Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/IdEYIsWCps3Gl-CPOJNmXVY_KDA.roa
File: IdEYIsWCps3Gl-CPOJNmXVY_KDA.roa (raw, json)
Hash identifier: V5/YEnbALkGDiezb6/4H3zOCBx4UZLrATG4CYdBNlRA=
Subject key identifier: 21:D1:18:22:C5:82:A6:CD:C6:97:E0:8F:38:93:66:5D:56:3F:28:30
Certificate issuer: /CN=9f822437f49ed53886689022afddda59f79f8a71
Certificate serial: 0194228DD3E1EF8387D30CBE60AD5F676C3F
Authority key identifier: 9F:82:24:37:F4:9E:D5:38:86:68:90:22:AF:DD:DA:59:F7:9F:8A:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n4IkN_Se1TiGaJAir93aWfefinE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/IdEYIsWCps3Gl-CPOJNmXVY_KDA.roa
Signing time: Wed 01 Jan 2025 15:48:27 +0000
ROA not before: Wed 01 Jan 2025 15:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35819
IP address blocks: 89.40.26.0/24 maxlen: 24
149.126.14.0/24 maxlen: 24
149.126.15.0/24 maxlen: 24
185.133.180.0/24 maxlen: 24
185.133.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d3:e1:ef:83:87:d3:0c:be:60:ad:5f:67:6c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f822437f49ed53886689022afddda59f79f8a71
Validity
Not Before: Jan 1 15:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21d11822c582a6cdc697e08f3893665d563f2830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f0:36:01:64:3a:4a:40:0b:d9:a7:52:f3:59:
d9:d9:c3:51:51:83:51:0b:56:3c:3b:7d:f6:09:82:
f5:8c:44:14:88:3f:ff:7c:8c:e2:99:c6:7d:5f:55:
56:c2:a5:16:47:ef:90:8b:42:44:a0:64:90:4e:ef:
61:62:6d:3c:c4:e2:ed:6f:a4:4d:4f:74:35:35:d3:
6b:03:d7:f2:9e:b5:f5:3c:05:50:3d:e7:7d:b4:b0:
cc:cb:21:78:1f:7e:64:cd:e7:48:4b:80:f5:59:dd:
fc:68:c1:04:a1:80:2f:29:e0:54:66:b9:da:07:e2:
9a:42:15:af:93:a0:eb:e7:5e:80:b1:c2:2c:24:99:
a2:ca:9a:22:c7:66:f4:4b:f6:5c:d9:90:81:d5:1a:
94:23:67:eb:c1:ba:a9:7c:11:ae:79:ca:d3:aa:08:
36:c1:b5:fa:0d:d0:ff:69:1f:d5:66:8b:f4:07:66:
4e:f1:26:ad:5b:d0:f6:6e:91:24:44:6e:9f:39:ff:
bd:35:a5:79:b3:6a:76:eb:3f:c2:69:a0:5e:7c:27:
85:fa:f4:15:a0:bf:52:36:49:e3:54:16:80:2d:91:
d0:60:95:9d:26:de:06:f4:42:f7:4a:69:60:12:98:
87:b3:13:02:62:98:06:32:83:6c:21:9d:72:26:15:
6c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D1:18:22:C5:82:A6:CD:C6:97:E0:8F:38:93:66:5D:56:3F:28:30
X509v3 Authority Key Identifier:
keyid:9F:82:24:37:F4:9E:D5:38:86:68:90:22:AF:DD:DA:59:F7:9F:8A:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n4IkN_Se1TiGaJAir93aWfefinE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/IdEYIsWCps3Gl-CPOJNmXVY_KDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/cbd332-a8db-4606-ac9b-14ec41d4c0a6/1/n4IkN_Se1TiGaJAir93aWfefinE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.26.0/24
149.126.14.0/23
185.133.180.0/23
Signature Algorithm: sha256WithRSAEncryption
61:dd:b7:fc:79:60:3b:0e:d5:f5:f2:76:2c:05:bf:d5:03:87:
f3:e5:97:47:7f:6e:0f:06:ea:fd:e3:bd:f1:83:d7:6d:50:1d:
ce:55:58:19:9d:26:1c:05:b3:32:c9:bf:80:1d:89:34:3e:6b:
4b:aa:36:65:60:91:99:c4:af:7f:56:21:83:33:01:18:ac:43:
75:f9:94:cc:61:d3:92:96:20:99:01:87:2b:37:8b:9b:ef:49:
b5:bc:d3:2c:48:7e:80:75:13:dc:a5:3f:7d:58:80:4c:b0:96:
93:ec:45:d0:c7:2e:86:9c:bb:a1:95:64:f5:d3:ee:14:9f:38:
9e:63:97:3f:49:0f:c3:a0:63:bb:49:5d:f5:a0:b5:25:b8:c3:
01:14:58:44:f7:c9:0e:b3:4b:4b:dc:ea:99:10:2c:94:6c:0c:
15:85:91:e6:47:66:40:34:d6:53:de:00:36:37:a5:e6:56:df:
99:f0:42:93:02:ac:90:2d:fe:a5:a8:4b:43:d4:a6:87:b8:8a:
cb:fa:e4:e3:47:91:a8:ed:de:2f:4b:8e:bd:f8:0d:e5:54:f0:
c2:66:42:53:47:6e:3e:2a:c3:ff:bc:98:1d:f9:e8:80:58:dc:
ae:4a:9b:e5:73:9d:86:33:da:96:9e:00:bb:15:2c:af:d8:98:
d4:29:7f:f1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQijdPh74OH0wy+YK1fZ2w/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmODIyNDM3ZjQ5ZWQ1Mzg4NjY4OTAyMmFmZGRkYTU5Zjc5
ZjhhNzEwHhcNMjUwMTAxMTU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQxMTgyMmM1ODJhNmNkYzY5N2UwOGYzODkzNjY1ZDU2M2YyODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvA2AWQ6SkAL2adS81nZ2cNRUYNR
C1Y8O332CYL1jEQUiD//fIzimcZ9X1VWwqUWR++Qi0JEoGSQTu9hYm08xOLtb6RN
T3Q1NdNrA9fynrX1PAVQPed9tLDMyyF4H35kzedIS4D1Wd38aMEEoYAvKeBUZrna
B+KaQhWvk6Dr516AscIsJJmiypoix2b0S/Zc2ZCB1RqUI2frwbqpfBGuecrTqgg2
wbX6DdD/aR/VZov0B2ZO8SatW9D2bpEkRG6fOf+9NaV5s2p26z/CaaBefCeF+vQV
oL9SNknjVBaALZHQYJWdJt4G9EL3SmlgEpiHsxMCYpgGMoNsIZ1yJhVs/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCHRGCLFgqbNxpfgjziTZl1WPygwMB8GA1UdIwQY
MBaAFJ+CJDf0ntU4hmiQIq/d2ln3n4pxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjRJa05fU2UxVGlHYUpBaXI5M2FXZmVmaW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9jYmQzMzItYThkYi00NjA2LWFjOWIt
MTRlYzQxZDRjMGE2LzEvSWRFWUlzV0NwczNHbC1DUE9KTm1YVllfS0RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9jYmQzMzItYThkYi00NjA2LWFjOWItMTRlYzQxZDRjMGE2
LzEvbjRJa05fU2UxVGlHYUpBaXI5M2FXZmVmaW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSgaAwQB
lX4OAwQBuYW0MA0GCSqGSIb3DQEBCwUAA4IBAQBh3bf8eWA7DtX18nYsBb/VA4fz
5ZdHf24PBur9473xg9dtUB3OVVgZnSYcBbMyyb+AHYk0PmtLqjZlYJGZxK9/ViGD
MwEYrEN1+ZTMYdOSliCZAYcrN4ub70m1vNMsSH6AdRPcpT99WIBMsJaT7EXQxy6G
nLuhlWT10+4UnzieY5c/SQ/DoGO7SV31oLUluMMBFFhE98kOs0tL3OqZECyUbAwV
hZHmR2ZANNZT3gA2N6XmVt+Z8EKTAqyQLf6lqEtD1KaHuIrL+uTjR5Go7d4vS469
+A3lVPDCZkJTR24+KsP/vJgd+eiAWNyuSpvlc52GM9qWngC7FSyv2JjUKX/x
-----END CERTIFICATE-----
Generated at Sat Apr 12 01:16:19 2025 by rpki-client