Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/9YVuC5QVBgGvtRRO-Ama5852W3Q.roa
File: 9YVuC5QVBgGvtRRO-Ama5852W3Q.roa (raw, json)
Hash identifier: pZl1MaIxHtKqydRWIeWIYmzk2VCkN9y9EkbX0g7prl0=
Subject key identifier: F5:85:6E:0B:94:15:06:01:AF:B5:14:4E:F8:09:9A:E7:CE:76:5B:74
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018CC6B79301E0D03163DBE3B4730F5A51DD
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/9YVuC5QVBgGvtRRO-Ama5852W3Q.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211373
IP address blocks: 89.44.102.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:93:01:e0:d0:31:63:db:e3:b4:73:0f:5a:51:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5856e0b94150601afb5144ef8099ae7ce765b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bd:a0:42:1b:04:ac:2b:7d:fe:0d:3c:33:af:
5c:c2:2f:b8:f3:dd:48:51:53:81:a8:77:9d:a0:ec:
5b:1b:09:f6:4f:f9:31:75:4b:08:44:30:70:e2:95:
6b:cd:55:45:ac:1b:4c:c6:65:fb:45:03:c9:fc:cb:
21:cf:1d:55:ad:ee:d1:e5:46:48:c1:0f:dc:82:ed:
3e:9e:cd:00:5e:24:bf:8c:2e:ef:2d:7d:19:45:b6:
d4:8f:4c:1f:f5:b9:b7:d1:98:6d:35:12:90:3c:8a:
37:fc:53:ae:85:24:2f:2e:ef:32:eb:fe:3d:59:ea:
d7:de:dc:0c:de:92:f0:e6:0f:5f:11:7e:54:77:4c:
3e:a4:b3:5d:7e:3c:d2:8d:0f:8c:42:98:93:27:2f:
2f:83:23:02:bb:45:5e:f1:75:14:46:48:50:64:a1:
dd:0e:99:64:d5:96:07:e8:4a:af:d4:c3:c9:fc:c2:
fa:52:d5:f3:aa:47:f4:4b:e5:e8:99:16:04:af:98:
5b:0f:33:4e:84:08:f1:e6:b3:a0:67:0f:38:f7:7d:
59:78:fa:78:41:b5:3d:07:13:92:b8:39:73:61:7e:
a7:4b:06:db:1e:e4:9c:22:21:62:16:91:35:52:ed:
70:c4:ad:f2:c6:81:74:ea:47:e5:e1:b3:ec:ba:91:
40:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:85:6E:0B:94:15:06:01:AF:B5:14:4E:F8:09:9A:E7:CE:76:5B:74
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/9YVuC5QVBgGvtRRO-Ama5852W3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.102.0/24
Signature Algorithm: sha256WithRSAEncryption
98:68:a1:d1:bc:99:df:24:57:87:2c:3c:08:2d:e6:e7:a1:ff:
04:ad:b7:df:0f:0c:4d:14:18:1e:9d:aa:1e:9b:aa:6b:1e:51:
c2:78:6a:23:20:c4:bb:fe:0f:7a:7d:e2:13:61:91:a2:af:97:
da:8c:5f:09:4e:3d:e1:07:2d:15:84:5e:32:fe:20:45:c0:7a:
95:63:08:12:d1:84:ea:68:dc:f9:c2:c8:bd:4c:7d:95:67:d2:
1b:73:c6:3c:13:24:2e:2c:a8:fa:52:77:86:70:af:ff:b9:8e:
3c:b4:44:ea:3a:64:68:89:e5:85:cc:7e:53:70:bf:25:72:65:
55:7e:89:7d:92:3d:27:bf:4c:3c:5b:55:4a:ba:30:9e:fc:46:
36:02:87:e1:38:38:13:6a:38:5e:48:3e:27:5e:4d:2a:f6:f4:
07:84:76:7d:a7:34:68:5d:3a:d2:7e:a6:d5:09:91:86:9e:d7:
1c:a6:53:7e:1c:14:ef:63:d2:58:21:6e:29:ed:96:9a:b0:1a:
a5:74:7b:9d:18:7b:05:a3:d3:12:35:70:43:e5:f8:62:61:87:
99:fa:7a:9c:50:0d:05:f6:b2:73:cf:da:00:af:ca:ec:c5:25:
0f:9c:d1:d1:b3:df:1d:67:e8:90:06:e3:69:c7:dd:c1:6b:5e:
00:d5:d0:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt5MB4NAxY9vjtHMPWlHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTg1NmUwYjk0MTUwNjAxYWZiNTE0NGVmODA5OWFlN2NlNzY1Yjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1b2gQhsErCt9/g08M69cwi+4891I
UVOBqHedoOxbGwn2T/kxdUsIRDBw4pVrzVVFrBtMxmX7RQPJ/Mshzx1Vre7R5UZI
wQ/cgu0+ns0AXiS/jC7vLX0ZRbbUj0wf9bm30ZhtNRKQPIo3/FOuhSQvLu8y6/49
WerX3twM3pLw5g9fEX5Ud0w+pLNdfjzSjQ+MQpiTJy8vgyMCu0Ve8XUURkhQZKHd
Dplk1ZYH6Eqv1MPJ/ML6UtXzqkf0S+XomRYEr5hbDzNOhAjx5rOgZw84931ZePp4
QbU9BxOSuDlzYX6nSwbbHuScIiFiFpE1Uu1wxK3yxoF06kfl4bPsupFAYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPWFbguUFQYBr7UUTvgJmufOdlt0MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvOVlWdUM1UVZCZ0d2dFJSTy1BbWE1ODUyVzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSxmMA0G
CSqGSIb3DQEBCwUAA4IBAQCYaKHRvJnfJFeHLDwILebnof8ErbffDwxNFBgenaoe
m6prHlHCeGojIMS7/g96feITYZGir5fajF8JTj3hBy0VhF4y/iBFwHqVYwgS0YTq
aNz5wsi9TH2VZ9Ibc8Y8EyQuLKj6UneGcK//uY48tETqOmRoieWFzH5TcL8lcmVV
fol9kj0nv0w8W1VKujCe/EY2AofhODgTajheSD4nXk0q9vQHhHZ9pzRoXTrSfqbV
CZGGntccplN+HBTvY9JYIW4p7ZaasBqldHudGHsFo9MSNXBD5fhiYYeZ+nqcUA0F
9rJzz9oAr8rsxSUPnNHRs98dZ+iQBuNpx93Ba14A1dCS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:30 2025 by rpki-client