Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0c3c30-4527-4722-971b-f5fe3e1b0a63/1/uU6zg4YH1264IiROqTWMjBqhAVA.roa
File: uU6zg4YH1264IiROqTWMjBqhAVA.roa (raw, json)
Hash identifier: OWnA1HPfhWIThBzmOjCNNoLbJUm6FK12YolmGLT6gvc=
Subject key identifier: B9:4E:B3:83:86:07:D7:6E:B8:22:24:4E:A9:35:8C:8C:1A:A1:01:50
Certificate issuer: /CN=d92e5cdf4c54ff868ce895315eab58f2d88650c2
Certificate serial: 0194252187AA1B1D2F4C7CD8BDEB07ED7B9B
Authority key identifier: D9:2E:5C:DF:4C:54:FF:86:8C:E8:95:31:5E:AB:58:F2:D8:86:50:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2S5c30xU_4aM6JUxXqtY8tiGUMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0c3c30-4527-4722-971b-f5fe3e1b0a63/1/uU6zg4YH1264IiROqTWMjBqhAVA.roa
Signing time: Thu 02 Jan 2025 03:49:01 +0000
ROA not before: Thu 02 Jan 2025 03:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200585
IP address blocks: 185.89.232.0/23 maxlen: 23
185.89.232.0/24 maxlen: 24
185.89.233.0/24 maxlen: 24
185.89.234.0/23 maxlen: 23
185.89.234.0/24 maxlen: 24
185.89.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:87:aa:1b:1d:2f:4c:7c:d8:bd:eb:07:ed:7b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d92e5cdf4c54ff868ce895315eab58f2d88650c2
Validity
Not Before: Jan 2 03:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b94eb3838607d76eb822244ea9358c8c1aa10150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c5:3f:f0:1b:11:5c:0b:f0:a6:f8:94:73:4b:
f8:9d:dc:46:f4:fd:d4:dd:1b:96:bf:11:8e:d6:41:
c3:f1:21:3a:6b:69:a0:78:54:b4:08:91:6b:a2:49:
f5:93:8d:95:27:e9:14:77:11:4b:53:32:af:15:c9:
d6:0e:2e:e8:c4:6c:0d:c3:b1:10:f5:db:fc:19:10:
52:78:b0:5a:e5:77:23:b7:81:71:39:5a:fc:c5:f3:
41:82:54:6f:30:58:65:17:aa:5f:97:55:70:8c:25:
19:66:98:72:06:92:05:68:4d:1d:97:ba:8e:a8:69:
09:69:86:e4:0f:35:ed:ed:d2:6f:e3:83:6b:55:91:
c3:48:bf:3e:32:f3:ee:79:a4:20:0e:93:37:8b:e0:
4b:f9:a2:b1:6b:13:61:f0:e9:4d:86:d8:03:29:ad:
4f:d4:5b:c1:6f:3d:c1:72:85:1f:82:45:2b:54:58:
f3:b1:20:ea:23:03:98:97:55:3e:37:19:df:98:ac:
5e:37:f2:4b:df:d1:f3:dc:7d:c6:98:58:a4:00:07:
da:e6:69:e0:82:26:7c:43:e3:5e:96:a0:75:ab:8f:
0e:76:75:0d:b5:79:45:1f:c9:4b:df:3e:31:6a:e6:
41:36:65:a1:30:89:cc:b4:0e:01:16:b9:ed:7b:d3:
cb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4E:B3:83:86:07:D7:6E:B8:22:24:4E:A9:35:8C:8C:1A:A1:01:50
X509v3 Authority Key Identifier:
keyid:D9:2E:5C:DF:4C:54:FF:86:8C:E8:95:31:5E:AB:58:F2:D8:86:50:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2S5c30xU_4aM6JUxXqtY8tiGUMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0c3c30-4527-4722-971b-f5fe3e1b0a63/1/uU6zg4YH1264IiROqTWMjBqhAVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0c3c30-4527-4722-971b-f5fe3e1b0a63/1/2S5c30xU_4aM6JUxXqtY8tiGUMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.232.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:d2:67:44:2f:53:35:a5:12:d2:5d:13:da:4a:fe:4e:86:29:
b3:df:ef:61:1d:9c:32:b7:92:12:4c:b6:3e:61:8a:ad:78:13:
66:7c:58:0c:ae:4d:d1:ca:27:8b:de:9d:0f:97:74:25:ff:4b:
3b:65:8f:4b:f4:7c:07:06:f7:e7:d5:d9:db:75:b4:a3:48:78:
7c:3f:c1:06:0b:8e:96:d7:0a:77:3a:8c:e9:9e:af:ce:92:d6:
4e:74:77:ec:e0:76:51:ee:95:6e:21:2e:d5:e8:54:b0:5c:a6:
38:b4:75:24:07:d0:db:20:b3:c5:9b:ff:9e:be:6e:de:86:7a:
a2:65:d0:a3:d2:5f:df:7c:5c:c3:ff:aa:51:1f:9e:2e:f2:1d:
ac:37:32:e2:db:7b:47:41:ba:35:a6:ee:ef:31:40:2b:46:0a:
38:b3:44:2c:c1:f0:62:86:2b:a8:f9:e9:e3:fc:18:c0:96:7d:
ff:5e:af:2d:68:5f:6e:ff:fe:e1:a3:de:9e:b5:6b:66:73:65:
d9:6d:c0:fe:de:6d:cc:43:38:fe:80:7f:05:d2:e2:1a:ea:ca:
01:54:85:7a:e6:45:a5:3d:f6:d4:6b:a4:80:fb:63:c5:8f:cf:
11:ff:02:b4:86:68:07:df:13:ae:b1:2d:57:87:54:4a:78:c9:
b8:9e:bd:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIYeqGx0vTHzYvesH7XubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MmU1Y2RmNGM1NGZmODY4Y2U4OTUzMTVlYWI1OGYyZDg4
NjUwYzIwHhcNMjUwMTAyMDM0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTRlYjM4Mzg2MDdkNzZlYjgyMjI0NGVhOTM1OGM4YzFhYTEwMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8U/8BsRXAvwpviUc0v4ndxG9P3U
3RuWvxGO1kHD8SE6a2mgeFS0CJFrokn1k42VJ+kUdxFLUzKvFcnWDi7oxGwNw7EQ
9dv8GRBSeLBa5Xcjt4FxOVr8xfNBglRvMFhlF6pfl1VwjCUZZphyBpIFaE0dl7qO
qGkJaYbkDzXt7dJv44NrVZHDSL8+MvPueaQgDpM3i+BL+aKxaxNh8OlNhtgDKa1P
1FvBbz3BcoUfgkUrVFjzsSDqIwOYl1U+NxnfmKxeN/JL39Hz3H3GmFikAAfa5mng
giZ8Q+NelqB1q48OdnUNtXlFH8lL3z4xauZBNmWhMInMtA4BFrnte9PLhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlOs4OGB9duuCIkTqk1jIwaoQFQMB8GA1UdIwQY
MBaAFNkuXN9MVP+GjOiVMV6rWPLYhlDCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlM1YzMweFVfNGFNNkpVeFhxdFk4dGlHVU1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wYzNjMzAtNDUyNy00NzIyLTk3MWIt
ZjVmZTNlMWIwYTYzLzEvdVU2emc0WUgxMjY0SWlST3FUV01qQnFoQVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wYzNjMzAtNDUyNy00NzIyLTk3MWItZjVmZTNlMWIwYTYz
LzEvMlM1YzMweFVfNGFNNkpVeFhxdFk4dGlHVU1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVnoMA0G
CSqGSIb3DQEBCwUAA4IBAQCh0mdEL1M1pRLSXRPaSv5Ohimz3+9hHZwyt5ISTLY+
YYqteBNmfFgMrk3RyieL3p0Pl3Ql/0s7ZY9L9HwHBvfn1dnbdbSjSHh8P8EGC46W
1wp3Oozpnq/OktZOdHfs4HZR7pVuIS7V6FSwXKY4tHUkB9DbILPFm/+evm7ehnqi
ZdCj0l/ffFzD/6pRH54u8h2sNzLi23tHQbo1pu7vMUArRgo4s0QswfBihiuo+enj
/BjAln3/Xq8taF9u//7ho96etWtmc2XZbcD+3m3MQzj+gH8F0uIa6soBVIV65kWl
PfbUa6SA+2PFj88R/wK0hmgH3xOusS1Xh1RKeMm4nr1v
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:05 2025 by rpki-client