Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/2sZWzmP4jcGE7Pa4efqWfw9IU60.roa
File: 2sZWzmP4jcGE7Pa4efqWfw9IU60.roa (raw, json)
Hash identifier: gUtbnusOf662l8whAzqSEqeD8Bk4DCjq3EznrZO972g=
Subject key identifier: DA:C6:56:CE:63:F8:8D:C1:84:EC:F6:B8:79:FA:96:7F:0F:48:53:AD
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01942745D23C63406F6E64583199E122DBA9
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/2sZWzmP4jcGE7Pa4efqWfw9IU60.roa
Signing time: Thu 02 Jan 2025 13:47:54 +0000
ROA not before: Thu 02 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213252
IP address blocks: 89.252.141.0/24 maxlen: 24
89.252.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:d2:3c:63:40:6f:6e:64:58:31:99:e1:22:db:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 2 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dac656ce63f88dc184ecf6b879fa967f0f4853ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:38:db:62:86:d8:d1:b6:38:60:f5:de:25:38:
7b:f3:e8:2d:05:7c:40:3e:cf:90:9e:b1:39:11:cb:
91:11:b7:ce:7b:5e:11:90:0f:90:93:bf:ce:d3:00:
28:d6:6a:ba:cd:05:4f:0d:b8:16:a4:49:4a:4a:b7:
be:e2:a1:e5:52:22:c4:11:7d:b2:92:ee:a3:da:fe:
a2:28:12:f8:ca:80:bd:62:58:07:2d:e2:24:d6:bd:
52:66:cd:d7:5c:47:e7:d3:1c:b3:05:e8:f3:be:c4:
53:c7:8b:2b:08:64:ee:18:ea:c5:65:95:1f:c5:73:
3c:a2:74:1e:e9:c8:95:28:47:39:01:d3:a2:b4:2a:
b7:0f:72:88:aa:ea:49:4d:89:c3:65:48:e4:d2:ff:
65:72:c4:f9:ef:38:74:c3:2e:6d:04:f4:7f:c7:94:
86:da:93:4b:14:f0:a1:4a:8a:e7:8e:db:a8:84:58:
9c:ec:47:5b:6e:cd:c7:ec:da:4b:84:f3:cd:94:03:
8a:1a:9f:c5:d5:ab:c1:4f:95:6d:d3:4b:81:bc:fc:
8f:94:b5:ea:59:88:45:bd:ee:cd:55:0c:29:ad:c8:
89:25:70:06:b2:61:7e:02:b3:4d:91:3f:3c:c6:8c:
c1:5c:67:75:72:73:d6:5b:82:2a:42:a8:20:7b:63:
36:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C6:56:CE:63:F8:8D:C1:84:EC:F6:B8:79:FA:96:7F:0F:48:53:AD
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/2sZWzmP4jcGE7Pa4efqWfw9IU60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.141.0/24
89.252.153.0/24
Signature Algorithm: sha256WithRSAEncryption
27:54:0a:ea:29:d1:c4:c9:8d:d5:75:ca:f1:5b:9a:24:6c:a9:
f4:e2:15:87:5f:29:83:2b:43:64:1e:f8:32:69:e9:c1:f6:ee:
52:a9:09:cf:44:21:4b:d9:df:8f:e1:81:ab:70:78:81:d6:6d:
2d:6f:e7:27:9e:0f:2c:20:c4:90:10:25:a7:f5:25:b5:81:99:
cd:ac:c0:ac:36:0f:ae:90:91:4e:3f:05:da:8b:21:5d:d0:c2:
8b:76:04:38:f2:10:7b:c1:21:32:e1:71:99:1e:55:1a:34:fa:
48:10:9d:a3:d6:3e:13:de:62:2f:48:06:27:34:15:e2:07:67:
cc:55:fa:bb:68:75:69:b3:02:60:64:7c:75:3b:a6:49:d0:62:
d9:65:ac:ec:09:56:e4:93:0e:db:05:9d:8d:e3:6d:57:39:89:
59:41:86:13:a2:3a:01:e2:77:36:1c:bb:40:e0:5e:ea:a5:69:
d6:e7:6a:0d:26:34:e8:ba:f6:d2:dc:c8:96:81:77:f8:6d:b0:
dc:69:1a:cb:94:ee:9c:05:85:eb:f0:93:92:e2:b8:9c:9c:4d:
7b:a3:4d:4f:91:47:9f:4c:4f:97:82:a1:cc:9d:d7:b1:64:59:
35:71:7d:6d:b0:8d:54:56:8f:46:97:d9:32:95:f6:0d:90:1c:
6e:7e:85:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnRdI8Y0BvbmRYMZnhItupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjUwMTAyMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWM2NTZjZTYzZjg4ZGMxODRlY2Y2Yjg3OWZhOTY3ZjBmNDg1M2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzjbYobY0bY4YPXeJTh78+gtBXxA
Ps+QnrE5EcuREbfOe14RkA+Qk7/O0wAo1mq6zQVPDbgWpElKSre+4qHlUiLEEX2y
ku6j2v6iKBL4yoC9YlgHLeIk1r1SZs3XXEfn0xyzBejzvsRTx4srCGTuGOrFZZUf
xXM8onQe6ciVKEc5AdOitCq3D3KIqupJTYnDZUjk0v9lcsT57zh0wy5tBPR/x5SG
2pNLFPChSornjtuohFic7Edbbs3H7NpLhPPNlAOKGp/F1avBT5Vt00uBvPyPlLXq
WYhFve7NVQwprciJJXAGsmF+ArNNkT88xozBXGd1cnPWW4IqQqgge2M2+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNrGVs5j+I3BhOz2uHn6ln8PSFOtMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvMnNaV3ptUDRqY0dFN1BhNGVmcVdmdzlJVTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfyNAwQA
WfyZMA0GCSqGSIb3DQEBCwUAA4IBAQAnVArqKdHEyY3VdcrxW5okbKn04hWHXymD
K0NkHvgyaenB9u5SqQnPRCFL2d+P4YGrcHiB1m0tb+cnng8sIMSQECWn9SW1gZnN
rMCsNg+ukJFOPwXaiyFd0MKLdgQ48hB7wSEy4XGZHlUaNPpIEJ2j1j4T3mIvSAYn
NBXiB2fMVfq7aHVpswJgZHx1O6ZJ0GLZZazsCVbkkw7bBZ2N421XOYlZQYYTojoB
4nc2HLtA4F7qpWnW52oNJjTouvbS3MiWgXf4bbDcaRrLlO6cBYXr8JOS4ricnE17
o01PkUefTE+XgqHMndexZFk1cX1tsI1UVo9Gl9kylfYNkBxufoW9
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:32:35 2025 by rpki-client