Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/kTo0w9ANmlvRAqwEfAOqJPK5HLk.roa
File: kTo0w9ANmlvRAqwEfAOqJPK5HLk.roa (raw, json)
Hash identifier: ma1SlWgY7s3fuIJWEMEuFwG0D2BUJyIo28TPPjVIKtc=
Subject key identifier: 91:3A:34:C3:D0:0D:9A:5B:D1:02:AC:04:7C:03:AA:24:F2:B9:1C:B9
Certificate issuer: /CN=c1b050211219d18e996e086cb7f6309178804860
Certificate serial: 019423D732CB98359A4A7C964F95C1A900FD
Authority key identifier: C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/kTo0w9ANmlvRAqwEfAOqJPK5HLk.roa
Signing time: Wed 01 Jan 2025 21:48:13 +0000
ROA not before: Wed 01 Jan 2025 21:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 89.108.128.0/24 maxlen: 24
89.108.129.0/24 maxlen: 24
89.108.154.0/24 maxlen: 24
89.108.176.0/22 maxlen: 22
89.108.176.0/24 maxlen: 24
212.101.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:32:cb:98:35:9a:4a:7c:96:4f:95:c1:a9:00:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1b050211219d18e996e086cb7f6309178804860
Validity
Not Before: Jan 1 21:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=913a34c3d00d9a5bd102ac047c03aa24f2b91cb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:27:cb:ab:cf:cf:bd:c5:3a:1b:06:b6:5c:63:
dd:f7:fa:cc:70:cf:86:51:78:a6:4c:50:8c:01:27:
dc:60:1a:60:6e:7f:34:a3:a3:58:fd:5b:9a:75:0a:
2c:c7:47:86:5e:84:20:78:f2:5e:94:51:33:48:bd:
7b:df:ee:aa:86:40:6f:d3:1b:77:90:ed:2c:a4:83:
c2:2c:89:e9:59:ed:cb:fb:51:f8:03:ce:bc:33:01:
6d:dd:36:30:43:cc:ab:ee:07:df:e4:97:32:49:26:
c5:cf:f1:07:ac:22:8a:f4:8c:3b:a2:ca:61:80:c8:
2d:df:b8:36:8d:55:6c:2c:73:43:56:92:81:74:53:
ab:09:b7:e5:f5:43:c6:9a:fb:59:fc:ee:3f:fe:ba:
70:6a:1d:cc:f7:23:a4:07:01:42:fe:f8:02:fe:f0:
1c:80:0f:df:f5:86:0d:f5:2c:05:85:83:55:a1:c2:
df:4b:7a:65:73:f3:a2:ad:6d:ed:7a:79:a1:3a:3c:
bb:a7:64:1a:e9:ed:5b:0e:b3:e2:98:e6:76:5a:95:
dd:cd:5b:3a:55:78:3b:18:31:03:0d:88:4c:9e:82:
38:d2:46:e5:0e:0a:ee:be:02:60:e6:51:32:6f:34:
63:fd:6b:3b:76:63:39:81:7a:9b:29:62:30:b7:04:
db:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3A:34:C3:D0:0D:9A:5B:D1:02:AC:04:7C:03:AA:24:F2:B9:1C:B9
X509v3 Authority Key Identifier:
keyid:C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/kTo0w9ANmlvRAqwEfAOqJPK5HLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.128.0/23
89.108.154.0/24
89.108.176.0/22
212.101.249.0/24
Signature Algorithm: sha256WithRSAEncryption
33:ec:41:72:5e:40:14:ae:69:8a:e1:6a:e5:d1:01:91:41:64:
4c:ef:19:97:d5:3e:a6:50:04:5a:11:6e:a3:74:3f:52:83:6f:
f2:24:1d:f0:39:6f:22:af:a6:f5:12:3a:ef:33:03:8b:79:4e:
c1:d1:a7:7f:14:62:bf:04:c4:74:1f:62:f3:29:03:3f:df:e1:
3c:57:24:65:d5:e9:9d:6c:98:50:7e:8b:02:8a:ac:30:5e:70:
43:42:b1:c8:7c:00:83:c6:ff:a7:ea:90:48:a8:63:e8:de:39:
44:65:78:2e:0d:f2:1a:84:49:04:b4:a6:73:b1:4d:98:45:74:
92:51:22:ce:61:7f:2a:25:88:d1:ae:9a:f3:54:b1:57:5d:ac:
18:b4:a5:29:b8:b4:bd:bf:02:de:04:b0:04:ba:40:f5:59:bf:
b5:cf:f8:9b:da:bb:55:95:ab:05:37:39:f1:df:ac:3f:e1:2f:
f0:01:bd:9c:75:e0:ec:04:53:41:dc:eb:da:1f:01:1e:3d:b0:
91:bc:27:40:19:9b:d7:85:af:d9:8f:ab:cc:38:26:94:a3:94:
23:23:69:0f:11:ee:85:3c:dd:46:82:28:85:bb:9b:45:95:2d:
cc:74:c2:67:bc:38:7d:d0:11:f8:7c:13:e4:5b:ea:6a:dc:1b:
6e:5b:10:84
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj1zLLmDWaSnyWT5XBqQD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYjA1MDIxMTIxOWQxOGU5OTZlMDg2Y2I3ZjYzMDkxNzg4
MDQ4NjAwHhcNMjUwMTAxMjE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTNhMzRjM2QwMGQ5YTViZDEwMmFjMDQ3YzAzYWEyNGYyYjkxY2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SfLq8/PvcU6Gwa2XGPd9/rMcM+G
UXimTFCMASfcYBpgbn80o6NY/VuadQosx0eGXoQgePJelFEzSL173+6qhkBv0xt3
kO0spIPCLInpWe3L+1H4A868MwFt3TYwQ8yr7gff5JcySSbFz/EHrCKK9Iw7osph
gMgt37g2jVVsLHNDVpKBdFOrCbfl9UPGmvtZ/O4//rpwah3M9yOkBwFC/vgC/vAc
gA/f9YYN9SwFhYNVocLfS3plc/OirW3tenmhOjy7p2Qa6e1bDrPimOZ2WpXdzVs6
VXg7GDEDDYhMnoI40kblDgruvgJg5lEybzRj/Ws7dmM5gXqbKWIwtwTbcwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJE6NMPQDZpb0QKsBHwDqiTyuRy5MB8GA1UdIwQY
MBaAFMGwUCESGdGOmW4IbLf2MJF4gEhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUt
Y2UyMjUxODdmYzM4LzEva1RvMHc5QU5tbHZSQXF3RWZBT3FKUEs1SExrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yOGE4ZjMtODg5ZS00NTQ5LWE0NGUtY2UyMjUxODdmYzM4
LzEvd2JCUUlSSVowWTZaYmdoc3RfWXdrWGlBU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWWyAAwQA
WWyaAwQCWWywAwQA1GX5MA0GCSqGSIb3DQEBCwUAA4IBAQAz7EFyXkAUrmmK4Wrl
0QGRQWRM7xmX1T6mUARaEW6jdD9Sg2/yJB3wOW8ir6b1EjrvMwOLeU7B0ad/FGK/
BMR0H2LzKQM/3+E8VyRl1emdbJhQfosCiqwwXnBDQrHIfACDxv+n6pBIqGPo3jlE
ZXguDfIahEkEtKZzsU2YRXSSUSLOYX8qJYjRrprzVLFXXawYtKUpuLS9vwLeBLAE
ukD1Wb+1z/ib2rtVlasFNznx36w/4S/wAb2cdeDsBFNB3OvaHwEePbCRvCdAGZvX
ha/Zj6vMOCaUo5QjI2kPEe6FPN1GgiiFu5tFlS3MdMJnvDh90BH4fBPkW+pq3Btu
WxCE
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:25:53 2025 by rpki-client