Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/cqY2imxI2FpprQ4rV_y1f2Xx4xU.roa
File: cqY2imxI2FpprQ4rV_y1f2Xx4xU.roa (raw, json)
Hash identifier: MxsIpL3iOP3PDiqOgBe5sB5wC0xoGjV0EN/iwmpxcDE=
Subject key identifier: 72:A6:36:8A:6C:48:D8:5A:69:AD:0E:2B:57:FC:B5:7F:65:F1:E3:15
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018C350DA188095C0E63EDBDCDE0C4A08789
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/cqY2imxI2FpprQ4rV_y1f2Xx4xU.roa
Signing time: Mon 04 Dec 2023 13:38:54 +0000
ROA not before: Mon 04 Dec 2023 13:38:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 152.89.28.0/22 maxlen: 22
193.135.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:0d:a1:88:09:5c:0e:63:ed:bd:cd:e0:c4:a0:87:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Dec 4 13:38:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72a6368a6c48d85a69ad0e2b57fcb57f65f1e315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8b:18:f8:9e:29:9f:8b:68:99:38:c3:eb:cd:
c5:f0:ba:6e:5e:81:07:db:7d:a2:c8:4e:27:3b:fa:
bb:b1:b0:48:1a:a2:6e:1a:a9:e3:e0:98:65:79:c8:
7e:3d:ad:f4:16:34:9a:03:a0:ca:88:ea:45:a4:b7:
1a:b6:3f:29:87:7f:7c:20:5a:9c:fc:26:df:e3:a4:
3f:e4:0a:57:98:54:31:94:ab:17:f9:5a:d7:09:2c:
4e:09:73:20:fb:60:bb:f0:f1:79:35:71:b8:44:42:
61:77:47:f5:dc:87:3d:ab:df:98:d3:ec:89:54:e8:
fd:54:0b:76:77:18:38:0c:6c:60:1a:e6:aa:6d:02:
bf:8a:4f:a7:b1:97:55:d8:cd:52:d2:4a:1e:92:e6:
b7:ce:6f:ff:64:43:0b:23:45:b8:73:bd:eb:74:d3:
c9:c0:7d:a4:48:99:07:88:02:98:8b:15:74:2e:6d:
32:fd:71:a1:b7:57:1d:22:63:18:e7:e8:09:b3:52:
fc:5c:cb:bd:ed:87:91:65:17:db:58:78:61:90:94:
f3:34:47:36:74:d9:a8:94:cd:f1:ab:a1:e2:56:f6:
e9:d3:47:76:31:80:55:1d:e2:82:c8:f4:05:b5:6b:
1e:f5:a0:35:f1:8f:85:3e:8c:85:ff:1b:06:f4:01:
c8:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A6:36:8A:6C:48:D8:5A:69:AD:0E:2B:57:FC:B5:7F:65:F1:E3:15
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/cqY2imxI2FpprQ4rV_y1f2Xx4xU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.28.0/22
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:18:8c:38:02:27:8f:cd:34:b5:33:a2:ee:4f:c7:3a:c6:ef:
98:4a:07:c0:49:c4:ae:be:e9:c8:8a:7b:3d:b7:5d:8d:31:ae:
26:11:a5:de:94:ba:ca:32:ff:a5:e9:37:a6:e5:fe:66:d5:f8:
e6:db:26:a9:3d:58:b5:55:75:1c:99:c2:1b:6d:60:73:52:e9:
64:f6:d5:04:0a:fd:d6:f9:20:c9:5f:c1:53:bd:46:70:9d:77:
7a:33:13:1c:83:8f:54:ae:6c:c3:3b:06:7b:0d:3b:91:0e:d0:
2a:07:55:27:32:db:aa:43:05:32:b6:43:fd:5b:16:98:7b:58:
be:0e:8b:ad:8e:b8:e1:96:1d:6f:06:e2:27:6c:a5:1f:32:3b:
aa:ab:cf:de:37:f2:b4:41:9a:39:db:47:8f:84:bb:7a:49:64:
d6:ec:3e:77:ee:80:95:2d:c6:e2:00:3e:09:ec:e1:b6:c3:fd:
cf:5c:f7:e3:0c:d4:55:04:c0:cd:8a:a6:cc:30:0f:f5:c4:4b:
3f:b6:48:b8:f0:94:4c:11:bd:cc:22:a8:e3:2a:e8:b4:fc:0e:
7f:3b:1f:90:c9:e7:2e:8b:ff:f4:12:3c:d7:1e:70:f9:f0:0e:
88:ea:1f:cb:b7:71:74:f5:33:8b:56:ab:5e:d1:b5:a3:7f:46:
07:3f:37:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw1DaGICVwOY+29zeDEoIeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMxMjA0MTMzODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmE2MzY4YTZjNDhkODVhNjlhZDBlMmI1N2ZjYjU3ZjY1ZjFlMzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIsY+J4pn4tomTjD683F8LpuXoEH
232iyE4nO/q7sbBIGqJuGqnj4Jhlech+Pa30FjSaA6DKiOpFpLcatj8ph398IFqc
/Cbf46Q/5ApXmFQxlKsX+VrXCSxOCXMg+2C78PF5NXG4REJhd0f13Ic9q9+Y0+yJ
VOj9VAt2dxg4DGxgGuaqbQK/ik+nsZdV2M1S0koekua3zm//ZEMLI0W4c73rdNPJ
wH2kSJkHiAKYixV0Lm0y/XGht1cdImMY5+gJs1L8XMu97YeRZRfbWHhhkJTzNEc2
dNmolM3xq6HiVvbp00d2MYBVHeKCyPQFtWse9aA18Y+FPoyF/xsG9AHIVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHKmNopsSNhaaa0OK1f8tX9l8eMVMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvY3FZMmlteEkyRnBwclE0clZfeTFmMlh4NHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmFkcAwQA
wYeuMA0GCSqGSIb3DQEBCwUAA4IBAQCiGIw4AiePzTS1M6LuT8c6xu+YSgfAScSu
vunIins9t12NMa4mEaXelLrKMv+l6Tem5f5m1fjm2yapPVi1VXUcmcIbbWBzUulk
9tUECv3W+SDJX8FTvUZwnXd6MxMcg49UrmzDOwZ7DTuRDtAqB1UnMtuqQwUytkP9
WxaYe1i+Doutjrjhlh1vBuInbKUfMjuqq8/eN/K0QZo520ePhLt6SWTW7D537oCV
LcbiAD4J7OG2w/3PXPfjDNRVBMDNiqbMMA/1xEs/tki48JRMEb3MIqjjKui0/A5/
Ox+Qyecui//0EjzXHnD58A6I6h/Lt3F09TOLVqte0bWjf0YHPzcE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:15 2025 by rpki-client