Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/kD9Ri_S_wjXmk9bzA9CrlDrUyfM.roa
File: kD9Ri_S_wjXmk9bzA9CrlDrUyfM.roa (raw, json)
Hash identifier: D+RWoVLgnzMnFuVVhvWy4dekOMpHGrdCJ7EEIjFPgbg=
Subject key identifier: 90:3F:51:8B:F4:BF:C2:35:E6:93:D6:F3:03:D0:AB:94:3A:D4:C9:F3
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 018CCA2A064789018F6DF73204C06C9329D6
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/kD9Ri_S_wjXmk9bzA9CrlDrUyfM.roa
Signing time: Tue 02 Jan 2024 12:33:20 +0000
ROA not before: Tue 02 Jan 2024 12:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18345
IP address blocks: 84.239.60.0/24 maxlen: 24
84.239.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:06:47:89:01:8f:6d:f7:32:04:c0:6c:93:29:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jan 2 12:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=903f518bf4bfc235e693d6f303d0ab943ad4c9f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0a:a3:49:47:68:c0:cb:28:b9:ed:be:38:25:
34:47:97:3e:2d:48:a3:d9:0e:f5:f6:d6:80:05:fb:
a5:5c:01:45:d6:33:89:17:fd:59:45:55:05:5d:a1:
70:4b:78:4b:3d:fe:b9:e2:6f:fd:a2:63:b5:12:af:
e0:df:b2:4b:23:3d:68:a3:3f:a1:c9:a1:e0:90:e3:
22:18:a5:10:09:fe:1c:a2:88:b4:80:9c:c5:b7:36:
e3:5e:d3:e5:d7:45:74:56:7c:01:44:a7:bb:e0:9d:
27:73:e0:8e:1f:ab:0e:90:d7:cf:e1:94:f3:46:70:
d3:65:00:a2:0d:ef:ef:ed:08:82:80:15:55:ea:28:
30:fd:c6:58:14:31:6d:dc:a0:ea:e4:0c:8c:8f:02:
5b:26:f5:38:ff:49:c3:ee:ed:5d:70:6e:7e:b9:2e:
98:c0:e6:ee:41:16:85:76:f1:89:e6:bd:2b:61:f8:
56:96:d0:79:38:cb:f6:6f:58:18:5b:6f:53:10:2b:
e7:43:b0:c8:6b:e8:91:ef:bf:26:ef:75:c0:8d:df:
a4:f3:d4:21:73:59:08:b4:8b:f8:00:04:f5:13:8a:
8d:53:eb:a7:bc:44:97:15:a5:a0:3c:04:4c:f1:2b:
55:37:5e:16:94:24:b3:5a:d5:e5:a7:9b:6a:db:7e:
4c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3F:51:8B:F4:BF:C2:35:E6:93:D6:F3:03:D0:AB:94:3A:D4:C9:F3
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/kD9Ri_S_wjXmk9bzA9CrlDrUyfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.60.0/23
Signature Algorithm: sha256WithRSAEncryption
31:ee:18:a2:fb:84:07:ec:99:13:dc:e5:51:e7:60:0b:ff:d1:
38:71:30:00:0b:f7:72:82:7e:c8:6e:96:32:63:18:1b:e8:63:
67:0e:68:a2:5c:c5:64:ac:f3:29:9a:df:7f:f1:ad:11:10:bf:
8a:2e:e1:32:7f:fe:ca:c1:6c:75:5e:48:9a:0f:32:ca:ab:2c:
c9:3b:75:b2:0c:4b:1c:42:58:9c:cf:68:36:de:34:61:a6:9c:
7d:75:a6:9d:3c:8a:bb:e7:74:25:6f:33:92:32:9e:74:46:94:
bd:60:e5:85:9a:37:0f:c7:18:94:9f:08:25:3a:db:7b:a4:ea:
7b:60:39:46:75:45:34:ea:e6:e4:d4:de:5a:01:c8:ed:34:17:
77:1d:04:21:cb:cb:b7:13:9c:16:9c:95:8b:4d:9e:60:df:98:
e5:d2:1c:00:55:9b:65:53:23:99:29:98:9b:76:cd:61:d8:48:
2d:45:46:58:34:e3:18:6c:af:bd:d6:86:de:38:31:29:fb:c6:
ae:45:72:f7:e8:29:b0:38:74:99:01:40:31:43:4c:5a:bb:d3:
27:98:57:31:5e:67:3c:d4:8a:ec:5a:c8:05:8b:32:ab:ac:de:
8b:49:01:04:b7:1e:a0:3d:db:6a:78:f4:0f:0d:f6:5f:2d:6d:
1b:b8:20:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKgZHiQGPbfcyBMBskynWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjQwMTAyMTIzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDNmNTE4YmY0YmZjMjM1ZTY5M2Q2ZjMwM2QwYWI5NDNhZDRjOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogqjSUdowMsoue2+OCU0R5c+LUij
2Q719taABfulXAFF1jOJF/1ZRVUFXaFwS3hLPf654m/9omO1Eq/g37JLIz1ooz+h
yaHgkOMiGKUQCf4cooi0gJzFtzbjXtPl10V0VnwBRKe74J0nc+COH6sOkNfP4ZTz
RnDTZQCiDe/v7QiCgBVV6igw/cZYFDFt3KDq5AyMjwJbJvU4/0nD7u1dcG5+uS6Y
wObuQRaFdvGJ5r0rYfhWltB5OMv2b1gYW29TECvnQ7DIa+iR778m73XAjd+k89Qh
c1kItIv4AAT1E4qNU+unvESXFaWgPARM8StVN14WlCSzWtXlp5tq235MjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJA/UYv0v8I15pPW8wPQq5Q61MnzMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEva0Q5UmlfU193alhtazliekE5Q3JsRHJVeWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVO88MA0G
CSqGSIb3DQEBCwUAA4IBAQAx7hii+4QH7JkT3OVR52AL/9E4cTAAC/dygn7IbpYy
Yxgb6GNnDmiiXMVkrPMpmt9/8a0REL+KLuEyf/7KwWx1XkiaDzLKqyzJO3WyDEsc
Qlicz2g23jRhppx9daadPIq753QlbzOSMp50RpS9YOWFmjcPxxiUnwglOtt7pOp7
YDlGdUU06ubk1N5aAcjtNBd3HQQhy8u3E5wWnJWLTZ5g35jl0hwAVZtlUyOZKZib
ds1h2EgtRUZYNOMYbK+91obeODEp+8auRXL36CmwOHSZAUAxQ0xau9MnmFcxXmc8
1IrsWsgFizKrrN6LSQEEtx6gPdtqePQPDfZfLW0buCDT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:58 2025 by rpki-client