Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2RMmrpcDTc2PvNu5TNTAOyHaouI.roa
File: 2RMmrpcDTc2PvNu5TNTAOyHaouI.roa (raw, json)
Hash identifier: XLm+GnfjmWK96gEaM9T+jWpkcJJsItx27t0lDAfnu+M=
Subject key identifier: D9:13:26:AE:97:03:4D:CD:8F:BC:DB:B9:4C:D4:C0:3B:21:DA:A2:E2
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 0194F527F097CE0DB4B6687415BB20E00223
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2RMmrpcDTc2PvNu5TNTAOyHaouI.roa
Signing time: Tue 11 Feb 2025 13:17:02 +0000
ROA not before: Tue 11 Feb 2025 13:17:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12400
IP address blocks: 89.38.28.0/24 maxlen: 24
89.38.29.0/24 maxlen: 24
185.151.196.0/23 maxlen: 23
185.151.198.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f5:27:f0:97:ce:0d:b4:b6:68:74:15:bb:20:e0:02:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Feb 11 13:17:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d91326ae97034dcd8fbcdbb94cd4c03b21daa2e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d4:6b:96:60:1e:9e:97:cf:5a:33:71:7b:c5:
05:fe:8a:ed:ac:ba:0f:6c:ec:27:49:c9:a8:15:90:
46:81:d2:ce:3a:57:3b:ff:c2:97:5d:48:f2:58:b8:
9c:db:ce:9d:b9:b9:8f:7d:cd:70:a3:df:8e:20:64:
87:46:d2:4e:58:04:e4:0e:f6:0d:d2:a7:6c:7f:07:
37:2b:2f:fc:1d:3d:63:f7:8b:bf:a1:4d:b3:20:84:
48:69:41:19:de:78:aa:9b:67:52:01:5b:cb:3c:38:
7d:35:48:75:4c:4d:87:6a:7d:af:77:e9:83:70:bb:
7c:5b:dd:6f:b8:fa:e3:fb:37:cf:6f:c3:67:ac:2b:
4b:fd:23:78:64:a8:e3:71:4d:6c:3b:0e:54:d7:d4:
1d:09:cf:4b:ee:ba:d2:01:56:b6:62:ec:89:74:85:
da:3c:d9:8a:ea:d6:80:28:b5:d7:27:4c:28:88:b7:
ce:ce:44:0b:e0:73:da:b2:9d:44:c9:f5:e2:b1:76:
51:3c:0f:99:42:0c:2f:ec:20:0f:48:fd:55:a8:a0:
ef:d1:40:d3:ff:2b:d6:fa:a8:ad:ed:f5:f4:7a:4a:
40:55:86:d1:5c:84:09:f2:ce:7b:5e:43:29:f6:a6:
1f:55:6f:0d:50:a7:83:38:71:d0:ea:76:22:f2:fa:
bf:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:13:26:AE:97:03:4D:CD:8F:BC:DB:B9:4C:D4:C0:3B:21:DA:A2:E2
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2RMmrpcDTc2PvNu5TNTAOyHaouI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.28.0/23
185.151.196.0-185.151.198.255
Signature Algorithm: sha256WithRSAEncryption
55:77:2b:79:9e:c5:94:a5:6d:b0:a0:02:e4:b9:d2:55:0b:1e:
94:5c:95:7b:0e:8d:ad:60:b4:39:22:ad:8e:4a:74:7b:3a:f2:
72:fc:5c:7f:ab:24:f9:71:00:b1:71:96:ff:04:60:75:fe:fe:
23:3f:87:ae:71:b9:e4:61:6d:8f:62:36:24:51:8b:c7:28:84:
26:43:47:90:3e:03:ab:33:81:15:11:7a:69:0b:bf:97:4c:f5:
87:15:42:42:74:45:91:02:1d:e1:3d:da:ca:ca:97:23:a8:b3:
54:90:1e:e0:24:db:f1:c8:20:00:51:5a:91:41:fa:63:ae:69:
58:69:cd:c2:76:24:9f:53:73:dd:fd:13:1c:30:af:71:95:b7:
55:d3:b5:1f:c7:6a:f8:98:28:6d:e5:43:da:f6:1c:e8:f0:bc:
d9:d1:ba:46:95:20:9a:ef:47:21:b2:fc:a1:27:d7:a9:ce:f6:
22:00:18:a1:17:c1:c4:48:fc:ef:de:dc:33:ce:bf:0d:7f:18:
b1:57:4c:37:a9:83:c3:ec:3f:14:ff:ea:80:d4:c2:b1:fc:dd:
d2:58:44:d5:62:e5:a6:1e:bf:d2:28:13:45:63:22:df:e2:91:
f7:fd:e1:67:7d:ca:5c:37:b4:57:25:58:14:66:35:88:7b:9c:
be:98:72:60
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZT1J/CXzg20tmh0Fbsg4AIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjUwMjExMTMxNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTEzMjZhZTk3MDM0ZGNkOGZiY2RiYjk0Y2Q0YzAzYjIxZGFhMmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtRrlmAenpfPWjNxe8UF/ortrLoP
bOwnScmoFZBGgdLOOlc7/8KXXUjyWLic286dubmPfc1wo9+OIGSHRtJOWATkDvYN
0qdsfwc3Ky/8HT1j94u/oU2zIIRIaUEZ3niqm2dSAVvLPDh9NUh1TE2Han2vd+mD
cLt8W91vuPrj+zfPb8NnrCtL/SN4ZKjjcU1sOw5U19QdCc9L7rrSAVa2YuyJdIXa
PNmK6taAKLXXJ0woiLfOzkQL4HPasp1EyfXisXZRPA+ZQgwv7CAPSP1VqKDv0UDT
/yvW+qit7fX0ekpAVYbRXIQJ8s57XkMp9qYfVW8NUKeDOHHQ6nYi8vq/KwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNkTJq6XA03Nj7zbuUzUwDsh2qLiMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvMlJNbXJwY0RUYzJQdk51NVROVEFPeUhhb3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBWSYcMAwD
BAK5l8QDBAC5l8YwDQYJKoZIhvcNAQELBQADggEBAFV3K3mexZSlbbCgAuS50lUL
HpRclXsOja1gtDkirY5KdHs68nL8XH+rJPlxALFxlv8EYHX+/iM/h65xueRhbY9i
NiRRi8cohCZDR5A+A6szgRURemkLv5dM9YcVQkJ0RZECHeE92srKlyOos1SQHuAk
2/HIIABRWpFB+mOuaVhpzcJ2JJ9Tc939Exwwr3GVt1XTtR/HaviYKG3lQ9r2HOjw
vNnRukaVIJrvRyGy/KEn16nO9iIAGKEXwcRI/O/e3DPOvw1/GLFXTDepg8PsPxT/
6oDUwrH83dJYRNVi5aYev9IoE0VjIt/ikff94Wd9ylw3tFclWBRmNYh7nL6YcmA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:38:48 2025 by rpki-client