Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/41KfX_Y_l3obaaifL_VXYX9C75I.roa
File: 41KfX_Y_l3obaaifL_VXYX9C75I.roa (raw, json)
Hash identifier: HdDv3ctJ+KCXQbyKBrrnPyV39Hz7jBQlcs4svNP6Pj8=
Subject key identifier: E3:52:9F:5F:F6:3F:97:7A:1B:69:A8:9F:2F:F5:57:61:7F:42:EF:92
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0194206837550FF78B6ACD16CE475AC07CE6
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/41KfX_Y_l3obaaifL_VXYX9C75I.roa
Signing time: Wed 01 Jan 2025 05:48:08 +0000
ROA not before: Wed 01 Jan 2025 05:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215579
IP address blocks: 152.89.194.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:37:55:0f:f7:8b:6a:cd:16:ce:47:5a:c0:7c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jan 1 05:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3529f5ff63f977a1b69a89f2ff557617f42ef92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:1e:09:b4:24:15:04:c1:5a:3c:6d:eb:5b:12:
40:a4:e8:ef:13:71:be:06:79:78:89:fe:aa:e5:84:
06:d5:34:36:de:6e:d4:44:c5:6f:48:54:86:87:2c:
da:56:2b:31:b4:45:8a:77:07:0f:6b:da:bc:43:f9:
d7:da:fe:79:fb:06:f5:e4:74:fb:a7:56:98:11:3c:
dd:3f:4d:e3:e1:34:08:b8:ad:9e:1d:21:66:18:d2:
c5:99:af:ea:29:27:b9:9c:fb:d3:28:f2:2d:e0:6c:
8e:63:1b:df:56:24:ce:39:36:a2:39:49:c9:a6:24:
14:6d:8a:d8:d2:5a:e6:8f:d1:84:26:86:2b:50:91:
3f:e7:91:d9:3e:82:c6:c8:24:19:6f:f1:fd:ce:a7:
f0:ad:13:36:2d:fb:87:ab:36:e5:51:a4:76:5c:6b:
18:98:33:41:c6:42:38:14:db:9b:75:bb:51:f5:b6:
04:8a:49:05:16:cf:8b:13:aa:8f:7d:5f:96:cf:47:
20:00:9b:33:e0:8e:60:ba:90:4e:6c:91:fe:71:8b:
f8:9f:56:b5:1e:04:01:87:df:10:ef:4e:50:d6:72:
4a:31:af:29:19:38:d7:20:6e:76:43:39:9e:d3:cf:
0c:c6:df:5a:b2:a4:94:02:ab:b8:ca:40:98:4a:88:
be:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:52:9F:5F:F6:3F:97:7A:1B:69:A8:9F:2F:F5:57:61:7F:42:EF:92
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/41KfX_Y_l3obaaifL_VXYX9C75I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.194.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:04:b4:32:61:32:c0:0b:b6:42:8d:4c:e9:f8:67:b8:5d:20:
69:4e:16:a9:bf:81:ab:48:9f:02:fd:5a:75:20:01:2a:c7:30:
a1:ce:dd:47:2b:b3:b3:68:57:04:1e:fb:60:12:da:1b:f1:8c:
dd:86:7e:d6:6e:65:66:f1:74:ba:1c:8e:8f:cc:e7:d0:3a:21:
fd:6a:91:91:0e:f2:7e:56:0d:e0:52:68:db:ba:07:e1:53:73:
dd:1a:e3:65:cf:d2:50:aa:fe:79:16:5f:f7:70:d9:b8:95:99:
69:68:53:1f:b1:88:ff:6d:fd:1c:25:9b:b2:2c:ba:47:d7:51:
8d:e6:49:f0:18:59:b1:71:82:17:fe:23:12:c6:31:ee:c7:d5:
66:02:ab:cd:c4:9b:5d:3b:6c:b4:73:3a:3e:6a:fc:67:5b:59:
27:8d:60:41:08:2e:f1:5d:f2:40:f0:bf:8f:ee:e5:98:68:74:
49:9f:a0:70:9a:37:fc:18:5e:41:22:8f:4c:66:71:ba:c1:c0:
bf:75:e1:d3:72:09:29:bb:93:9b:1c:0d:a9:1d:6c:a4:b2:5c:
7f:72:95:4e:6c:91:63:b4:b6:93:6d:cf:61:86:1a:bf:94:db:
6f:65:7b:ef:e7:d4:d5:1f:dd:9f:0b:6d:48:bd:d4:31:a1:5e:
9a:fe:02:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaDdVD/eLas0WzkdawHzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwMTAxMDU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzUyOWY1ZmY2M2Y5NzdhMWI2OWE4OWYyZmY1NTc2MTdmNDJlZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7x4JtCQVBMFaPG3rWxJApOjvE3G+
Bnl4if6q5YQG1TQ23m7URMVvSFSGhyzaVisxtEWKdwcPa9q8Q/nX2v55+wb15HT7
p1aYETzdP03j4TQIuK2eHSFmGNLFma/qKSe5nPvTKPIt4GyOYxvfViTOOTaiOUnJ
piQUbYrY0lrmj9GEJoYrUJE/55HZPoLGyCQZb/H9zqfwrRM2LfuHqzblUaR2XGsY
mDNBxkI4FNubdbtR9bYEikkFFs+LE6qPfV+Wz0cgAJsz4I5gupBObJH+cYv4n1a1
HgQBh98Q705Q1nJKMa8pGTjXIG52Qzme088Mxt9asqSUAqu4ykCYSoi+gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONSn1/2P5d6G2mony/1V2F/Qu+SMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvNDFLZlhfWV9sM29iYWFpZkxfVlhZWDlDNzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmFnCMA0G
CSqGSIb3DQEBCwUAA4IBAQCzBLQyYTLAC7ZCjUzp+Ge4XSBpThapv4GrSJ8C/Vp1
IAEqxzChzt1HK7OzaFcEHvtgEtob8Yzdhn7WbmVm8XS6HI6PzOfQOiH9apGRDvJ+
Vg3gUmjbugfhU3PdGuNlz9JQqv55Fl/3cNm4lZlpaFMfsYj/bf0cJZuyLLpH11GN
5knwGFmxcYIX/iMSxjHux9VmAqvNxJtdO2y0czo+avxnW1knjWBBCC7xXfJA8L+P
7uWYaHRJn6Bwmjf8GF5BIo9MZnG6wcC/deHTcgkpu5ObHA2pHWykslx/cpVObJFj
tLaTbc9hhhq/lNtvZXvv59TVH92fC21IvdQxoV6a/gKt
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:56:55 2025 by rpki-client