Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/jxSeqD0hHIBHHGEGCM7as6kgXj8.roa
File: jxSeqD0hHIBHHGEGCM7as6kgXj8.roa (raw, json)
Hash identifier: 3vZob16w6lGYVi9nqqyYxtcmurewt+fE8b+gq8JMJ0Q=
Subject key identifier: 8F:14:9E:A8:3D:21:1C:80:47:1C:61:06:08:CE:DA:B3:A9:20:5E:3F
Certificate issuer: /CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Certificate serial: 055D3C3F
Authority key identifier: A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/jxSeqD0hHIBHHGEGCM7as6kgXj8.roa
Signing time: Sat 01 Jan 2022 03:02:23 +0000
ROA not before: Sat 01 Jan 2022 03:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 54588
IP address blocks: 176.121.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89996351 (0x55d3c3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Validity
Not Before: Jan 1 03:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f149ea83d211c80471c610608cedab3a9205e3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2f:4d:44:34:54:1c:b8:c0:d2:fe:8e:8b:23:
87:71:71:da:5b:02:93:04:10:5e:d6:51:08:e5:4c:
b7:90:07:12:81:aa:9c:97:6b:b5:ba:77:1a:0a:a7:
d7:c7:fc:cb:0b:22:cd:f8:49:e5:08:2a:a7:c2:ff:
75:5a:d7:54:9b:21:8a:e3:5b:79:15:19:5b:ed:4c:
83:25:ef:d7:2a:34:41:86:90:45:f4:a8:89:68:1a:
53:3b:dd:66:ba:a1:2c:24:43:8b:eb:52:49:65:4f:
e0:a9:63:25:b5:c7:86:13:bd:aa:2a:76:df:cc:47:
65:54:a2:88:9a:9e:7b:54:a1:4c:b2:86:90:5c:2f:
36:61:e2:ae:8c:a6:70:9c:a7:9f:02:3e:56:39:26:
6e:e3:20:32:4a:2b:e6:fa:b5:60:25:b1:5a:50:bf:
27:8a:66:bc:aa:bc:fa:37:ca:8b:f4:6a:f6:ac:64:
14:a2:f5:6e:2c:3b:48:6d:9e:76:3e:eb:d0:5f:3f:
06:d7:6f:2b:6a:e4:ea:40:22:d7:89:47:af:6a:c2:
4f:45:ff:0c:c8:18:e6:db:2a:5d:c3:91:4e:9c:ba:
7b:3d:56:02:bc:39:19:f8:56:a1:5c:17:dd:56:48:
61:15:d0:63:31:ec:a4:d8:87:2b:a5:2c:85:d4:a8:
59:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:14:9E:A8:3D:21:1C:80:47:1C:61:06:08:CE:DA:B3:A9:20:5E:3F
X509v3 Authority Key Identifier:
keyid:A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/jxSeqD0hHIBHHGEGCM7as6kgXj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.89.0/24
Signature Algorithm: sha256WithRSAEncryption
48:7d:fb:a6:52:ce:d0:ea:32:3c:70:f7:97:01:69:48:52:1b:
66:ed:74:f6:13:ae:c9:1d:2c:e9:9e:b1:71:be:a1:fc:96:df:
ae:8b:76:7e:30:dc:d4:d7:d5:df:d1:8c:b8:e5:48:1c:50:03:
d0:35:51:ed:9e:01:fc:9b:13:93:53:af:3a:8d:62:3f:e2:1a:
55:2c:de:50:54:39:97:b4:9c:89:70:6a:2b:f1:00:7a:20:ac:
04:85:9f:d2:8f:55:23:4e:ce:d3:8a:fc:9a:7c:29:7e:39:0c:
f2:73:42:3f:9c:1f:d3:c6:17:de:7a:ed:f0:94:75:b8:21:55:
89:fe:a6:ac:8a:29:cb:79:9a:08:2e:40:47:6a:28:14:00:7b:
b8:7a:b2:29:a3:3f:42:3b:e6:bc:a0:c0:bd:e0:af:be:5b:23:
c3:66:9a:8c:80:8e:36:91:80:f6:7d:50:a2:02:78:4d:53:ec:
a2:06:9c:6b:ed:75:cc:13:e9:c3:56:0a:8b:3f:c8:a5:07:bc:
5c:29:cd:3f:0c:55:76:32:57:a1:38:5e:d8:8b:3a:4c:06:8e:
95:c7:66:38:b0:09:37:f6:7b:9a:cc:9e:08:6a:d6:11:32:11:
45:27:45:20:2c:99:bc:b7:38:d0:16:3d:89:bb:b2:1b:ef:8e:
4a:e8:36:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBV08PzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Mzg5ZTcwMzViMDhlMTgxYTM0MWYzN2VkYTczNDNkMjNmMWNhZmE0MB4XDTIyMDEw
MTAzMDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGYxNDllYTgzZDIx
MWM4MDQ3MWM2MTA2MDhjZWRhYjNhOTIwNWUzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKovTUQ0VBy4wNL+josjh3Fx2lsCkwQQXtZRCOVMt5AHEoGq
nJdrtbp3Ggqn18f8ywsizfhJ5Qgqp8L/dVrXVJshiuNbeRUZW+1MgyXv1yo0QYaQ
RfSoiWgaUzvdZrqhLCRDi+tSSWVP4KljJbXHhhO9qip238xHZVSiiJqee1ShTLKG
kFwvNmHiroymcJynnwI+VjkmbuMgMkor5vq1YCWxWlC/J4pmvKq8+jfKi/Rq9qxk
FKL1biw7SG2edj7r0F8/BtdvK2rk6kAi14lHr2rCT0X/DMgY5tsqXcORTpy6ez1W
Arw5GfhWoVwX3VZIYRXQYzHspNiHK6UshdSoWaECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSPFJ6oPSEcgEccYQYIztqzqSBePzAfBgNVHSMEGDAWgBSjiecDWwjhgaNB
837ac0PSPxyvpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L280bm5BMXNJNFlHalFmTi0ybk5EMGo4Y3I2US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvZjA1M2NkLTFkNzktNDNhMS05YWFiLTBlNzI0MTZiNGRjNy8x
L2p4U2VxRDBoSElCSEhHRUdDTTdhczZrZ1hqOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
ZjA1M2NkLTFkNzktNDNhMS05YWFiLTBlNzI0MTZiNGRjNy8xL280bm5BMXNJNFlH
alFmTi0ybk5EMGo4Y3I2US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB5WTANBgkqhkiG9w0BAQsFAAOC
AQEASH37plLO0OoyPHD3lwFpSFIbZu109hOuyR0s6Z6xcb6h/Jbfrot2fjDc1NfV
39GMuOVIHFAD0DVR7Z4B/JsTk1OvOo1iP+IaVSzeUFQ5l7SciXBqK/EAeiCsBIWf
0o9VI07O04r8mnwpfjkM8nNCP5wf08YX3nrt8JR1uCFVif6mrIopy3maCC5AR2oo
FAB7uHqyKaM/QjvmvKDAveCvvlsjw2aajICONpGA9n1QogJ4TVPsogaca+11zBPp
w1YKiz/IpQe8XCnNPwxVdjJXoThe2Is6TAaOlcdmOLAJN/Z7msyeCGrWETIRRSdF
ICyZvLc40BY9ibuyG++OSug22w==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:07:52 2025 by rpki-client