Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/2TpsUVpvmlUVpjnat0dAd2NcvXo.roa
File: 2TpsUVpvmlUVpjnat0dAd2NcvXo.roa (raw, json)
Hash identifier: PglYAhR79dqInmjyzwL1nH4LlK6VJ8KhS8oMj72Dkp8=
Subject key identifier: D9:3A:6C:51:5A:6F:9A:55:15:A6:39:DA:B7:47:40:77:63:5C:BD:7A
Certificate issuer: /CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Certificate serial: 018D842F1952644A27D181A1DC33F646E4FA
Authority key identifier: 33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/2TpsUVpvmlUVpjnat0dAd2NcvXo.roa
Signing time: Wed 07 Feb 2024 15:28:15 +0000
ROA not before: Wed 07 Feb 2024 15:28:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 89.107.15.0/24 maxlen: 24
91.247.167.0/24 maxlen: 24
109.94.161.0/24 maxlen: 24
176.97.223.0/24 maxlen: 24
194.26.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:2f:19:52:64:4a:27:d1:81:a1:dc:33:f6:46:e4:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33f5ce1fc37927cb5a4e67b176c7a63b32ff6e89
Validity
Not Before: Feb 7 15:28:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d93a6c515a6f9a5515a639dab7474077635cbd7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:55:71:8e:03:21:80:a3:42:a9:7f:a5:09:66:
10:f8:a4:0d:5c:99:a0:6b:e2:69:03:59:b8:9c:35:
7a:4f:15:10:de:5d:f3:c5:cb:d4:e8:d7:c6:6e:be:
89:74:29:fe:23:dc:01:e0:b4:aa:8a:7e:54:09:68:
d6:11:59:dc:1b:c0:6c:e2:a7:a9:c1:63:a0:10:27:
87:f8:01:9d:6b:75:82:77:3c:e2:e2:24:ae:4e:66:
95:45:38:c8:29:d3:07:be:07:98:3d:80:a6:04:98:
35:2c:60:11:d5:10:a3:e7:45:ac:63:31:23:5a:3d:
4a:89:39:39:8d:2e:26:f5:3f:61:c3:7f:54:b0:ed:
3d:fd:bd:af:08:8f:f9:95:40:ca:16:5c:15:be:eb:
de:de:f4:fd:4d:28:51:68:9a:bf:a7:85:82:65:2a:
11:40:e7:0d:51:1c:04:8b:a7:2f:ab:42:98:88:1c:
1e:4c:74:f9:62:51:de:b2:3c:77:16:0b:94:4e:25:
17:c0:9b:d9:b7:3d:b6:68:88:87:38:f4:d6:7d:b6:
6e:73:6b:18:dd:78:af:bd:9f:0b:cf:cd:d5:16:35:
5c:88:91:0e:e9:91:9c:27:a5:59:d9:59:4d:f6:70:
5e:e7:5a:db:09:f7:f5:dd:f8:f8:87:5c:68:1a:0f:
8c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3A:6C:51:5A:6F:9A:55:15:A6:39:DA:B7:47:40:77:63:5C:BD:7A
X509v3 Authority Key Identifier:
keyid:33:F5:CE:1F:C3:79:27:CB:5A:4E:67:B1:76:C7:A6:3B:32:FF:6E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_XOH8N5J8taTmexdsemOzL_bok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/2TpsUVpvmlUVpjnat0dAd2NcvXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/3bb9d8-bf54-4e8f-83e5-3ffc01fcbfb6/1/M_XOH8N5J8taTmexdsemOzL_bok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.15.0/24
91.247.167.0/24
109.94.161.0/24
176.97.223.0/24
194.26.224.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:39:87:24:2f:1a:76:c9:40:e1:cc:16:d2:94:2b:12:3d:dc:
c4:66:0f:08:f6:fa:23:d1:e5:e1:8e:e9:ef:5f:cf:16:ac:25:
92:e6:24:91:f7:d6:d3:b8:63:7e:7a:5b:38:c8:b0:5d:69:62:
fc:ec:71:50:ad:c0:8f:2f:29:8e:ac:5d:fb:ff:eb:3c:62:28:
48:8e:3c:32:94:f9:f5:15:40:96:37:1e:7b:49:cb:da:89:e3:
37:00:29:d3:d0:b7:5e:2b:db:55:29:fe:6a:b4:08:ea:9b:88:
c3:52:53:4a:08:3b:80:43:52:f1:28:95:15:8f:4b:cd:4d:ac:
7d:5e:57:17:ab:2a:db:8f:e4:3c:b4:94:1f:c4:0a:26:a4:19:
f2:28:cb:b7:a2:54:5c:d4:bd:f1:f5:08:90:85:cf:5e:1b:61:
09:bd:71:53:a8:78:e2:0e:9b:3e:49:6c:54:1a:eb:18:c5:68:
f2:83:fe:af:61:56:32:2d:d7:8b:f6:a1:49:19:36:5a:e0:3e:
f6:e7:97:b9:2c:c9:22:5f:89:2d:59:2a:97:2c:d9:0e:c6:5b:
7d:a6:d6:34:a3:db:a2:44:09:5e:22:c6:f4:ef:79:46:d5:cf:
3f:d6:a1:a9:92:b3:55:7e:b9:5d:40:9b:f5:07:ae:82:89:16:
bc:17:21:37
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY2ELxlSZEon0YGh3DP2RuT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZjVjZTFmYzM3OTI3Y2I1YTRlNjdiMTc2YzdhNjNiMzJm
ZjZlODkwHhcNMjQwMjA3MTUyODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTNhNmM1MTVhNmY5YTU1MTVhNjM5ZGFiNzQ3NDA3NzYzNWNiZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVVxjgMhgKNCqX+lCWYQ+KQNXJmg
a+JpA1m4nDV6TxUQ3l3zxcvU6NfGbr6JdCn+I9wB4LSqin5UCWjWEVncG8Bs4qep
wWOgECeH+AGda3WCdzzi4iSuTmaVRTjIKdMHvgeYPYCmBJg1LGAR1RCj50WsYzEj
Wj1KiTk5jS4m9T9hw39UsO09/b2vCI/5lUDKFlwVvuve3vT9TShRaJq/p4WCZSoR
QOcNURwEi6cvq0KYiBweTHT5YlHesjx3FguUTiUXwJvZtz22aIiHOPTWfbZuc2sY
3XivvZ8Lz83VFjVciJEO6ZGcJ6VZ2VlN9nBe51rbCff13fj4h1xoGg+MmwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNk6bFFab5pVFaY52rdHQHdjXL16MB8GA1UdIwQY
MBaAFDP1zh/DeSfLWk5nsXbHpjsy/26JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUt
M2ZmYzAxZmNiZmI2LzEvMlRwc1VWcHZtbFVWcGpuYXQwZEFkMk5jdlhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zYmI5ZDgtYmY1NC00ZThmLTgzZTUtM2ZmYzAxZmNiZmI2
LzEvTV9YT0g4TjVKOHRhVG1leGRzZW1PekxfYm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWWsPAwQA
W/enAwQAbV6hAwQAsGHfAwQAwhrgMA0GCSqGSIb3DQEBCwUAA4IBAQAcOYckLxp2
yUDhzBbSlCsSPdzEZg8I9voj0eXhjunvX88WrCWS5iSR99bTuGN+els4yLBdaWL8
7HFQrcCPLymOrF37/+s8YihIjjwylPn1FUCWNx57ScvaieM3ACnT0LdeK9tVKf5q
tAjqm4jDUlNKCDuAQ1LxKJUVj0vNTax9XlcXqyrbj+Q8tJQfxAompBnyKMu3olRc
1L3x9QiQhc9eG2EJvXFTqHjiDps+SWxUGusYxWjyg/6vYVYyLdeL9qFJGTZa4D72
55e5LMkiX4ktWSqXLNkOxlt9ptY0o9uiRAleIsb073lG1c8/1qGpkrNVfrldQJv1
B66CiRa8FyE3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:10 2025 by rpki-client