Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/1b32ae-3c59-4b3d-9197-f3be848fde15/1/B9Carr3QDdizZewKxnc6Lglj7fU.roa
File: B9Carr3QDdizZewKxnc6Lglj7fU.roa (raw, json)
Hash identifier: BcZe+RzY5Uil/kvCwc6RtyeOvm8F5CYgJmFfsVqmP40=
Subject key identifier: 07:D0:9A:AE:BD:D0:0D:D8:B3:65:EC:0A:C6:77:3A:2E:09:63:ED:F5
Certificate issuer: /CN=9be9cf3eb15ad59372d64632b593f26ae890194d
Certificate serial: 01856C2ED0EE7ADABB589EC836A0B574393F
Authority key identifier: 9B:E9:CF:3E:B1:5A:D5:93:72:D6:46:32:B5:93:F2:6A:E8:90:19:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-nPPrFa1ZNy1kYytZPyauiQGU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/1b32ae-3c59-4b3d-9197-f3be848fde15/1/B9Carr3QDdizZewKxnc6Lglj7fU.roa
Signing time: Sun 01 Jan 2023 07:14:45 +0000
ROA not before: Sun 01 Jan 2023 07:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8849
IP address blocks: 5.44.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:2e:d0:ee:7a:da:bb:58:9e:c8:36:a0:b5:74:39:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9be9cf3eb15ad59372d64632b593f26ae890194d
Validity
Not Before: Jan 1 07:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07d09aaebdd00dd8b365ec0ac6773a2e0963edf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a5:50:ec:9f:9c:be:a9:7e:1b:91:03:70:6d:
f2:d2:7d:be:d0:a9:4a:50:c3:21:f5:97:b5:23:73:
f1:28:b7:3c:f5:bf:9c:06:e6:9c:ef:fb:70:bd:b5:
f2:16:d1:c3:eb:1a:13:52:1a:cf:11:ad:e8:ff:9d:
25:5f:2c:63:36:18:d2:2e:e1:cb:a4:7c:91:b1:49:
05:5a:cb:8c:38:6c:01:7d:e4:58:fd:19:42:99:0f:
12:8e:76:a2:43:b5:01:d8:4a:cd:46:bd:6a:45:08:
18:a8:3a:01:96:98:36:d5:29:51:c5:d6:ff:e9:bf:
81:e2:ae:a4:ab:b7:00:8f:ea:39:18:c6:37:96:97:
c6:ac:af:1f:5a:b8:3f:3d:03:26:70:60:3d:6f:07:
ac:86:dc:47:5d:95:f4:b2:f1:31:8a:74:07:28:26:
fc:7e:08:df:f0:0a:54:06:1d:9e:60:ff:00:83:06:
a1:c9:6a:72:c0:0e:cd:04:43:ee:e0:75:7b:bd:2b:
3b:b5:ab:4c:0e:45:c1:a3:5f:62:0c:4c:c6:d2:bd:
1a:80:d6:89:bd:a9:a5:e8:d4:f9:c4:c7:9a:64:92:
fa:f2:64:55:39:19:ba:d3:e7:fd:9c:cb:99:f7:9e:
cd:6e:5b:22:ef:12:69:8c:a0:d1:ae:16:09:06:ce:
6b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D0:9A:AE:BD:D0:0D:D8:B3:65:EC:0A:C6:77:3A:2E:09:63:ED:F5
X509v3 Authority Key Identifier:
keyid:9B:E9:CF:3E:B1:5A:D5:93:72:D6:46:32:B5:93:F2:6A:E8:90:19:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-nPPrFa1ZNy1kYytZPyauiQGU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/1b32ae-3c59-4b3d-9197-f3be848fde15/1/B9Carr3QDdizZewKxnc6Lglj7fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/1b32ae-3c59-4b3d-9197-f3be848fde15/1/m-nPPrFa1ZNy1kYytZPyauiQGU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.249.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:c8:b3:47:0b:28:c9:18:99:d1:85:ea:00:73:e4:b2:0c:0b:
08:68:8b:45:51:cb:f2:42:65:54:25:d9:3f:2d:5e:b4:d5:3c:
95:96:54:ff:23:dd:fb:11:9d:7c:48:b5:b7:21:a6:29:a8:d4:
f0:6d:0f:9a:87:de:d8:da:e8:74:90:a7:4a:4b:1f:c5:ad:78:
4b:5c:9e:89:3a:07:10:10:aa:d5:e9:58:73:27:4e:39:49:d5:
87:be:88:34:35:20:12:a2:50:a6:69:da:ab:fd:d6:bc:e8:a8:
c4:38:b2:7f:68:69:88:9d:ed:2f:a9:9c:d1:38:61:ea:ed:7c:
39:bd:31:d0:57:18:84:2f:24:9f:77:34:32:03:c1:0a:8d:b4:
91:92:14:98:16:46:27:77:99:4b:6b:c8:06:ea:77:fd:0f:b8:
31:87:6b:d6:f0:04:57:7e:9f:96:56:ba:94:e9:3c:4b:b5:9a:
f9:3a:bd:fb:d1:01:70:a5:6c:10:d9:6f:b0:ff:c1:27:1f:b1:
92:10:a0:b9:a6:f8:7a:1f:8f:f9:18:07:a2:c8:e4:36:6a:8c:
c7:cd:d8:20:54:31:bf:9e:4a:18:90:9b:f3:29:38:29:35:84:
32:cc:75:53:4f:b4:fe:5f:62:f8:75:2b:ec:0c:ed:20:c0:0c:
d8:53:dc:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsLtDuetq7WJ7INqC1dDk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZTljZjNlYjE1YWQ1OTM3MmQ2NDYzMmI1OTNmMjZhZTg5
MDE5NGQwHhcNMjMwMTAxMDcxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2QwOWFhZWJkZDAwZGQ4YjM2NWVjMGFjNjc3M2EyZTA5NjNlZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKVQ7J+cvql+G5EDcG3y0n2+0KlK
UMMh9Ze1I3PxKLc89b+cBuac7/twvbXyFtHD6xoTUhrPEa3o/50lXyxjNhjSLuHL
pHyRsUkFWsuMOGwBfeRY/RlCmQ8SjnaiQ7UB2ErNRr1qRQgYqDoBlpg21SlRxdb/
6b+B4q6kq7cAj+o5GMY3lpfGrK8fWrg/PQMmcGA9bweshtxHXZX0svExinQHKCb8
fgjf8ApUBh2eYP8AgwahyWpywA7NBEPu4HV7vSs7tatMDkXBo19iDEzG0r0agNaJ
vaml6NT5xMeaZJL68mRVORm60+f9nMuZ957Nblsi7xJpjKDRrhYJBs5r8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfQmq690A3Ys2XsCsZ3Oi4JY+31MB8GA1UdIwQY
MBaAFJvpzz6xWtWTctZGMrWT8mrokBlNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS1uUFByRmExWk55MWtZeXRaUHlhdWlRR1UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8xYjMyYWUtM2M1OS00YjNkLTkxOTct
ZjNiZTg0OGZkZTE1LzEvQjlDYXJyM1FEZGl6WmV3S3huYzZMZ2xqN2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8xYjMyYWUtM2M1OS00YjNkLTkxOTctZjNiZTg0OGZkZTE1
LzEvbS1uUFByRmExWk55MWtZeXRaUHlhdWlRR1UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSz5MA0G
CSqGSIb3DQEBCwUAA4IBAQDOyLNHCyjJGJnRheoAc+SyDAsIaItFUcvyQmVUJdk/
LV601TyVllT/I937EZ18SLW3IaYpqNTwbQ+ah97Y2uh0kKdKSx/FrXhLXJ6JOgcQ
EKrV6VhzJ045SdWHvog0NSASolCmadqr/da86KjEOLJ/aGmIne0vqZzROGHq7Xw5
vTHQVxiELySfdzQyA8EKjbSRkhSYFkYnd5lLa8gG6nf9D7gxh2vW8ARXfp+WVrqU
6TxLtZr5Or370QFwpWwQ2W+w/8EnH7GSEKC5pvh6H4/5GAeiyOQ2aozHzdggVDG/
nkoYkJvzKTgpNYQyzHVTT7T+X2L4dSvsDO0gwAzYU9wb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:29 2025 by rpki-client