Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Mo2Yxg7E21ifTL9q1N5-J92Xwoc.roa
File: Mo2Yxg7E21ifTL9q1N5-J92Xwoc.roa (raw, json)
Hash identifier: TkwVa0SYaV5hBeXyQJUfV73qt/zpkvlDBmt4dTIf2cM=
Subject key identifier: 32:8D:98:C6:0E:C4:DB:58:9F:4C:BF:6A:D4:DE:7E:27:DD:97:C2:87
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01945F950E16393271BF663110DC586D1E6E
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Mo2Yxg7E21ifTL9q1N5-J92Xwoc.roa
Signing time: Mon 13 Jan 2025 12:13:11 +0000
ROA not before: Mon 13 Jan 2025 12:13:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134094
IP address blocks: 89.252.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:95:0e:16:39:32:71:bf:66:31:10:dc:58:6d:1e:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 13 12:13:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=328d98c60ec4db589f4cbf6ad4de7e27dd97c287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:75:5e:be:3d:e3:49:09:cf:ec:94:57:f3:52:
2b:79:ba:79:52:d2:40:e4:3c:b6:9d:9e:df:67:c4:
23:b6:e4:76:36:5a:fa:75:b7:83:f7:6b:a4:d7:90:
35:56:eb:4e:c9:b6:fd:8a:2c:c5:1d:79:57:d0:e0:
be:e4:65:20:07:31:8f:2b:be:54:41:d3:ac:84:dc:
41:03:6b:73:6f:ce:f0:96:d6:00:8c:15:1b:c6:53:
37:2f:05:2a:5a:4e:db:8d:5a:e7:fd:23:26:ef:9f:
ff:8f:c8:ee:38:4b:8c:cd:bf:09:c2:23:6a:96:65:
26:74:79:c0:29:2a:85:31:ed:fc:89:7c:2b:95:88:
1b:37:8e:c0:7c:2c:64:51:3d:72:03:62:d6:63:08:
45:94:10:a9:ef:90:a6:48:e3:b1:e7:84:f5:81:56:
6e:f3:ff:a8:fe:40:ee:77:b5:4e:64:bf:a5:3d:cc:
3d:2d:41:23:f7:d3:ee:d5:71:3e:d3:bc:7f:66:9c:
28:ef:ca:8f:84:c6:8d:86:69:ee:35:46:63:8d:1a:
23:6a:85:40:d4:c0:31:2a:b6:7c:57:98:d2:52:5b:
f7:db:42:b4:be:d5:7c:bd:cc:1e:6e:2e:c1:45:d3:
52:1e:3f:61:8c:4e:fd:80:0d:33:28:02:c4:07:37:
35:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8D:98:C6:0E:C4:DB:58:9F:4C:BF:6A:D4:DE:7E:27:DD:97:C2:87
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/Mo2Yxg7E21ifTL9q1N5-J92Xwoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.132.0/24
Signature Algorithm: sha256WithRSAEncryption
29:f7:64:2c:f3:d9:1a:61:fa:9c:16:63:f8:54:10:92:fa:34:
0a:11:c0:71:c1:29:e9:2a:28:c0:a3:c3:be:d0:a0:aa:14:9a:
f3:2f:94:1e:e6:47:71:ff:98:69:39:48:4f:46:0c:13:8c:4a:
9e:e5:fb:b2:fa:15:98:cf:2c:56:0c:79:9c:33:4e:6d:3d:35:
62:25:32:f1:6f:b6:97:b2:bb:82:d0:dd:dc:b1:3b:68:0b:ca:
ae:12:b9:34:59:f4:36:1a:9b:e6:bd:bd:aa:5f:fe:c8:a8:12:
01:da:04:a9:af:89:04:3d:d6:52:c5:f1:56:56:1c:3e:b9:2d:
af:ce:79:69:2c:52:25:4e:58:b1:f7:0c:d0:af:c2:50:90:54:
47:45:60:88:95:f2:ef:6c:bc:32:de:68:b4:e7:3f:91:d0:c4:
81:aa:a9:60:e2:f2:b7:f4:6e:3c:0a:9f:97:b1:23:e1:10:c7:
d4:0c:29:58:16:bc:8b:7a:1a:aa:16:b4:bf:f7:ad:02:c6:32:
b6:71:d8:06:47:fa:6c:57:2b:fe:ed:ef:31:e0:9c:78:60:71:
9f:fe:ff:81:6e:b9:cd:4f:e6:85:6b:b4:9e:f4:52:b1:b5:2d:
b9:b6:68:3d:d0:d1:e6:53:1f:65:78:4f:af:89:41:9c:9c:44:
88:b9:a7:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRflQ4WOTJxv2YxENxYbR5uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjUwMTEzMTIxMzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjhkOThjNjBlYzRkYjU4OWY0Y2JmNmFkNGRlN2UyN2RkOTdjMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynVevj3jSQnP7JRX81Irebp5UtJA
5Dy2nZ7fZ8QjtuR2Nlr6dbeD92uk15A1VutOybb9iizFHXlX0OC+5GUgBzGPK75U
QdOshNxBA2tzb87wltYAjBUbxlM3LwUqWk7bjVrn/SMm75//j8juOEuMzb8JwiNq
lmUmdHnAKSqFMe38iXwrlYgbN47AfCxkUT1yA2LWYwhFlBCp75CmSOOx54T1gVZu
8/+o/kDud7VOZL+lPcw9LUEj99Pu1XE+07x/Zpwo78qPhMaNhmnuNUZjjRojaoVA
1MAxKrZ8V5jSUlv320K0vtV8vcwebi7BRdNSHj9hjE79gA0zKALEBzc1SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKNmMYOxNtYn0y/atTefifdl8KHMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvTW8yWXhnN0UyMWlmVEw5cTFONS1KOTJYd29jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfyEMA0G
CSqGSIb3DQEBCwUAA4IBAQAp92Qs89kaYfqcFmP4VBCS+jQKEcBxwSnpKijAo8O+
0KCqFJrzL5Qe5kdx/5hpOUhPRgwTjEqe5fuy+hWYzyxWDHmcM05tPTViJTLxb7aX
sruC0N3csTtoC8quErk0WfQ2Gpvmvb2qX/7IqBIB2gSpr4kEPdZSxfFWVhw+uS2v
znlpLFIlTlix9wzQr8JQkFRHRWCIlfLvbLwy3mi05z+R0MSBqqlg4vK39G48Cp+X
sSPhEMfUDClYFryLehqqFrS/960CxjK2cdgGR/psVyv+7e8x4Jx4YHGf/v+BbrnN
T+aFa7Se9FKxtS25tmg90NHmUx9leE+viUGcnESIuafN
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:29:50 2025 by rpki-client