Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/uzMFOnPKpMqU8CP0ss6Mpv56PiE.roa
File: uzMFOnPKpMqU8CP0ss6Mpv56PiE.roa (raw, json)
Hash identifier: F8nsfvroSbli8FdaVZTheRyMCu5cUrtu6qwv9yns62A=
Subject key identifier: BB:33:05:3A:73:CA:A4:CA:94:F0:23:F4:B2:CE:8C:A6:FE:7A:3E:21
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 019426D950C81F4F67E8F18004452A5FE9CA
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/uzMFOnPKpMqU8CP0ss6Mpv56PiE.roa
Signing time: Thu 02 Jan 2025 11:49:23 +0000
ROA not before: Thu 02 Jan 2025 11:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206647
IP address blocks: 89.223.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:50:c8:1f:4f:67:e8:f1:80:04:45:2a:5f:e9:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 2 11:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb33053a73caa4ca94f023f4b2ce8ca6fe7a3e21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fe:c2:64:52:79:bf:1b:7c:31:fe:59:7c:f2:
73:d2:31:4d:ff:5e:9e:a5:ea:9a:8e:dc:ed:17:75:
32:e6:fd:cd:27:aa:ce:51:70:0a:27:65:cc:6e:03:
fc:c3:d3:dc:be:49:b9:3b:75:4c:51:a1:2e:5b:93:
2e:7d:cd:9a:58:5e:41:3a:c9:4b:b8:27:86:e1:77:
ab:92:c0:ef:8b:92:45:cd:ac:1a:73:5c:80:12:36:
11:8c:bb:07:96:7b:f3:42:a9:c5:53:ba:98:6f:4f:
2f:de:af:01:aa:ef:67:6c:d1:08:23:ca:d8:97:a3:
10:32:90:5b:5d:bb:ed:5d:76:d5:7f:16:04:97:c0:
b1:10:5b:11:6b:24:7a:58:37:df:fe:f4:ef:a7:85:
41:22:c7:08:c4:38:bb:ac:87:33:fb:e7:22:11:5b:
09:7e:54:55:d3:c1:ec:e6:55:05:39:61:52:6a:63:
ec:26:07:c3:09:64:63:9d:9e:37:45:29:2c:89:29:
44:01:93:33:9d:16:0e:fa:ed:6c:84:0a:a5:6c:72:
dd:0e:31:ba:b5:46:f6:e4:ec:35:55:c1:54:f5:50:
0b:e2:44:3d:de:f3:3b:84:71:50:3a:d1:ac:40:4e:
12:28:d9:f1:a3:1c:82:5a:bd:48:33:8f:08:0f:44:
85:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:33:05:3A:73:CA:A4:CA:94:F0:23:F4:B2:CE:8C:A6:FE:7A:3E:21
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/uzMFOnPKpMqU8CP0ss6Mpv56PiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.17.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:dc:5b:a4:e6:34:af:c1:8f:64:b0:0b:2f:4c:03:c7:06:08:
4c:17:f1:9e:03:df:3e:99:f2:4e:e4:6c:ed:47:84:56:fe:31:
0e:5f:40:6a:c4:d6:cd:60:0f:31:c4:d8:a1:a0:94:62:37:85:
92:e6:63:4c:ce:d0:e4:ed:f8:9a:9a:34:8b:56:26:2c:30:25:
63:44:08:21:9c:89:46:e1:d6:2b:ce:65:02:39:65:36:22:e6:
3c:9c:a8:1b:12:1d:19:ce:66:af:50:96:37:50:b9:62:d8:a7:
6d:34:ad:d7:39:11:69:de:73:5b:63:2c:b9:19:51:69:14:d7:
06:46:a7:65:41:07:f9:fb:92:30:94:32:a7:67:f3:60:ef:13:
4a:03:0e:a0:27:55:f6:12:92:27:c9:88:7b:7e:99:44:36:c5:
ff:93:8b:f7:b0:2f:72:ed:98:71:1c:09:ea:3f:03:64:6e:21:
7c:01:e8:a4:95:66:8f:c4:81:31:fd:7e:69:93:0c:3b:47:c3:
2c:36:7d:48:df:79:a5:fc:9a:0d:89:33:81:06:ac:bb:62:58:
a0:35:c0:5e:ad:46:6f:f2:3a:08:bb:31:0d:24:ce:9e:95:aa:
86:7f:b3:b3:8d:02:56:fa:3c:90:81:1c:1f:6e:ca:e6:a1:32:
35:39:ed:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2VDIH09n6PGABEUqX+nKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjUwMTAyMTE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjMzMDUzYTczY2FhNGNhOTRmMDIzZjRiMmNlOGNhNmZlN2EzZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv7CZFJ5vxt8Mf5ZfPJz0jFN/16e
peqajtztF3Uy5v3NJ6rOUXAKJ2XMbgP8w9Pcvkm5O3VMUaEuW5Mufc2aWF5BOslL
uCeG4XerksDvi5JFzawac1yAEjYRjLsHlnvzQqnFU7qYb08v3q8Bqu9nbNEII8rY
l6MQMpBbXbvtXXbVfxYEl8CxEFsRayR6WDff/vTvp4VBIscIxDi7rIcz++ciEVsJ
flRV08Hs5lUFOWFSamPsJgfDCWRjnZ43RSksiSlEAZMznRYO+u1shAqlbHLdDjG6
tUb25Ow1VcFU9VAL4kQ93vM7hHFQOtGsQE4SKNnxoxyCWr1IM48ID0SF2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLszBTpzyqTKlPAj9LLOjKb+ej4hMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvdXpNRk9uUEtwTXFVOENQMHNzNk1wdjU2UGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWd8RMA0G
CSqGSIb3DQEBCwUAA4IBAQBK3Fuk5jSvwY9ksAsvTAPHBghMF/GeA98+mfJO5Gzt
R4RW/jEOX0BqxNbNYA8xxNihoJRiN4WS5mNMztDk7fiamjSLViYsMCVjRAghnIlG
4dYrzmUCOWU2IuY8nKgbEh0ZzmavUJY3ULli2KdtNK3XORFp3nNbYyy5GVFpFNcG
RqdlQQf5+5IwlDKnZ/Ng7xNKAw6gJ1X2EpInyYh7fplENsX/k4v3sC9y7ZhxHAnq
PwNkbiF8AeiklWaPxIEx/X5pkww7R8MsNn1I33ml/JoNiTOBBqy7YligNcBerUZv
8joIuzENJM6elaqGf7OzjQJW+jyQgRwfbsrmoTI1Oe2T
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:11 2025 by rpki-client