Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/qN2tvLFyc0oE93Y8YKwJ4zJvSPg.roa
File: qN2tvLFyc0oE93Y8YKwJ4zJvSPg.roa (raw, json)
Hash identifier: Ac73lk/5svIoYPSZZ7y2kHM3rG4UkYejirHoV2YNB9c=
Subject key identifier: A8:DD:AD:BC:B1:72:73:4A:04:F7:76:3C:60:AC:09:E3:32:6F:48:F8
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 018D3557EF04A2E080B00EC51DFCD363223C
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/qN2tvLFyc0oE93Y8YKwJ4zJvSPg.roa
Signing time: Tue 23 Jan 2024 08:02:51 +0000
ROA not before: Tue 23 Jan 2024 08:02:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210176
IP address blocks: 89.39.210.0/23 maxlen: 24
89.40.220.0/23 maxlen: 24
94.26.24.0/23 maxlen: 24
192.64.44.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:57:ef:04:a2:e0:80:b0:0e:c5:1d:fc:d3:63:22:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jan 23 08:02:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8ddadbcb172734a04f7763c60ac09e3326f48f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:00:dd:86:53:7a:a3:61:ae:6a:62:5b:50:47:
53:98:54:f4:ff:df:03:53:3f:77:4a:56:2e:43:6d:
50:1a:0b:6e:52:1b:ac:11:2c:17:6b:ce:b3:a4:62:
a6:ac:60:29:cf:db:47:0c:da:db:ef:fa:e6:96:20:
c3:53:70:a4:89:ef:0f:5a:09:80:37:3b:70:6e:f5:
56:60:27:54:c3:a2:9e:7e:5f:bd:98:07:84:95:1d:
72:7e:21:91:6b:5e:c5:04:7e:40:43:9b:b1:76:1c:
e0:95:27:87:ae:a3:d2:d8:04:3b:22:3d:36:6b:f8:
8b:da:46:5a:80:99:20:d3:f7:a9:bd:43:fb:2a:d3:
f0:87:7e:66:0b:a7:74:7b:8b:ba:57:07:4b:f3:11:
5c:34:be:b0:88:3d:e2:ae:6d:7e:0f:0c:3a:7e:71:
4a:72:26:19:c6:b1:80:77:de:31:ce:cd:00:c2:b1:
0d:8e:da:4b:a8:5b:eb:e8:d5:7f:71:dc:02:5a:57:
fc:cf:ae:8e:6b:5d:f9:a5:2e:31:8e:74:ff:ac:6a:
68:7f:db:dd:07:8e:70:0a:1a:2e:f2:2a:ce:22:a6:
21:e4:1c:c1:38:1a:a4:96:be:2a:dc:03:70:a9:8b:
7f:47:cc:c2:ca:02:38:fe:a1:f4:c1:79:89:c8:01:
a4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DD:AD:BC:B1:72:73:4A:04:F7:76:3C:60:AC:09:E3:32:6F:48:F8
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/qN2tvLFyc0oE93Y8YKwJ4zJvSPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.210.0/23
89.40.220.0/23
94.26.24.0/23
192.64.44.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:c7:e6:71:48:41:7f:35:f6:4b:55:a1:38:4d:14:fb:58:ad:
e3:11:90:66:c1:26:14:64:50:70:f5:6c:0c:48:b2:de:a3:bb:
60:c1:5c:90:cb:5f:d9:9e:04:09:5e:56:20:84:bd:2f:f0:0d:
94:8b:26:6c:a0:4c:41:ea:f3:09:48:e1:44:3c:f4:44:b0:1d:
26:36:bb:b4:9d:53:ed:57:93:30:76:33:53:8b:6c:9d:b3:a9:
2b:8d:b4:6f:d9:41:d9:4c:d1:b5:46:47:b3:d1:09:1f:c4:5d:
17:8d:05:1a:ba:c1:d5:17:37:50:91:c1:29:65:34:20:fb:ed:
f0:c9:74:e5:ef:f1:3c:bf:00:0d:69:3c:c0:98:78:e3:67:31:
10:4f:77:c8:d7:7b:92:74:9b:6b:5e:6f:4d:0d:da:81:43:9b:
c4:6b:ee:cc:06:92:8e:43:d0:54:b4:7e:33:61:bd:ba:72:21:
9f:c8:87:8a:54:5a:cb:2d:e2:83:ff:2c:22:17:b8:58:ad:88:
14:45:0e:ae:d8:36:1e:7c:2b:67:4c:e5:08:89:9d:ae:f2:9b:
0a:25:4e:57:79:df:be:dd:6b:da:c6:bf:39:ad:7f:cd:cf:09:
0d:9f:3d:84:e3:57:83:33:6a:a4:2d:d7:cd:e8:c0:93:07:ad:
dd:ee:7b:10
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY01V+8EouCAsA7FHfzTYyI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjQwMTIzMDgwMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGRkYWRiY2IxNzI3MzRhMDRmNzc2M2M2MGFjMDllMzMyNmY0OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkADdhlN6o2GuamJbUEdTmFT0/98D
Uz93SlYuQ21QGgtuUhusESwXa86zpGKmrGApz9tHDNrb7/rmliDDU3Ckie8PWgmA
NztwbvVWYCdUw6Kefl+9mAeElR1yfiGRa17FBH5AQ5uxdhzglSeHrqPS2AQ7Ij02
a/iL2kZagJkg0/epvUP7KtPwh35mC6d0e4u6VwdL8xFcNL6wiD3irm1+Dww6fnFK
ciYZxrGAd94xzs0AwrENjtpLqFvr6NV/cdwCWlf8z66Oa135pS4xjnT/rGpof9vd
B45wChou8irOIqYh5BzBOBqklr4q3ANwqYt/R8zCygI4/qH0wXmJyAGk1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKjdrbyxcnNKBPd2PGCsCeMyb0j4MB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvcU4ydHZMRnljMG9FOTNZOFlLd0o0ekp2U1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWSfSAwQB
WSjcAwQBXhoYAwQBwEAsMA0GCSqGSIb3DQEBCwUAA4IBAQCqx+ZxSEF/NfZLVaE4
TRT7WK3jEZBmwSYUZFBw9WwMSLLeo7tgwVyQy1/ZngQJXlYghL0v8A2UiyZsoExB
6vMJSOFEPPREsB0mNru0nVPtV5MwdjNTi2yds6krjbRv2UHZTNG1Rkez0QkfxF0X
jQUausHVFzdQkcEpZTQg++3wyXTl7/E8vwANaTzAmHjjZzEQT3fI13uSdJtrXm9N
DdqBQ5vEa+7MBpKOQ9BUtH4zYb26ciGfyIeKVFrLLeKD/ywiF7hYrYgURQ6u2DYe
fCtnTOUIiZ2u8psKJU5Xed++3Wvaxr85rX/NzwkNnz2E41eDM2qkLdfN6MCTB63d
7nsQ
-----END CERTIFICATE-----
Generated at Wed Mar 12 07:04:55 2025 by rpki-client