Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/C9n8RTSwqEhlUx4bs3wmqJ0jD7w.roa
File: C9n8RTSwqEhlUx4bs3wmqJ0jD7w.roa (raw, json)
Hash identifier: rEDxq7FVBGkljpMzZrogRUhntPnZwmmMQ7CdBMvheeA=
Subject key identifier: 0B:D9:FC:45:34:B0:A8:48:65:53:1E:1B:B3:7C:26:A8:9D:23:0F:BC
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018F389D30514426A6ECF3B6700F88B6C073
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/C9n8RTSwqEhlUx4bs3wmqJ0jD7w.roa
Signing time: Thu 02 May 2024 09:22:56 +0000
ROA not before: Thu 02 May 2024 09:22:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 109.234.74.0/24 maxlen: 24
193.135.157.0/24 maxlen: 24
193.135.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:9d:30:51:44:26:a6:ec:f3:b6:70:0f:88:b6:c0:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: May 2 09:22:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bd9fc4534b0a84865531e1bb37c26a89d230fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:83:16:1d:d3:03:48:d0:d1:60:e1:52:31:34:
bb:de:96:02:e4:ff:44:7b:e1:3d:20:fc:1d:dd:c9:
40:99:f1:a2:9c:8c:8e:9a:5e:d3:bd:50:5f:27:4c:
35:69:e9:1c:d3:de:cf:3e:5b:13:f9:23:1c:1d:8e:
61:d7:e5:df:bb:df:d2:13:65:fd:1c:48:22:68:33:
8b:96:c1:5f:fb:16:46:83:69:11:30:13:b0:70:c1:
d8:67:24:0a:35:40:9e:e7:a7:a8:f0:77:30:77:eb:
ed:11:0f:0f:b0:99:06:44:3b:7e:dc:c1:a1:56:6a:
97:19:a3:67:ce:d0:bd:77:3a:00:e5:67:1f:2f:c2:
bc:f5:9f:93:f7:51:e3:ea:9a:d5:8e:c4:9e:69:e7:
43:58:ec:da:58:e2:53:36:85:fe:8f:dd:45:9a:16:
47:df:21:57:0d:69:fe:b2:50:f8:a8:94:fe:cd:62:
03:2e:77:e1:cc:0b:84:6e:8a:b8:cd:3a:f9:76:40:
09:c4:e9:bb:7c:3d:fc:e9:d2:9f:1b:09:f2:e0:30:
ef:94:85:2f:c1:0c:8b:ca:c7:18:64:81:bb:5e:2e:
d9:19:d9:cb:3c:44:2e:01:e5:3a:12:11:4e:3e:c8:
17:97:b4:33:42:ad:45:35:76:77:4c:4d:f3:ab:5f:
db:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D9:FC:45:34:B0:A8:48:65:53:1E:1B:B3:7C:26:A8:9D:23:0F:BC
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/C9n8RTSwqEhlUx4bs3wmqJ0jD7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.74.0/24
193.135.157.0/24
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:64:ec:44:db:ef:8c:74:de:c7:e1:29:81:0e:08:74:49:7f:
96:12:31:85:41:bb:55:b6:a7:a0:5d:a2:fe:4b:9c:0e:d9:bf:
68:2b:d9:13:2d:7a:5d:1c:35:ed:e5:5f:fe:0b:6a:1e:e3:fe:
73:fd:1e:0e:b2:7a:6d:35:72:ec:18:bc:01:3d:1a:ac:47:1c:
2b:78:88:59:ad:73:76:24:2c:db:2e:97:49:e1:79:db:d8:73:
21:d8:52:57:bf:bf:0d:51:70:52:f7:4b:00:e8:c7:e6:bc:ef:
5c:bc:fe:8a:38:0d:dd:47:e1:5a:71:6f:6f:3a:ac:ce:ce:45:
00:22:c4:1a:de:09:4c:9b:02:21:69:05:3f:6e:76:3a:71:3d:
17:1a:8f:f3:8d:5e:4c:34:d2:e7:9d:dc:ff:5e:d8:29:70:98:
c9:d3:47:42:51:de:43:96:34:82:c3:e4:b9:6f:32:26:a2:df:
97:a8:ad:33:d7:57:ad:df:6d:19:99:b7:47:8c:6e:84:e5:bf:
d9:4e:53:df:da:71:1f:80:d2:2a:24:60:5b:de:80:11:74:b0:
3f:29:f9:14:e5:bd:7f:1d:9c:29:cb:3a:fe:e5:b2:e7:89:2a:
d3:69:9f:4d:09:be:ab:d5:2e:d2:fa:c2:da:d8:3b:f6:02:31:
9c:b8:b1:49
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY84nTBRRCam7PO2cA+ItsBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjQwNTAyMDkyMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmQ5ZmM0NTM0YjBhODQ4NjU1MzFlMWJiMzdjMjZhODlkMjMwZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYMWHdMDSNDRYOFSMTS73pYC5P9E
e+E9IPwd3clAmfGinIyOml7TvVBfJ0w1aekc097PPlsT+SMcHY5h1+Xfu9/SE2X9
HEgiaDOLlsFf+xZGg2kRMBOwcMHYZyQKNUCe56eo8Hcwd+vtEQ8PsJkGRDt+3MGh
VmqXGaNnztC9dzoA5WcfL8K89Z+T91Hj6prVjsSeaedDWOzaWOJTNoX+j91FmhZH
3yFXDWn+slD4qJT+zWIDLnfhzAuEboq4zTr5dkAJxOm7fD386dKfGwny4DDvlIUv
wQyLyscYZIG7Xi7ZGdnLPEQuAeU6EhFOPsgXl7QzQq1FNXZ3TE3zq1/bJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAvZ/EU0sKhIZVMeG7N8JqidIw+8MB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvQzluOFJUU3dxRWhsVXg0YnMzd21xSjBqRDd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbepKAwQA
wYedAwQAwYeuMA0GCSqGSIb3DQEBCwUAA4IBAQBNZOxE2++MdN7H4SmBDgh0SX+W
EjGFQbtVtqegXaL+S5wO2b9oK9kTLXpdHDXt5V/+C2oe4/5z/R4OsnptNXLsGLwB
PRqsRxwreIhZrXN2JCzbLpdJ4Xnb2HMh2FJXv78NUXBS90sA6MfmvO9cvP6KOA3d
R+FacW9vOqzOzkUAIsQa3glMmwIhaQU/bnY6cT0XGo/zjV5MNNLnndz/XtgpcJjJ
00dCUd5DljSCw+S5bzImot+XqK0z11et320ZmbdHjG6E5b/ZTlPf2nEfgNIqJGBb
3oARdLA/KfkU5b1/HZwpyzr+5bLniSrTaZ9NCb6r1S7S+sLa2Dv2AjGcuLFJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:18 2025 by rpki-client