Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/i2liGaQe62BfzbFqbqL9-Ur4oTU.roa
File: i2liGaQe62BfzbFqbqL9-Ur4oTU.roa (raw, json)
Hash identifier: jHr3Dc4TJ6yNXMg4bYKMpmcQlN2GgESeXPlY8VQNuac=
Subject key identifier: 8B:69:62:19:A4:1E:EB:60:5F:CD:B1:6A:6E:A2:FD:F9:4A:F8:A1:35
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 01900806B00D78EB8AE48F5C847F63EA1092
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/i2liGaQe62BfzbFqbqL9-Ur4oTU.roa
Signing time: Tue 11 Jun 2024 15:59:34 +0000
ROA not before: Tue 11 Jun 2024 15:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 89.32.130.0/24 maxlen: 24
89.32.131.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:08:06:b0:0d:78:eb:8a:e4:8f:5c:84:7f:63:ea:10:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Jun 11 15:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b696219a41eeb605fcdb16a6ea2fdf94af8a135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:80:f5:98:8b:b5:ca:5d:3f:64:39:5b:ee:9a:
1d:e1:c9:27:d5:c6:e7:8b:79:f0:fc:3d:f7:c3:6f:
c3:28:34:8d:94:61:6c:96:c6:27:52:b7:6e:43:da:
eb:a7:25:b6:e2:a1:88:1d:1a:33:7e:ea:93:9a:59:
32:43:90:91:fc:49:c8:e2:bd:93:68:fa:0a:7d:43:
d9:d3:6a:34:bf:ef:16:fd:36:d2:0e:9f:c7:8c:ee:
03:7d:43:d7:23:f1:f3:7f:40:e2:87:4f:2f:af:52:
cf:69:d4:0e:c4:21:d6:e7:b9:ef:bf:e6:d2:a4:86:
91:48:9a:ba:68:e4:02:2a:fb:35:92:57:09:0f:f5:
25:eb:bd:aa:d0:99:15:da:c0:ee:5c:04:93:3a:5c:
c3:fc:0f:fd:5d:55:05:86:c9:56:92:17:45:fa:10:
79:cc:84:e9:42:b4:ab:d0:5c:49:9a:b1:b6:f5:51:
1d:36:8b:b4:98:2c:66:14:58:89:92:ec:8c:cc:af:
05:28:a9:dc:e0:cd:c1:2a:25:82:bc:1a:8b:9e:aa:
8b:0d:80:ca:aa:83:ed:ea:74:f0:9a:26:de:e4:16:
0f:0d:26:31:fe:60:c3:60:f7:1f:74:ab:90:61:13:
9a:75:55:3b:2c:b2:54:ac:a5:0b:41:39:be:f4:b8:
37:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:69:62:19:A4:1E:EB:60:5F:CD:B1:6A:6E:A2:FD:F9:4A:F8:A1:35
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/i2liGaQe62BfzbFqbqL9-Ur4oTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.130.0/23
Signature Algorithm: sha256WithRSAEncryption
11:cb:6c:1a:19:dd:77:72:ac:d1:3d:79:b4:0d:12:3c:cc:c1:
2d:eb:cf:e2:44:a0:96:c1:7d:56:0b:d1:56:da:c2:6d:23:9f:
4c:d4:c4:47:15:72:96:14:d3:1a:20:8c:eb:95:dd:bd:a2:76:
5f:6c:d1:3d:45:e5:8e:26:da:b4:4e:de:bf:db:8d:b7:83:b8:
92:16:5f:c9:7b:8c:f9:37:18:b7:2f:65:0b:db:7e:06:19:17:
44:82:24:51:b4:c8:25:38:3d:eb:a8:39:2e:e8:5c:b9:b4:33:
e7:08:53:7d:86:60:0d:b5:7a:fa:bb:0e:d1:2b:7d:11:fa:95:
67:99:8c:df:76:ed:18:8d:e3:c4:35:10:23:31:72:32:49:89:
00:e6:4f:e0:c0:52:5e:0d:e2:9e:a0:08:73:cc:3c:b8:56:23:
1c:fd:19:bf:8b:d6:60:a4:ae:6c:78:e6:0b:e3:c6:0d:2c:ba:
a0:c6:84:8a:92:fb:85:ae:96:a2:d2:e2:a7:2c:6b:ee:31:6f:
08:45:98:6f:26:13:4d:cd:74:bd:f7:0a:a2:ff:cd:71:cc:63:
10:b3:79:d7:49:30:b0:c3:a2:55:33:a0:8d:6d:57:9b:52:e7:
2c:35:a1:5a:bd:6c:fc:4b:30:9e:74:aa:4d:45:53:99:3b:57:
f6:df:e6:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZAIBrANeOuK5I9chH9j6hCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNjExMTU1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjY5NjIxOWE0MWVlYjYwNWZjZGIxNmE2ZWEyZmRmOTRhZjhhMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoD1mIu1yl0/ZDlb7pod4ckn1cbn
i3nw/D33w2/DKDSNlGFslsYnUrduQ9rrpyW24qGIHRozfuqTmlkyQ5CR/EnI4r2T
aPoKfUPZ02o0v+8W/TbSDp/HjO4DfUPXI/Hzf0Dih08vr1LPadQOxCHW57nvv+bS
pIaRSJq6aOQCKvs1klcJD/Ul672q0JkV2sDuXASTOlzD/A/9XVUFhslWkhdF+hB5
zITpQrSr0FxJmrG29VEdNou0mCxmFFiJkuyMzK8FKKnc4M3BKiWCvBqLnqqLDYDK
qoPt6nTwmibe5BYPDSYx/mDDYPcfdKuQYROadVU7LLJUrKULQTm+9Lg3OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItpYhmkHutgX82xam6i/flK+KE1MB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvaTJsaUdhUWU2MkJmemJGcWJxTDktVXI0b1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSCCMA0G
CSqGSIb3DQEBCwUAA4IBAQARy2waGd13cqzRPXm0DRI8zMEt68/iRKCWwX1WC9FW
2sJtI59M1MRHFXKWFNMaIIzrld29onZfbNE9ReWOJtq0Tt6/2423g7iSFl/Je4z5
Nxi3L2UL234GGRdEgiRRtMglOD3rqDku6Fy5tDPnCFN9hmANtXr6uw7RK30R+pVn
mYzfdu0YjePENRAjMXIySYkA5k/gwFJeDeKeoAhzzDy4ViMc/Rm/i9ZgpK5seOYL
48YNLLqgxoSKkvuFrpai0uKnLGvuMW8IRZhvJhNNzXS99wqi/81xzGMQs3nXSTCw
w6JVM6CNbVebUucsNaFavWz8SzCedKpNRVOZO1f23+Yb
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:44:01 2025 by rpki-client