Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/TuQDQ8nJBbYLub1mzr6Exv_MEOE.roa
File: TuQDQ8nJBbYLub1mzr6Exv_MEOE.roa (raw, json)
Hash identifier: mNd0eAJJzc4YIh0tYa+bIHu2wbr2Q6C9CMzRK0s5ooI=
Subject key identifier: 4E:E4:03:43:C9:C9:05:B6:0B:B9:BD:66:CE:BE:84:C6:FF:CC:10:E1
Certificate issuer: /CN=cb608201f88aeae9486b9fa87189d796c54027dd
Certificate serial: 0194266C3B176428775D3AACFFBC1EE8B18B
Authority key identifier: CB:60:82:01:F8:8A:EA:E9:48:6B:9F:A8:71:89:D7:96:C5:40:27:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2CCAfiK6ulIa5-ocYnXlsVAJ90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/TuQDQ8nJBbYLub1mzr6Exv_MEOE.roa
Signing time: Thu 02 Jan 2025 09:50:14 +0000
ROA not before: Thu 02 Jan 2025 09:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201150
IP address blocks: 89.23.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:3b:17:64:28:77:5d:3a:ac:ff:bc:1e:e8:b1:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb608201f88aeae9486b9fa87189d796c54027dd
Validity
Not Before: Jan 2 09:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ee40343c9c905b60bb9bd66cebe84c6ffcc10e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d8:d5:8c:d6:34:c3:5f:2e:8b:58:62:06:e6:
9e:ca:ef:09:51:73:6a:a7:3c:be:9f:5e:ca:d5:05:
45:09:34:9b:e7:30:f7:7e:a4:7c:f5:a2:7e:91:31:
c2:74:5b:41:99:f1:0d:e6:97:4c:33:a4:48:e5:8f:
b8:a0:81:f4:bd:14:25:3f:4a:58:1a:8c:86:10:fa:
1f:74:15:e5:c6:16:92:53:26:03:de:10:43:e4:2e:
f9:ea:19:77:4f:6d:3b:36:63:d2:b7:d8:0f:1b:ea:
57:01:e4:db:7b:1e:96:06:68:32:9d:71:85:8c:ea:
3f:d3:d6:6f:9e:cb:ec:20:e8:e8:10:8d:b2:bd:20:
de:67:aa:05:d3:5b:3c:5d:bf:f1:93:32:c9:16:8b:
ea:7f:11:0c:d0:24:7c:6e:07:55:94:82:1b:aa:58:
b7:f4:38:9d:5d:d9:1d:0d:83:00:ea:3c:22:84:59:
34:22:bd:83:e4:b2:ac:8d:02:d0:d4:4e:60:30:da:
69:fe:b4:06:85:2a:0d:f6:06:53:1c:8f:f1:03:83:
46:20:6b:0e:1d:af:5b:8a:3b:cf:6a:71:42:dc:81:
e9:b3:8a:6b:4c:86:a7:84:63:9b:12:98:2c:5a:8b:
93:46:ef:12:0f:de:82:cc:a7:bb:64:73:ac:fa:fd:
17:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:E4:03:43:C9:C9:05:B6:0B:B9:BD:66:CE:BE:84:C6:FF:CC:10:E1
X509v3 Authority Key Identifier:
keyid:CB:60:82:01:F8:8A:EA:E9:48:6B:9F:A8:71:89:D7:96:C5:40:27:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2CCAfiK6ulIa5-ocYnXlsVAJ90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/TuQDQ8nJBbYLub1mzr6Exv_MEOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/ff10a5-2fa3-4942-b2a9-bfe52b4af8b7/1/y2CCAfiK6ulIa5-ocYnXlsVAJ90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.126.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:c5:57:62:4b:86:90:ce:02:25:dc:c4:e4:22:cf:dd:33:2e:
2a:45:33:c9:2a:87:c8:e5:4d:a5:a7:c2:64:0b:78:93:c6:de:
31:0d:03:69:23:16:cd:0a:81:f6:8a:33:82:54:62:7d:d2:6f:
87:e2:2b:f3:93:f4:ea:6c:7b:31:cb:d4:5d:1b:48:d5:e7:05:
92:e6:62:bf:49:6b:0e:53:56:a2:ac:41:f7:2e:2d:cc:77:a6:
c8:36:74:af:0e:b1:ef:85:e2:ea:1f:77:ac:27:da:66:68:2a:
92:79:de:81:aa:39:93:c7:a8:ea:7e:df:3f:33:76:a6:dc:40:
75:50:ed:89:00:b6:f6:e3:ef:b5:54:cf:1d:60:58:32:3a:c1:
01:80:60:70:40:32:76:5b:25:c3:cf:68:69:75:1a:70:a4:c6:
77:50:aa:88:e3:2e:15:31:a6:ca:5b:6b:d2:c1:b2:42:ee:e2:
34:70:16:2b:55:1a:a2:f6:df:01:83:23:0f:3f:5c:56:12:a1:
c5:57:03:cb:f7:e9:76:32:1e:a8:81:54:ff:1f:1b:d8:99:66:
38:8c:a2:89:d4:66:0b:35:62:08:de:46:05:56:53:28:b0:49:
d2:5b:a1:b0:c9:ee:bb:7f:f0:1a:4d:8f:d1:52:ac:f0:54:e9:
32:66:31:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbDsXZCh3XTqs/7we6LGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjA4MjAxZjg4YWVhZTk0ODZiOWZhODcxODlkNzk2YzU0
MDI3ZGQwHhcNMjUwMTAyMDk1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWU0MDM0M2M5YzkwNWI2MGJiOWJkNjZjZWJlODRjNmZmY2MxMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtjVjNY0w18ui1hiBuaeyu8JUXNq
pzy+n17K1QVFCTSb5zD3fqR89aJ+kTHCdFtBmfEN5pdMM6RI5Y+4oIH0vRQlP0pY
GoyGEPofdBXlxhaSUyYD3hBD5C756hl3T207NmPSt9gPG+pXAeTbex6WBmgynXGF
jOo/09ZvnsvsIOjoEI2yvSDeZ6oF01s8Xb/xkzLJFovqfxEM0CR8bgdVlIIbqli3
9DidXdkdDYMA6jwihFk0Ir2D5LKsjQLQ1E5gMNpp/rQGhSoN9gZTHI/xA4NGIGsO
Ha9bijvPanFC3IHps4prTIanhGObEpgsWouTRu8SD96CzKe7ZHOs+v0XAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE7kA0PJyQW2C7m9Zs6+hMb/zBDhMB8GA1UdIwQY
MBaAFMtgggH4iurpSGufqHGJ15bFQCfdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJDQ0FmaUs2dWxJYTUtb2NZblhsc1ZBSjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mZjEwYTUtMmZhMy00OTQyLWIyYTkt
YmZlNTJiNGFmOGI3LzEvVHVRRFE4bkpCYllMdWIxbXpyNkV4dl9NRU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mZjEwYTUtMmZhMy00OTQyLWIyYTktYmZlNTJiNGFmOGI3
LzEveTJDQ0FmaUs2dWxJYTUtb2NZblhsc1ZBSjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRd+MA0G
CSqGSIb3DQEBCwUAA4IBAQB/xVdiS4aQzgIl3MTkIs/dMy4qRTPJKofI5U2lp8Jk
C3iTxt4xDQNpIxbNCoH2ijOCVGJ90m+H4ivzk/TqbHsxy9RdG0jV5wWS5mK/SWsO
U1airEH3Li3Md6bINnSvDrHvheLqH3esJ9pmaCqSed6BqjmTx6jqft8/M3am3EB1
UO2JALb24++1VM8dYFgyOsEBgGBwQDJ2WyXDz2hpdRpwpMZ3UKqI4y4VMabKW2vS
wbJC7uI0cBYrVRqi9t8BgyMPP1xWEqHFVwPL9+l2Mh6ogVT/HxvYmWY4jKKJ1GYL
NWII3kYFVlMosEnSW6Gwye67f/AaTY/RUqzwVOkyZjH6
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:36 2025 by rpki-client