Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Yd0iYTC3YYuwuOd7Li7T4d8xXQs.roa
File: Yd0iYTC3YYuwuOd7Li7T4d8xXQs.roa (raw, json)
Hash identifier: VDzWGWmTU0FMxGipJanCzFvxQejJ/7bUk4rY6u2yDSA=
Subject key identifier: 61:DD:22:61:30:B7:61:8B:B0:B8:E7:7B:2E:2E:D3:E1:DF:31:5D:0B
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 019363F4874E6D6D6FF26F2247C546E2461B
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Yd0iYTC3YYuwuOd7Li7T4d8xXQs.roa
Signing time: Mon 25 Nov 2024 15:33:09 +0000
ROA not before: Mon 25 Nov 2024 15:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 152.89.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:f4:87:4e:6d:6d:6f:f2:6f:22:47:c5:46:e2:46:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Nov 25 15:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61dd226130b7618bb0b8e77b2e2ed3e1df315d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cc:76:5d:83:f1:4c:8a:ab:c0:ab:7a:4d:77:
67:40:80:3c:53:dc:76:13:36:42:d1:99:68:fe:42:
a6:8d:0b:42:94:34:27:0e:48:89:6c:c5:43:46:72:
bc:c8:ef:ac:4b:ef:70:8c:39:9b:73:5c:ac:14:1f:
c7:29:2c:2f:3b:3b:92:97:46:b2:98:90:5b:b3:41:
5c:4d:90:e0:27:fb:75:ed:36:d5:71:92:52:18:fd:
58:9a:ee:03:56:5c:75:37:ce:99:8c:e1:87:64:ce:
44:31:63:3d:7f:ec:bc:73:26:eb:63:25:82:a8:0e:
35:b6:7c:47:80:31:3a:bf:01:e7:92:1e:38:9a:c1:
7a:14:18:b9:3d:c2:ea:8c:16:9b:56:1e:a4:38:30:
28:df:b3:54:c6:fc:94:35:3d:cf:03:1a:92:8d:ac:
7f:19:51:28:8c:b2:27:6c:08:51:6a:c0:aa:c9:2f:
cc:90:0e:5f:a5:77:0d:21:17:1d:f0:15:61:92:7f:
68:d6:d4:6a:af:33:af:61:73:fe:97:92:d6:2b:b4:
04:9a:33:f8:d4:c8:f2:a7:c5:00:13:99:a0:1d:79:
a5:ad:87:bb:a5:bf:88:78:88:38:74:2c:97:60:4e:
e1:3c:8b:32:67:d1:c2:a9:e2:54:cb:b1:ed:cd:93:
d9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:DD:22:61:30:B7:61:8B:B0:B8:E7:7B:2E:2E:D3:E1:DF:31:5D:0B
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Yd0iYTC3YYuwuOd7Li7T4d8xXQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.193.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:34:ea:5e:75:a9:de:0b:d8:d2:16:df:a4:6b:72:6b:da:7b:
9a:10:98:26:76:ef:9f:12:3d:80:10:cd:0f:fa:4a:35:f2:33:
67:7f:53:e2:d1:ee:13:00:4e:45:47:ee:81:79:23:42:dc:ca:
b5:d7:58:54:65:fc:6b:35:03:03:15:7c:8f:83:77:c9:cc:0c:
1b:ce:13:fe:bc:3d:4f:07:35:ad:45:c6:41:6e:7f:9b:fe:e8:
0f:5c:ef:36:88:12:fe:77:7c:5a:44:7b:02:82:c2:f9:30:e7:
23:a0:c2:88:ae:b4:3f:c8:c5:35:53:72:2b:cc:ec:71:69:d7:
42:33:ac:a1:d6:4d:86:ce:bc:e5:dc:bc:50:d8:12:a3:ef:fd:
41:a1:d0:9e:65:bd:d7:2b:cd:eb:49:77:98:ec:d4:03:c5:6b:
9c:d6:28:18:37:9d:be:f5:6d:af:15:b6:5f:ff:6b:45:72:b8:
1b:dc:db:bd:30:e2:10:2f:fe:17:71:f8:8f:97:40:07:90:e8:
8a:0e:0a:10:6e:b6:06:58:96:18:80:31:2f:b2:50:9d:d0:f3:
73:9e:9a:86:d6:56:c8:f9:a6:42:dd:61:8b:e5:0a:ed:c2:8b:
e2:34:8c:18:b1:11:28:1b:e6:02:a1:80:f9:38:88:e4:4c:94:
f3:f0:b3:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNj9IdObW1v8m8iR8VG4kYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjQxMTI1MTUzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWRkMjI2MTMwYjc2MThiYjBiOGU3N2IyZTJlZDNlMWRmMzE1ZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8x2XYPxTIqrwKt6TXdnQIA8U9x2
EzZC0Zlo/kKmjQtClDQnDkiJbMVDRnK8yO+sS+9wjDmbc1ysFB/HKSwvOzuSl0ay
mJBbs0FcTZDgJ/t17TbVcZJSGP1Ymu4DVlx1N86ZjOGHZM5EMWM9f+y8cybrYyWC
qA41tnxHgDE6vwHnkh44msF6FBi5PcLqjBabVh6kODAo37NUxvyUNT3PAxqSjax/
GVEojLInbAhRasCqyS/MkA5fpXcNIRcd8BVhkn9o1tRqrzOvYXP+l5LWK7QEmjP4
1Mjyp8UAE5mgHXmlrYe7pb+IeIg4dCyXYE7hPIsyZ9HCqeJUy7HtzZPZBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGHdImEwt2GLsLjney4u0+HfMV0LMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvWWQwaVlUQzNZWXV3dU9kN0xpN1Q0ZDh4WFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnBMA0G
CSqGSIb3DQEBCwUAA4IBAQA8NOpedaneC9jSFt+ka3Jr2nuaEJgmdu+fEj2AEM0P
+ko18jNnf1Pi0e4TAE5FR+6BeSNC3Mq111hUZfxrNQMDFXyPg3fJzAwbzhP+vD1P
BzWtRcZBbn+b/ugPXO82iBL+d3xaRHsCgsL5MOcjoMKIrrQ/yMU1U3IrzOxxaddC
M6yh1k2Gzrzl3LxQ2BKj7/1BodCeZb3XK83rSXeY7NQDxWuc1igYN52+9W2vFbZf
/2tFcrgb3Nu9MOIQL/4XcfiPl0AHkOiKDgoQbrYGWJYYgDEvslCd0PNznpqG1lbI
+aZC3WGL5QrtwoviNIwYsREoG+YCoYD5OIjkTJTz8LOZ
-----END CERTIFICATE-----
Generated at Wed Apr 9 19:45:56 2025 by rpki-client