Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kebNgKbhNzMoV1aa9Lp8FI7qI14.roa
File: kebNgKbhNzMoV1aa9Lp8FI7qI14.roa (raw, json)
Hash identifier: RNhciXalu/5zC9P1zPnVoqPvFOltM+uRfAeewwdmiC0=
Subject key identifier: 91:E6:CD:80:A6:E1:37:33:28:57:56:9A:F4:BA:7C:14:8E:EA:23:5E
Certificate issuer: /CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Certificate serial: 098F779D
Authority key identifier: C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kebNgKbhNzMoV1aa9Lp8FI7qI14.roa
Signing time: Mon 14 Feb 2022 18:59:57 +0000
ROA not before: Mon 14 Feb 2022 18:59:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 89.117.5.0/24 maxlen: 24
89.116.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160397213 (0x98f779d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4698585e5ebd11c969c7ed4a320edafc9d17822
Validity
Not Before: Feb 14 18:59:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91e6cd80a6e137332857569af4ba7c148eea235e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a1:b5:26:6c:3c:63:c3:da:6d:f3:45:a5:b7:
10:b2:36:c1:20:a8:ef:52:a2:1f:22:3d:6a:9f:e7:
03:de:e8:d7:64:ef:5d:a0:1f:74:6e:52:4d:00:ef:
49:69:46:c7:bc:3d:0c:42:0b:cc:ca:3c:4f:a7:cc:
b3:80:15:e3:4f:53:1b:22:38:78:cd:54:34:79:fe:
6b:a3:86:c7:d2:69:1e:39:ed:77:53:36:a4:58:55:
a3:a9:1c:be:21:f9:13:45:b3:82:76:d1:6e:60:8c:
b0:a4:ae:1c:da:65:c2:66:38:bb:24:e3:49:9f:c2:
2a:2f:7a:0b:d3:02:6f:6b:97:0f:17:40:4f:44:14:
a8:ee:3d:dc:bb:72:7c:0e:09:f9:7c:a1:4b:ad:69:
cd:8f:b6:cc:c8:38:5f:0c:78:c6:d0:92:35:7f:e0:
c4:17:7d:10:4a:80:12:e7:f3:95:24:84:ef:17:f8:
7c:9d:df:81:85:e1:c7:96:54:71:f8:3c:7e:d8:79:
59:53:3d:8b:55:92:fd:7f:d0:fd:fd:9c:c4:92:f6:
54:3d:1f:e3:ef:22:50:29:4c:2e:a3:0e:9c:26:ed:
ae:4e:12:c3:81:42:44:99:35:c0:1b:cf:99:80:31:
9c:bd:5a:ff:3e:3a:1c:48:89:b1:60:4e:32:63:45:
f8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E6:CD:80:A6:E1:37:33:28:57:56:9A:F4:BA:7C:14:8E:EA:23:5E
X509v3 Authority Key Identifier:
keyid:C4:69:85:85:E5:EB:D1:1C:96:9C:7E:D4:A3:20:ED:AF:C9:D1:78:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGmFheXr0RyWnH7UoyDtr8nReCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/kebNgKbhNzMoV1aa9Lp8FI7qI14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/5310da-6821-4673-9e98-9d6001f78a70/1/xGmFheXr0RyWnH7UoyDtr8nReCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.56.0/24
89.117.5.0/24
Signature Algorithm: sha256WithRSAEncryption
90:86:29:6f:59:72:00:13:50:70:40:4c:59:ac:bf:7f:4b:1c:
bd:83:43:af:1a:59:14:cc:c8:cd:40:d5:01:09:c6:06:f3:b6:
ec:c0:35:93:94:d4:76:76:3b:6c:21:16:3a:d3:2f:b0:c7:e7:
09:72:af:a6:ee:61:f1:fd:55:df:4b:b7:a3:88:86:e5:13:cc:
9e:a3:3f:ae:96:43:30:4a:91:39:26:e3:ad:65:7c:5f:61:e0:
8d:e4:ac:63:b8:6f:f7:1d:3c:6c:3a:2c:c3:9f:0d:a8:a6:bf:
64:c7:80:3e:d3:62:52:6c:87:24:f1:8d:1e:3d:82:c4:1f:90:
3c:fb:cf:9b:71:32:8f:c3:b3:90:3b:37:5b:ee:56:0a:68:13:
be:2c:ae:a4:2c:fa:3e:c4:21:9f:ed:1f:7e:c7:10:b5:c9:b6:
eb:cc:00:d4:3a:8e:67:46:70:00:bb:71:1c:27:f5:6a:c9:e9:
c9:aa:93:dd:76:64:a3:6d:61:e3:dc:5c:4c:51:cf:35:20:82:
77:ac:ea:54:f1:81:07:e4:ae:56:31:bf:b3:80:49:93:4f:98:
b1:27:0e:d7:ab:b8:66:04:dd:88:8a:b1:b2:ba:bb:90:26:c2:
dc:a5:74:3f:c0:e3:9c:55:3f:25:ac:89:3f:f3:65:46:6c:70:
c9:5c:06:96
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECY93nTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDY5ODU4NWU1ZWJkMTFjOTY5YzdlZDRhMzIwZWRhZmM5ZDE3ODIyMB4XDTIyMDIx
NDE4NTk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFlNmNkODBhNmUx
MzczMzI4NTc1NjlhZjRiYTdjMTQ4ZWVhMjM1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyhtSZsPGPD2m3zRaW3ELI2wSCo71KiHyI9ap/nA97o12Tv
XaAfdG5STQDvSWlGx7w9DEILzMo8T6fMs4AV409TGyI4eM1UNHn+a6OGx9JpHjnt
d1M2pFhVo6kcviH5E0WzgnbRbmCMsKSuHNplwmY4uyTjSZ/CKi96C9MCb2uXDxdA
T0QUqO493LtyfA4J+XyhS61pzY+2zMg4Xwx4xtCSNX/gxBd9EEqAEufzlSSE7xf4
fJ3fgYXhx5ZUcfg8fth5WVM9i1WS/X/Q/f2cxJL2VD0f4+8iUClMLqMOnCbtrk4S
w4FCRJk1wBvPmYAxnL1a/z46HEiJsWBOMmNF+JUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSR5s2ApuE3MyhXVpr0unwUjuojXjAfBgNVHSMEGDAWgBTEaYWF5evRHJac
ftSjIO2vydF4IjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hHbUZoZVhyMFJ5V25IN1VveUR0cjhuUmVDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8x
L2tlYk5nS2JoTnpNb1YxYWE5THA4Rkk3cUkxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NTMxMGRhLTY4MjEtNDY3My05ZTk4LTlkNjAwMWY3OGE3MC8xL3hHbUZoZVhyMFJ5
V25IN1VveUR0cjhuUmVDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFl0OAMEAFl1BTANBgkqhkiG9w0B
AQsFAAOCAQEAkIYpb1lyABNQcEBMWay/f0scvYNDrxpZFMzIzUDVAQnGBvO27MA1
k5TUdnY7bCEWOtMvsMfnCXKvpu5h8f1V30u3o4iG5RPMnqM/rpZDMEqROSbjrWV8
X2HgjeSsY7hv9x08bDosw58NqKa/ZMeAPtNiUmyHJPGNHj2CxB+QPPvPm3Eyj8Oz
kDs3W+5WCmgTviyupCz6PsQhn+0ffscQtcm268wA1DqOZ0ZwALtxHCf1asnpyaqT
3XZko21h49xcTFHPNSCCd6zqVPGBB+SuVjG/s4BJk0+YsScO16u4ZgTdiIqxsrq7
kCbC3KV0P8DjnFU/JayJP/NlRmxwyVwGlg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:18 2025 by rpki-client