Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/hj8L9GkvIvtNkKP3RDq4IS6qH84.roa
File: hj8L9GkvIvtNkKP3RDq4IS6qH84.roa (raw, json)
Hash identifier: Bkn5aqxtoPsMfsZ5PI8rL7/trWBK1cuaEqeQuBeWvM0=
Subject key identifier: 86:3F:0B:F4:69:2F:22:FB:4D:90:A3:F7:44:3A:B8:21:2E:AA:1F:CE
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01942827FE9B16FE55624216ED1DB69A2936
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/hj8L9GkvIvtNkKP3RDq4IS6qH84.roa
Signing time: Thu 02 Jan 2025 17:54:57 +0000
ROA not before: Thu 02 Jan 2025 17:54:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205220
IP address blocks: 89.191.224.0/24 maxlen: 24
141.98.232.0/24 maxlen: 24
194.31.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:fe:9b:16:fe:55:62:42:16:ed:1d:b6:9a:29:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 2 17:54:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=863f0bf4692f22fb4d90a3f7443ab8212eaa1fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d1:0c:e5:fc:3a:f9:4c:3c:a6:49:2a:d5:c7:
b3:3e:5c:bf:26:c6:a7:6d:e9:b0:6b:c3:af:dc:78:
b1:4f:23:56:ac:97:bc:d2:43:f3:61:fd:47:3c:01:
55:85:d0:71:60:9b:56:07:0c:14:39:b4:6e:50:1f:
14:f2:51:08:1e:ce:35:af:92:ad:e4:46:1a:8c:e6:
87:d6:02:b2:b4:31:9e:f4:36:3a:68:bd:99:9e:15:
a9:da:bc:53:7d:b9:8c:5c:84:e3:3f:ca:d7:7f:f0:
d8:2c:01:44:67:ca:74:19:9a:aa:83:b6:06:fb:ef:
e9:75:bf:6c:a9:e3:12:16:eb:5c:9f:4b:97:45:0b:
56:e0:69:24:17:d1:56:f6:ed:a1:fe:31:f0:f8:e2:
16:2e:5c:68:f8:5b:79:a1:75:06:2a:75:b1:dd:74:
1c:a1:9f:5f:fd:3d:29:49:6c:f8:95:93:37:c5:07:
d4:37:1c:a3:3c:2f:8c:90:60:37:02:7c:c9:ce:96:
4b:8d:13:92:6e:eb:2a:f3:e0:a6:1e:ad:7a:bd:8c:
05:77:ba:ff:b5:32:14:6f:f8:f5:04:7c:20:06:a5:
0f:68:47:75:b9:64:6d:91:0e:b2:84:02:de:18:94:
c2:41:67:38:f1:22:0c:be:c2:53:09:17:10:c2:54:
cf:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:3F:0B:F4:69:2F:22:FB:4D:90:A3:F7:44:3A:B8:21:2E:AA:1F:CE
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/hj8L9GkvIvtNkKP3RDq4IS6qH84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.191.224.0/24
141.98.232.0/24
194.31.172.0/24
Signature Algorithm: sha256WithRSAEncryption
25:28:28:f8:9c:41:8f:fc:d9:f8:fa:65:14:a4:a4:45:b8:ab:
37:8c:5c:d6:c0:d9:15:2a:f5:1e:0a:19:56:f0:03:e2:8a:56:
cb:7a:d8:f1:b0:dc:7d:bf:1c:18:bf:25:e9:fd:77:73:11:8a:
e7:72:54:b7:95:39:db:45:50:c8:fd:ed:4a:ff:9b:aa:55:51:
74:b0:40:cc:10:40:09:7c:f8:bc:26:f7:7b:69:fa:13:57:52:
bb:82:bc:eb:63:fe:28:01:d1:65:b6:26:32:83:3e:5f:36:c9:
ab:af:3e:77:f9:b0:9e:21:b4:59:4d:79:99:f4:cc:e6:a9:a8:
c0:18:a6:97:f4:6d:5f:09:28:54:86:0b:bc:fe:f2:3a:9b:cd:
38:67:33:6f:ec:0b:9e:2b:57:2c:71:4a:f9:15:11:a4:79:81:
1a:7f:61:8f:72:34:fa:52:63:7d:25:84:94:4d:9c:a9:24:ac:
b4:96:75:bb:69:54:b8:87:2f:ed:19:e9:b4:65:70:c2:24:14:
2c:a2:ce:b0:25:b2:ef:0a:f1:c2:b3:e9:3c:87:be:3e:fb:5a:
33:af:10:cc:52:38:4a:31:87:a2:a6:c9:ee:36:45:7b:f3:6c:
7d:a7:3a:7b:f2:d8:44:14:f6:0f:45:ea:6c:11:ae:b9:52:1c:
e1:b4:d2:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJ/6bFv5VYkIW7R22mik2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjUwMTAyMTc1NDU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjNmMGJmNDY5MmYyMmZiNGQ5MGEzZjc0NDNhYjgyMTJlYWExZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstEM5fw6+Uw8pkkq1cezPly/Jsan
bemwa8Ov3HixTyNWrJe80kPzYf1HPAFVhdBxYJtWBwwUObRuUB8U8lEIHs41r5Kt
5EYajOaH1gKytDGe9DY6aL2ZnhWp2rxTfbmMXITjP8rXf/DYLAFEZ8p0GZqqg7YG
++/pdb9sqeMSFutcn0uXRQtW4GkkF9FW9u2h/jHw+OIWLlxo+Ft5oXUGKnWx3XQc
oZ9f/T0pSWz4lZM3xQfUNxyjPC+MkGA3AnzJzpZLjROSbusq8+CmHq16vYwFd7r/
tTIUb/j1BHwgBqUPaEd1uWRtkQ6yhALeGJTCQWc48SIMvsJTCRcQwlTPkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIY/C/RpLyL7TZCj90Q6uCEuqh/OMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvaGo4TDlHa3ZJdnROa0tQM1JEcTRJUzZxSDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWb/gAwQA
jWLoAwQAwh+sMA0GCSqGSIb3DQEBCwUAA4IBAQAlKCj4nEGP/Nn4+mUUpKRFuKs3
jFzWwNkVKvUeChlW8APiilbLetjxsNx9vxwYvyXp/XdzEYrnclS3lTnbRVDI/e1K
/5uqVVF0sEDMEEAJfPi8Jvd7afoTV1K7grzrY/4oAdFltiYygz5fNsmrrz53+bCe
IbRZTXmZ9MzmqajAGKaX9G1fCShUhgu8/vI6m804ZzNv7AueK1cscUr5FRGkeYEa
f2GPcjT6UmN9JYSUTZypJKy0lnW7aVS4hy/tGem0ZXDCJBQsos6wJbLvCvHCs+k8
h74++1ozrxDMUjhKMYeipsnuNkV782x9pzp78thEFPYPRepsEa65UhzhtNKY
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:18:43 2025 by rpki-client