Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/chc7NZYTY8TAAm4omvxtyabyq7Y.roa
File: chc7NZYTY8TAAm4omvxtyabyq7Y.roa (raw, json)
Hash identifier: D4ml84hX/IF5k6NvrzKJg2mEZ4TzfgqpdYCT4BEMOzQ=
Subject key identifier: 72:17:3B:35:96:13:63:C4:C0:02:6E:28:9A:FC:6D:C9:A6:F2:AB:B6
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 019427B5C80BB887F7BA1C2B7F123F729E09
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/chc7NZYTY8TAAm4omvxtyabyq7Y.roa
Signing time: Thu 02 Jan 2025 15:50:12 +0000
ROA not before: Thu 02 Jan 2025 15:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 89.187.23.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c8:0b:b8:87:f7:ba:1c:2b:7f:12:3f:72:9e:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Jan 2 15:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72173b35961363c4c0026e289afc6dc9a6f2abb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cf:c6:bf:62:95:f5:19:25:18:d6:5c:0c:ab:
fd:f7:c2:fd:e6:04:c7:2a:91:c9:bb:7b:cc:f5:01:
f2:3d:b8:04:e6:70:a9:8f:c4:63:4a:e7:ad:b1:97:
05:73:fa:bc:e1:28:ea:97:9c:55:f8:b5:19:1f:56:
f6:b8:5e:4a:54:c8:d5:53:e3:44:f5:08:a3:7a:ea:
8e:41:ef:9b:b8:b2:43:e6:bc:18:76:24:ab:61:8b:
74:80:09:b3:3a:6f:d4:8f:d0:05:50:cb:f4:4a:c8:
9c:5e:fb:54:9c:a2:14:b9:b5:7d:2e:07:33:9a:d0:
0c:24:97:ec:ae:c7:7b:2c:86:b8:98:8b:ad:90:89:
96:6a:20:b8:6a:20:eb:ae:02:bd:82:7f:03:25:0a:
4d:47:a1:5a:4f:9a:a3:ea:9e:2c:1d:b3:28:e8:b4:
b4:34:38:ff:a9:5f:b2:8f:9e:db:fe:66:0a:dd:d2:
8e:27:32:70:cf:91:a4:6d:fc:2a:36:ee:70:bb:a3:
8a:cf:b3:0b:4d:51:02:00:7f:40:6d:13:af:1b:5a:
7c:07:eb:e1:ec:53:8d:bb:76:ad:a6:04:ab:3a:3a:
d4:02:89:76:11:f9:a1:0c:e5:0d:87:ee:7f:d2:fc:
94:4c:cb:ab:2e:a2:e9:f4:2f:a2:a1:cb:13:58:d9:
26:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:17:3B:35:96:13:63:C4:C0:02:6E:28:9A:FC:6D:C9:A6:F2:AB:B6
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/chc7NZYTY8TAAm4omvxtyabyq7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.23.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:c2:96:71:9c:17:cd:21:ba:8a:21:09:4c:63:d5:e9:70:ec:
97:e2:e2:ee:98:d2:50:f9:37:f1:22:1c:40:de:7a:12:b3:34:
43:91:f9:6d:1a:be:93:91:ac:5f:ad:97:bc:21:4a:c9:cb:70:
fd:3b:56:18:cc:9e:c6:1c:23:6c:2a:39:d5:15:12:9e:fe:1b:
df:54:1b:15:86:14:18:e4:02:68:15:6f:b1:9f:6e:86:cd:fa:
b2:32:3b:96:88:5e:8d:f7:14:f7:f1:39:3f:e4:5f:fc:0a:1c:
cf:8b:2d:0c:a4:3c:06:00:2e:81:8c:17:aa:e5:ac:88:f8:57:
a3:cb:fc:40:b0:60:25:85:8a:a7:e3:50:3d:39:93:7b:6c:84:
a4:f1:2a:b0:1a:67:6c:fc:75:b8:1e:d7:79:ee:51:d4:57:95:
5d:c7:74:27:c0:81:57:82:20:35:a6:64:54:24:5f:ef:38:cd:
e7:68:61:ea:10:3e:e9:66:e8:cf:68:e2:94:6d:fc:6a:58:a3:
3e:22:68:5d:34:32:42:f3:41:7a:00:87:57:ed:cb:61:7d:f8:
01:62:27:48:a0:2a:75:82:85:b3:5f:3c:2f:82:3f:1d:db:f1:
d8:43:15:2a:40:9b:ce:20:46:5b:e5:83:3b:91:c7:3e:ce:f8:
c2:7d:6c:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntcgLuIf3uhwrfxI/cp4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjUwMTAyMTU1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE3M2IzNTk2MTM2M2M0YzAwMjZlMjg5YWZjNmRjOWE2ZjJhYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM/Gv2KV9RklGNZcDKv998L95gTH
KpHJu3vM9QHyPbgE5nCpj8RjSuetsZcFc/q84Sjql5xV+LUZH1b2uF5KVMjVU+NE
9QijeuqOQe+buLJD5rwYdiSrYYt0gAmzOm/Uj9AFUMv0SsicXvtUnKIUubV9Lgcz
mtAMJJfsrsd7LIa4mIutkImWaiC4aiDrrgK9gn8DJQpNR6FaT5qj6p4sHbMo6LS0
NDj/qV+yj57b/mYK3dKOJzJwz5GkbfwqNu5wu6OKz7MLTVECAH9AbROvG1p8B+vh
7FONu3atpgSrOjrUAol2EfmhDOUNh+5/0vyUTMurLqLp9C+iocsTWNkmNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHIXOzWWE2PEwAJuKJr8bcmm8qu2MB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvY2hjN05aWVRZOFRBQW00b212eHR5YWJ5cTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbsXMA0G
CSqGSIb3DQEBCwUAA4IBAQDFwpZxnBfNIbqKIQlMY9XpcOyX4uLumNJQ+TfxIhxA
3noSszRDkfltGr6TkaxfrZe8IUrJy3D9O1YYzJ7GHCNsKjnVFRKe/hvfVBsVhhQY
5AJoFW+xn26GzfqyMjuWiF6N9xT38Tk/5F/8ChzPiy0MpDwGAC6BjBeq5ayI+Fej
y/xAsGAlhYqn41A9OZN7bISk8SqwGmds/HW4Htd57lHUV5Vdx3QnwIFXgiA1pmRU
JF/vOM3naGHqED7pZujPaOKUbfxqWKM+ImhdNDJC80F6AIdX7cthffgBYidIoCp1
goWzXzwvgj8d2/HYQxUqQJvOIEZb5YM7kcc+zvjCfWxe
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:21:33 2025 by rpki-client