Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Z9FLJ0sjGNYb9fGtnaju2DRAp6w.roa
File: Z9FLJ0sjGNYb9fGtnaju2DRAp6w.roa (raw, json)
Hash identifier: VV5bQhPBJwclnM7wn46JeOoV7aVipBcAmLVXoJPvOOM=
Subject key identifier: 67:D1:4B:27:4B:23:18:D6:1B:F5:F1:AD:9D:A8:EE:D8:34:40:A7:AC
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 01887467AEA7C1B9FB54DBEC4E4A012683E2
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Z9FLJ0sjGNYb9fGtnaju2DRAp6w.roa
Signing time: Thu 01 Jun 2023 00:42:11 +0000
ROA not before: Thu 01 Jun 2023 00:42:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.38.134.0/24 maxlen: 24
85.204.26.0/24 maxlen: 24
89.39.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:74:67:ae:a7:c1:b9:fb:54:db:ec:4e:4a:01:26:83:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Jun 1 00:42:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67d14b274b2318d61bf5f1ad9da8eed83440a7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9d:92:ff:72:0e:1a:8b:dc:b0:4f:59:46:eb:
fb:f0:b3:f0:57:1f:2f:85:b1:38:4e:a7:37:22:93:
55:b0:6a:2f:72:89:e4:99:fd:db:ae:63:ef:58:11:
49:b8:b2:7f:5f:9d:18:63:c4:5f:c1:ec:29:d0:cc:
25:15:ab:7a:56:16:62:40:4b:f1:11:5d:ef:b0:2f:
78:0c:c0:3d:3a:01:02:49:74:05:7a:72:17:0d:10:
ff:56:a7:e0:35:76:d2:53:0a:9d:db:35:f1:06:15:
27:ed:d7:60:53:9f:9e:82:50:6b:07:7d:f8:c3:41:
c8:4d:5c:3b:67:4a:45:39:e2:e9:a4:93:e5:c9:5d:
a1:e9:e2:47:49:70:95:3f:67:e6:51:fa:25:29:0a:
91:3d:3f:53:cc:c3:64:32:42:18:05:63:ce:fd:d9:
de:ad:86:e7:1a:b2:f7:45:ea:69:b4:ef:95:ed:5a:
63:0f:cb:95:77:b0:d8:ea:f3:ef:71:b1:fd:f6:31:
b0:7e:fa:6a:57:68:61:da:ce:2c:03:9e:40:b5:b9:
ba:50:01:f9:fb:fb:93:f4:58:08:f6:32:03:08:53:
5f:c8:52:03:9b:e7:78:c8:2e:47:cb:6d:96:df:18:
f1:47:e4:4a:ce:bd:2c:f7:8a:20:52:78:a9:d0:db:
38:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D1:4B:27:4B:23:18:D6:1B:F5:F1:AD:9D:A8:EE:D8:34:40:A7:AC
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Z9FLJ0sjGNYb9fGtnaju2DRAp6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.26.0/24
89.38.134.0/24
89.39.91.0/24
Signature Algorithm: sha256WithRSAEncryption
32:9d:5f:31:74:62:2c:ce:e1:ba:51:a3:de:6f:10:86:4b:3f:
1a:14:67:68:32:6d:18:bb:0a:fa:05:21:49:98:2a:a7:e9:d4:
60:42:c5:b5:77:41:69:d3:f5:ed:38:bb:34:fb:77:8a:de:59:
6b:6d:8d:2a:19:fe:1f:bb:d6:95:4f:81:7d:d2:56:f8:f1:1c:
0b:12:0b:c0:b6:06:27:04:78:30:d4:4d:d4:a5:d4:2f:f3:c1:
fa:9b:b5:27:ef:ee:f9:02:a1:47:c6:c0:75:17:6b:58:5e:29:
21:0c:1e:0f:bd:15:79:08:2c:a2:b4:2c:03:d4:2a:c0:42:36:
ec:9a:f5:a3:ef:03:c1:1a:5b:6a:34:26:0e:5b:49:f6:ca:bd:
ae:99:a0:00:b5:1b:47:35:25:2b:aa:fc:c3:38:01:cd:ce:7b:
80:57:8d:80:19:b6:18:56:51:96:b1:e1:89:6b:16:c0:4a:3b:
e5:dc:83:07:c8:f0:f3:fa:5f:34:16:d9:c4:d8:5f:f5:d5:0b:
62:77:6a:21:4e:e2:00:10:8a:6c:37:d3:31:78:20:68:63:87:
18:e7:c2:b5:f5:d5:e1:e5:20:5c:dd:90:3a:40:9c:09:64:90:
0f:f5:4c:46:24:d1:2a:86:a0:a3:db:92:db:96:4b:49:2a:78:
8b:23:75:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYh0Z66nwbn7VNvsTkoBJoPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjMwNjAxMDA0MjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2QxNGIyNzRiMjMxOGQ2MWJmNWYxYWQ5ZGE4ZWVkODM0NDBhN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ2S/3IOGovcsE9ZRuv78LPwVx8v
hbE4Tqc3IpNVsGovconkmf3brmPvWBFJuLJ/X50YY8Rfwewp0MwlFat6VhZiQEvx
EV3vsC94DMA9OgECSXQFenIXDRD/VqfgNXbSUwqd2zXxBhUn7ddgU5+eglBrB334
w0HITVw7Z0pFOeLppJPlyV2h6eJHSXCVP2fmUfolKQqRPT9TzMNkMkIYBWPO/dne
rYbnGrL3RepptO+V7VpjD8uVd7DY6vPvcbH99jGwfvpqV2hh2s4sA55Atbm6UAH5
+/uT9FgI9jIDCFNfyFIDm+d4yC5Hy22W3xjxR+RKzr0s94ogUnip0Ns4nwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGfRSydLIxjWG/XxrZ2o7tg0QKesMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvWjlGTEowc2pHTlliOWZHdG5hanUyRFJBcDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVcwaAwQA
WSaGAwQAWSdbMA0GCSqGSIb3DQEBCwUAA4IBAQAynV8xdGIszuG6UaPebxCGSz8a
FGdoMm0Yuwr6BSFJmCqn6dRgQsW1d0Fp0/XtOLs0+3eK3llrbY0qGf4fu9aVT4F9
0lb48RwLEgvAtgYnBHgw1E3UpdQv88H6m7Un7+75AqFHxsB1F2tYXikhDB4PvRV5
CCyitCwD1CrAQjbsmvWj7wPBGltqNCYOW0n2yr2umaAAtRtHNSUrqvzDOAHNznuA
V42AGbYYVlGWseGJaxbASjvl3IMHyPDz+l80FtnE2F/11Qtid2ohTuIAEIpsN9Mx
eCBoY4cY58K19dXh5SBc3ZA6QJwJZJAP9UxGJNEqhqCj25LblktJKniLI3U3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:44 2025 by rpki-client