Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ba681-3649-420f-8f24-67cdb2f0693d/1/3bzUmTYkyxfdTIIBrdZAOl3--78.roa
File: 3bzUmTYkyxfdTIIBrdZAOl3--78.roa (raw, json)
Hash identifier: MepSCzodqgR9u3ZgPp/OCdL5XQ2faQIYHb8BJba/jkE=
Subject key identifier: DD:BC:D4:99:36:24:CB:17:DD:4C:82:01:AD:D6:40:3A:5D:FE:FB:BF
Certificate issuer: /CN=425c6104aae83931281e004fad5d9f76232c0978
Certificate serial: 018539011A2D765AD994EF9D408BA30002A2
Authority key identifier: 42:5C:61:04:AA:E8:39:31:28:1E:00:4F:AD:5D:9F:76:23:2C:09:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QlxhBKroOTEoHgBPrV2fdiMsCXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba681-3649-420f-8f24-67cdb2f0693d/1/3bzUmTYkyxfdTIIBrdZAOl3--78.roa
Signing time: Thu 22 Dec 2022 08:44:11 +0000
ROA not before: Thu 22 Dec 2022 08:44:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209375
IP address blocks: 89.33.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:01:1a:2d:76:5a:d9:94:ef:9d:40:8b:a3:00:02:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=425c6104aae83931281e004fad5d9f76232c0978
Validity
Not Before: Dec 22 08:44:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddbcd4993624cb17dd4c8201add6403a5dfefbbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:33:6a:37:3b:2f:20:e4:68:6a:98:50:a1:5c:
cf:33:cf:79:31:43:8d:2c:be:a2:70:28:bd:4d:49:
5b:16:97:99:8c:97:74:31:ad:96:64:f2:59:e3:88:
ee:9c:df:60:1a:c7:e1:a5:84:06:de:2d:e0:d5:38:
5f:9a:ab:d7:29:5c:34:c0:f8:48:3d:f1:9c:8c:65:
22:d8:6c:b3:7d:0d:01:3b:87:c2:34:12:cf:19:30:
24:4d:2b:e7:38:90:0f:fc:53:1d:70:14:0b:00:2b:
d0:6b:d3:c5:06:7b:b9:8d:c8:fc:7c:0f:e5:8a:a0:
08:47:9f:7b:2a:13:b0:54:1a:24:c2:0d:23:c1:68:
3b:4c:c5:42:ca:69:61:5d:23:ed:c7:8b:36:2e:12:
9f:47:2c:2d:18:93:56:d0:8c:3e:43:3b:85:29:b0:
d1:ed:93:a0:cf:92:a1:2a:8b:7a:ca:8b:2f:2b:81:
aa:4d:c1:be:34:bc:cc:5c:1d:a0:0c:5e:08:95:41:
c8:ae:07:05:fe:fa:5b:c0:91:de:d2:2f:07:58:06:
94:69:42:db:a7:b1:17:ee:1b:05:bb:37:66:c6:d6:
86:3d:3b:3e:75:fc:d2:af:42:04:70:d2:dc:38:e8:
af:ac:85:bb:9b:16:76:b6:23:e0:f4:91:03:a2:59:
c7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BC:D4:99:36:24:CB:17:DD:4C:82:01:AD:D6:40:3A:5D:FE:FB:BF
X509v3 Authority Key Identifier:
keyid:42:5C:61:04:AA:E8:39:31:28:1E:00:4F:AD:5D:9F:76:23:2C:09:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QlxhBKroOTEoHgBPrV2fdiMsCXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba681-3649-420f-8f24-67cdb2f0693d/1/3bzUmTYkyxfdTIIBrdZAOl3--78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba681-3649-420f-8f24-67cdb2f0693d/1/QlxhBKroOTEoHgBPrV2fdiMsCXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.135.0/24
Signature Algorithm: sha256WithRSAEncryption
05:7a:a6:dc:2d:a5:8d:e7:40:4f:12:9d:ae:e5:39:a5:8c:87:
ea:27:89:31:75:a4:b0:60:aa:f1:4a:6d:fc:c5:ec:e8:e0:9f:
b5:b5:fa:05:6b:22:9e:d8:9e:ab:e6:8f:3c:f5:24:db:d4:85:
ce:66:6d:72:6b:47:ff:b0:ae:f6:c0:eb:95:c4:68:d5:5d:19:
a6:38:45:23:2e:6e:2f:a5:b5:eb:aa:40:8a:4f:1d:23:ef:7c:
a0:cb:ce:59:1f:fb:36:bb:25:aa:fa:60:11:9c:91:3a:e0:f3:
39:15:f9:a8:df:b9:eb:d1:7d:7b:da:e7:4d:94:46:18:4d:eb:
5e:5d:19:8b:e1:ea:4e:32:02:d9:3a:14:a8:8a:04:41:9d:64:
6a:06:b0:0f:bd:10:35:bd:8d:2a:17:da:5d:e3:04:fe:fe:d6:
0c:76:8f:ca:88:c8:e3:93:b6:f3:c0:98:1a:69:fa:5e:64:c9:
9e:c2:b1:76:8a:bd:58:95:a7:86:f0:12:2c:73:77:ac:64:09:
4d:ce:3f:3b:0a:de:5c:17:eb:f3:11:6d:6d:55:a8:ec:b1:f5:
f6:39:8d:8a:e8:06:c5:86:14:a2:da:be:2c:5f:e9:8d:0b:33:
05:93:a3:ca:19:c4:97:0f:ac:f6:db:fd:c1:47:d2:1e:ad:2a:
05:26:3a:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU5ARotdlrZlO+dQIujAAKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNWM2MTA0YWFlODM5MzEyODFlMDA0ZmFkNWQ5Zjc2MjMy
YzA5NzgwHhcNMjIxMjIyMDg0NDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGJjZDQ5OTM2MjRjYjE3ZGQ0YzgyMDFhZGQ2NDAzYTVkZmVmYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTNqNzsvIORoaphQoVzPM895MUON
LL6icCi9TUlbFpeZjJd0Ma2WZPJZ44junN9gGsfhpYQG3i3g1ThfmqvXKVw0wPhI
PfGcjGUi2GyzfQ0BO4fCNBLPGTAkTSvnOJAP/FMdcBQLACvQa9PFBnu5jcj8fA/l
iqAIR597KhOwVBokwg0jwWg7TMVCymlhXSPtx4s2LhKfRywtGJNW0Iw+QzuFKbDR
7ZOgz5KhKot6yosvK4GqTcG+NLzMXB2gDF4IlUHIrgcF/vpbwJHe0i8HWAaUaULb
p7EX7hsFuzdmxtaGPTs+dfzSr0IEcNLcOOivrIW7mxZ2tiPg9JEDolnHpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN281Jk2JMsX3UyCAa3WQDpd/vu/MB8GA1UdIwQY
MBaAFEJcYQSq6DkxKB4AT61dn3YjLAl4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWx4aEJLcm9PVEVvSGdCUHJWMmZkaU1zQ1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85YmE2ODEtMzY0OS00MjBmLThmMjQt
NjdjZGIyZjA2OTNkLzEvM2J6VW1UWWt5eGZkVElJQnJkWkFPbDMtLTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85YmE2ODEtMzY0OS00MjBmLThmMjQtNjdjZGIyZjA2OTNk
LzEvUWx4aEJLcm9PVEVvSGdCUHJWMmZkaU1zQ1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSGHMA0G
CSqGSIb3DQEBCwUAA4IBAQAFeqbcLaWN50BPEp2u5TmljIfqJ4kxdaSwYKrxSm38
xezo4J+1tfoFayKe2J6r5o889STb1IXOZm1ya0f/sK72wOuVxGjVXRmmOEUjLm4v
pbXrqkCKTx0j73ygy85ZH/s2uyWq+mARnJE64PM5Ffmo37nr0X172udNlEYYTete
XRmL4epOMgLZOhSoigRBnWRqBrAPvRA1vY0qF9pd4wT+/tYMdo/KiMjjk7bzwJga
afpeZMmewrF2ir1YlaeG8BIsc3esZAlNzj87Ct5cF+vzEW1tVajssfX2OY2K6AbF
hhSi2r4sX+mNCzMFk6PKGcSXD6z22/3BR9IerSoFJjop
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:18 2023 by rpki-client on console-ams.rpki-client.org