Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/27bAZzcF3RlnaG4QglDrsH7PyVs.roa
File: 27bAZzcF3RlnaG4QglDrsH7PyVs.roa (raw, json)
Hash identifier: TDomHzUZzAWJ2btI7BF/h6hkGtZaOaz2YKAXVXnM55U=
Subject key identifier: DB:B6:C0:67:37:05:DD:19:67:68:6E:10:82:50:EB:B0:7E:CF:C9:5B
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0186065EE632830CBC20A4CDF8AD6590E6DC
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/27bAZzcF3RlnaG4QglDrsH7PyVs.roa
Signing time: Tue 31 Jan 2023 05:48:47 +0000
ROA not before: Tue 31 Jan 2023 05:48:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 152.89.31.0/24 maxlen: 24
152.89.28.0/24 maxlen: 24
152.89.30.0/24 maxlen: 24
152.89.29.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:06:5e:e6:32:83:0c:bc:20:a4:cd:f8:ad:65:90:e6:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jan 31 05:48:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbb6c0673705dd1967686e108250ebb07ecfc95b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:46:3d:1b:06:c0:a7:0c:eb:f5:75:a3:47:03:
b8:19:5d:d8:54:c1:3d:ba:7c:9d:cf:ed:28:34:3d:
61:0c:f8:ff:70:ed:8b:82:ea:20:06:26:49:4c:c1:
10:d7:0b:f5:c6:e4:6c:d2:64:5e:95:57:91:6b:7c:
4b:3d:14:fe:39:f1:ae:71:b1:02:55:d8:dd:7f:17:
dc:69:ce:c4:43:51:53:94:2f:48:b7:37:84:5a:8a:
8e:95:1f:c8:93:47:a2:26:ec:ea:ab:3d:17:8c:a1:
42:94:b1:a1:ce:8b:aa:8b:d7:54:7d:2b:af:68:43:
15:d0:1d:43:ce:40:42:16:f0:9b:0e:fc:69:2d:1d:
99:ab:09:99:0f:4b:21:78:10:2a:f9:98:80:f3:d4:
3f:bb:d0:47:f1:e8:69:ec:15:82:ff:48:fd:b4:09:
6b:a5:37:54:bc:31:5f:1b:41:f0:7d:c9:a6:c5:04:
4d:df:81:99:80:b6:cb:28:34:27:7c:63:2c:4c:ce:
0a:6c:46:be:cf:f5:af:35:96:07:ae:4c:18:2f:09:
41:92:39:8e:e3:7f:70:65:05:bc:41:b6:fd:a5:1d:
bc:be:a6:47:b0:09:b6:1c:be:c8:e1:f5:8a:33:8f:
40:51:9e:1f:29:93:69:de:5d:d3:2e:0e:18:e8:22:
04:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:B6:C0:67:37:05:DD:19:67:68:6E:10:82:50:EB:B0:7E:CF:C9:5B
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/27bAZzcF3RlnaG4QglDrsH7PyVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.28.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:60:71:8c:ba:6c:e0:cb:fe:2f:4b:d4:02:af:5b:5d:5f:ec:
7f:9c:83:34:64:12:4c:f7:20:43:a0:d0:45:72:42:59:05:6f:
85:da:a7:51:b3:38:7d:0a:c6:da:fa:ba:92:59:7b:77:3e:21:
51:9a:e6:e3:5e:f4:c9:d0:e4:9e:8b:ae:37:e4:77:92:80:30:
d5:07:f6:06:b6:9f:a9:cd:4c:6f:25:44:de:56:88:c7:4e:73:
6a:52:36:17:d9:d7:b3:79:f9:1f:6d:9d:11:a4:30:e9:82:1b:
91:2f:e8:d6:9f:ea:53:77:63:ee:77:ee:e0:73:cf:85:a5:ac:
d9:5b:79:43:b1:69:5b:c0:a7:e6:ae:e9:13:4f:f2:52:14:4c:
1a:32:f0:9f:22:51:f1:d5:16:e4:a0:24:fa:a9:74:9b:dd:16:
2b:7b:27:46:82:e7:e3:d1:11:0d:66:6d:ea:ae:eb:fb:2c:32:
95:9c:cc:83:cd:39:6b:5c:23:07:5e:cb:7f:59:fd:84:07:9a:
91:1c:11:6c:dc:26:42:17:e6:52:cf:be:46:2a:93:26:4d:1e:
a7:af:dd:5c:01:a8:ca:df:f9:bf:d9:80:e7:ef:55:2b:e8:86:
f7:3e:75:37:8c:7b:9c:dd:fc:46:ff:86:9d:08:69:10:2a:c7:
a8:63:af:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYGXuYygwy8IKTN+K1lkObcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMwMTMxMDU0ODQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmI2YzA2NzM3MDVkZDE5Njc2ODZlMTA4MjUwZWJiMDdlY2ZjOTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkY9GwbApwzr9XWjRwO4GV3YVME9
unydz+0oND1hDPj/cO2LguogBiZJTMEQ1wv1xuRs0mRelVeRa3xLPRT+OfGucbEC
Vdjdfxfcac7EQ1FTlC9ItzeEWoqOlR/Ik0eiJuzqqz0XjKFClLGhzouqi9dUfSuv
aEMV0B1DzkBCFvCbDvxpLR2ZqwmZD0sheBAq+ZiA89Q/u9BH8ehp7BWC/0j9tAlr
pTdUvDFfG0HwfcmmxQRN34GZgLbLKDQnfGMsTM4KbEa+z/WvNZYHrkwYLwlBkjmO
439wZQW8Qbb9pR28vqZHsAm2HL7I4fWKM49AUZ4fKZNp3l3TLg4Y6CIETQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNu2wGc3Bd0ZZ2huEIJQ67B+z8lbMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvMjdiQVp6Y0YzUmxuYUc0UWdsRHJzSDdQeVZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFkcMA0G
CSqGSIb3DQEBCwUAA4IBAQB7YHGMumzgy/4vS9QCr1tdX+x/nIM0ZBJM9yBDoNBF
ckJZBW+F2qdRszh9Csba+rqSWXt3PiFRmubjXvTJ0OSei6435HeSgDDVB/YGtp+p
zUxvJUTeVojHTnNqUjYX2dezefkfbZ0RpDDpghuRL+jWn+pTd2Pud+7gc8+FpazZ
W3lDsWlbwKfmrukTT/JSFEwaMvCfIlHx1RbkoCT6qXSb3RYreydGgufj0RENZm3q
ruv7LDKVnMyDzTlrXCMHXst/Wf2EB5qRHBFs3CZCF+ZSz75GKpMmTR6nr91cAajK
3/m/2YDn71Ur6Ib3PnU3jHuc3fxG/4adCGkQKseoY6+q
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:16 2025 by rpki-client