2fnOq0AdQIGkeP3zsGJq6dGqDZSWhoT2Gyp69425jO+R2rvX
nfWAZHcUQCxkE0ux6xpeWv4+yAnUv7AKdVHt3OBGxalM8yk6CxLlVLhadwbo/1Eq
002ZFlBAwbB6FyLDN9trWCDqoObV/uSZV194BFJGxDID2KM8pVmQeVuJ5SXP+M+U
enXZgiFJ8EEoHzXywB/AWG9FWNDO4bqwGErbzaHSmxCeSE7bxZHW6DYeUMFlWApy
OQsLirz/GBMBofJ5cN5WNM/PMBZ8QJT9a0ShOpovRsmOa+fgPe3z52WV4QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIuw2zUNSscPwbtn5dInkxNVN33mMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2k3RGJOUTFLeHdfQnUyZmwwaWVURTFVM2ZlWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAJZLoAD
BANZLugDBAG5EuADBAK81ygwDQYJKoZIhvcNAQELBQADggEBAO+XAryt3cMp36HI
HQ6WhLqvpwi1v0koTFrd5FrQvo2QTp7zm3bFexrDOvyRUpmugjfrVZS6Z2g8L28m
soFg+NPHb/9ihc1BV4VgciUmizREIOofJ3J32cz0bbIYFpvWqSp2nRg74GJv2hW7
IrPMt+LaN0ipmMSQpr+1rL3SRH6D7lMJ5zCvTK7dW6L3alRpZJZVZZtkOptF83N4
ymRq0S9eRc+iWHCZ+8dWhJUK96SunNxyKaJonOzDmO4yR3M2VIPfHw63F3sPYHdR
r4B7CJmh9fdITUfhbKsvoMYGw8zdfliRsODQEnUsY7ULvEMjXeuBwUYeajWdwbBE
bD+adkM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:24 2025 by rpki-client