Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/HCo7w-wQNyZFS6k3Qnm6iMxsivg.roa
File: HCo7w-wQNyZFS6k3Qnm6iMxsivg.roa (raw, json)
Hash identifier: VTjKS/vgopcoETAoUH9m206K9oyiMqUQQZsWMe6Vu68=
Subject key identifier: 1C:2A:3B:C3:EC:10:37:26:45:4B:A9:37:42:79:BA:88:CC:6C:8A:F8
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018DA2EDA7E3D73B947A7B98F11E9968F6A6
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/HCo7w-wQNyZFS6k3Qnm6iMxsivg.roa
Signing time: Tue 13 Feb 2024 14:45:00 +0000
ROA not before: Tue 13 Feb 2024 14:45:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210176
IP address blocks: 89.40.220.0/23 maxlen: 24
94.26.24.0/23 maxlen: 24
192.64.44.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:ed:a7:e3:d7:3b:94:7a:7b:98:f1:1e:99:68:f6:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Feb 13 14:45:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c2a3bc3ec103726454ba9374279ba88cc6c8af8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:84:4a:99:9e:ee:e4:65:61:b6:7d:0a:7e:25:
4f:38:ca:5c:8a:73:7c:bb:b5:9b:1c:33:cc:ba:99:
08:05:82:43:62:1b:6c:9b:e4:d4:0e:da:f2:71:21:
a0:63:f1:ee:ec:7e:a8:41:86:8f:97:ab:5f:e3:27:
d6:c1:7d:af:72:a6:38:1d:33:d8:23:21:20:d9:79:
f8:cc:ab:cd:8c:ff:88:ee:bf:81:be:e4:0b:d6:df:
83:07:99:44:4d:2d:65:62:7e:5c:db:71:8a:e5:53:
df:59:7c:d8:74:7b:fd:bd:d8:a4:a9:2b:f4:c2:18:
5b:5f:d3:8a:e5:ea:7b:d4:2e:f3:cb:d8:7a:1c:11:
e7:99:15:8e:06:50:f1:76:f7:d8:81:dc:ab:ec:9d:
c3:46:ce:e2:72:b6:9f:da:04:ab:87:58:13:bd:9c:
32:8b:f8:2d:b1:8b:e5:b3:b9:e3:d1:69:2e:87:ff:
70:84:f4:93:f3:91:09:a9:ab:70:82:39:11:35:02:
91:05:9c:f1:03:2d:f6:1b:d3:72:b6:3b:4c:67:af:
81:f7:65:f6:78:8d:18:3e:e7:ee:30:47:72:c9:84:
76:4f:64:20:49:f9:71:de:ba:2d:8b:90:d6:c8:2a:
e5:50:f4:21:ba:af:cb:c5:5c:d7:76:3c:5a:52:97:
d9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:2A:3B:C3:EC:10:37:26:45:4B:A9:37:42:79:BA:88:CC:6C:8A:F8
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/HCo7w-wQNyZFS6k3Qnm6iMxsivg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.220.0/23
94.26.24.0/23
192.64.44.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:5e:8f:1a:07:5b:fa:9b:99:51:a4:1c:08:09:1b:4b:3c:8a:
b9:60:5b:77:26:d1:4d:e4:56:8a:d5:8a:ce:1b:08:84:19:c2:
8d:7e:e4:0e:4b:f1:40:9b:95:2a:ed:7d:d6:0c:1e:86:32:1b:
bd:b0:08:b6:b4:cc:39:0a:9d:cc:8f:6d:cf:30:bc:0e:c2:7a:
ae:fc:36:82:b2:02:a7:b9:88:e0:56:f6:04:99:e7:9d:a1:b4:
8d:e8:8c:d3:67:88:f8:e8:60:07:1a:c6:dd:09:e0:6c:c6:7a:
6e:62:67:03:0b:8b:59:7b:5a:c3:8b:8b:eb:15:6c:3b:72:88:
62:da:94:42:d7:8e:21:6f:27:6f:89:be:29:44:7a:7d:20:6e:
23:bf:66:42:4a:98:30:a0:26:0e:42:d7:17:f2:ca:72:15:a8:
d8:1a:9e:8a:63:b8:66:80:b8:30:7e:c4:df:db:ce:8a:f6:a1:
86:75:45:46:00:5e:46:86:0a:07:9d:cf:41:1a:50:31:78:4d:
02:04:69:cb:51:e4:86:04:28:79:26:6e:87:a7:f5:6a:d7:d9:
cf:9c:bd:7e:cc:ba:9a:86:58:18:49:f3:9c:d6:94:1f:27:c5:
33:82:65:ba:9e:95:51:1c:cd:0c:4e:2b:69:84:38:ef:95:11:
5b:a5:53:c4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2i7afj1zuUenuY8R6ZaPamMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjQwMjEzMTQ0NTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzJhM2JjM2VjMTAzNzI2NDU0YmE5Mzc0Mjc5YmE4OGNjNmM4YWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoRKmZ7u5GVhtn0KfiVPOMpcinN8
u7WbHDPMupkIBYJDYhtsm+TUDtrycSGgY/Hu7H6oQYaPl6tf4yfWwX2vcqY4HTPY
IyEg2Xn4zKvNjP+I7r+BvuQL1t+DB5lETS1lYn5c23GK5VPfWXzYdHv9vdikqSv0
whhbX9OK5ep71C7zy9h6HBHnmRWOBlDxdvfYgdyr7J3DRs7icraf2gSrh1gTvZwy
i/gtsYvls7nj0Wkuh/9whPST85EJqatwgjkRNQKRBZzxAy32G9NytjtMZ6+B92X2
eI0YPufuMEdyyYR2T2QgSflx3roti5DWyCrlUPQhuq/LxVzXdjxaUpfZmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBwqO8PsEDcmRUupN0J5uojMbIr4MB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvSENvN3ctd1FOeVpGUzZrM1FubTZpTXhzaXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWSjcAwQB
XhoYAwQBwEAsMA0GCSqGSIb3DQEBCwUAA4IBAQAtXo8aB1v6m5lRpBwICRtLPIq5
YFt3JtFN5FaK1YrOGwiEGcKNfuQOS/FAm5Uq7X3WDB6GMhu9sAi2tMw5Cp3Mj23P
MLwOwnqu/DaCsgKnuYjgVvYEmeedobSN6IzTZ4j46GAHGsbdCeBsxnpuYmcDC4tZ
e1rDi4vrFWw7cohi2pRC144hbydvib4pRHp9IG4jv2ZCSpgwoCYOQtcX8spyFajY
Gp6KY7hmgLgwfsTf286K9qGGdUVGAF5GhgoHnc9BGlAxeE0CBGnLUeSGBCh5Jm6H
p/Vq19nPnL1+zLqahlgYSfOc1pQfJ8UzgmW6npVRHM0MTitphDjvlRFbpVPE
-----END CERTIFICATE-----
Generated at Wed Mar 12 06:56:43 2025 by rpki-client