Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/mFjpa91cvs76JxRh-TXM4rn-UQQ.roa
File: mFjpa91cvs76JxRh-TXM4rn-UQQ.roa (raw, json)
Hash identifier: NtiqUzjv8zhbk6VSueuXjtMgVu2zovvQV5YfqQ1AAHs=
Subject key identifier: 98:58:E9:6B:DD:5C:BE:CE:FA:27:14:61:F9:35:CC:E2:B9:FE:51:04
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018C39E2820573F8F7417648810D94028800
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/mFjpa91cvs76JxRh-TXM4rn-UQQ.roa
Signing time: Tue 05 Dec 2023 12:09:54 +0000
ROA not before: Tue 05 Dec 2023 12:09:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 152.89.28.0/22 maxlen: 24
193.135.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:e2:82:05:73:f8:f7:41:76:48:81:0d:94:02:88:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Dec 5 12:09:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9858e96bdd5cbecefa271461f935cce2b9fe5104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:25:ef:eb:35:80:c7:12:c3:44:8f:f6:68:0c:
6e:f4:e9:2e:c4:7e:b5:98:00:0d:b0:5b:9f:5f:3b:
51:1d:13:e9:2a:93:5b:f0:96:dd:aa:b0:9a:e9:62:
da:0c:7e:05:4d:e4:e8:66:5f:f2:19:e3:76:39:40:
84:6c:be:44:68:5c:d0:1f:7b:1f:7d:87:d5:2f:ff:
9e:8c:c6:e7:d9:3a:b4:25:f1:84:1b:ea:0c:c3:de:
70:8e:7e:af:7e:5e:aa:e7:00:4e:d0:c4:83:c1:e0:
6f:b3:d4:79:4c:be:5a:5f:be:86:87:27:04:8a:cd:
c0:b6:59:84:3d:eb:6d:6c:f2:79:c8:af:4e:c8:7c:
bd:cf:8c:c9:45:62:67:e1:35:8d:10:48:13:36:e9:
a0:d3:d5:75:7d:52:0a:b3:f2:76:80:19:12:6d:f3:
c4:8f:d4:45:11:19:2a:49:16:f8:98:cf:79:95:6f:
66:0c:58:50:85:ea:f2:90:16:20:c1:28:b8:05:93:
e1:07:c8:4a:72:03:72:b5:2b:48:c0:24:2c:86:67:
62:60:9f:f4:9c:c8:04:fe:54:1c:7c:c6:6f:b0:0b:
fb:52:3b:39:a1:9c:7c:69:07:be:3d:85:58:b9:10:
03:0d:ee:3a:d8:f8:77:1d:75:6d:5c:48:00:52:7d:
a0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:58:E9:6B:DD:5C:BE:CE:FA:27:14:61:F9:35:CC:E2:B9:FE:51:04
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/mFjpa91cvs76JxRh-TXM4rn-UQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.28.0/22
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
94:ad:3b:75:ea:30:35:f2:d6:6a:59:d5:06:d2:51:66:2e:39:
77:e3:78:e5:5b:9b:91:0a:dd:f7:41:ac:b3:a2:cd:22:b9:07:
7f:cc:f9:05:96:0e:bc:f7:a8:69:de:46:a2:f4:43:7c:95:dd:
ca:da:7d:7e:d1:65:c5:df:54:34:d1:0a:37:cc:7e:39:12:8a:
5b:6f:dd:5f:8e:71:a3:40:6d:03:0b:89:a8:6e:8e:40:93:23:
b1:27:df:5e:d8:cd:33:b9:cc:47:02:66:7d:c5:ac:ac:11:cc:
7e:15:f6:22:2e:ab:ce:ee:c6:5f:d9:9d:4b:b8:2f:76:c4:dc:
56:56:55:07:1c:24:06:f9:54:f5:ed:8b:0f:9a:50:37:ff:e7:
ec:08:7c:4d:2e:e2:04:ea:32:81:d0:ad:a8:6b:a1:74:61:d5:
92:0a:26:37:33:ca:32:ad:c2:e4:17:6e:46:29:18:8e:80:25:
e5:16:7f:89:0f:59:0d:ec:5b:83:36:25:86:01:15:fd:34:43:
4d:91:93:88:c4:d8:30:33:5f:de:24:24:18:a0:7c:bb:a0:26:
eb:ee:72:b4:f7:b7:94:1e:53:34:b6:01:c9:08:0a:dc:4e:14:
2f:1f:d0:bd:b9:7b:9e:64:6f:b4:5c:86:59:78:8f:a6:a9:c2:
5d:eb:53:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw54oIFc/j3QXZIgQ2UAogAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjMxMjA1MTIwOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODU4ZTk2YmRkNWNiZWNlZmEyNzE0NjFmOTM1Y2NlMmI5ZmU1MTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCXv6zWAxxLDRI/2aAxu9OkuxH61
mAANsFufXztRHRPpKpNb8JbdqrCa6WLaDH4FTeToZl/yGeN2OUCEbL5EaFzQH3sf
fYfVL/+ejMbn2Tq0JfGEG+oMw95wjn6vfl6q5wBO0MSDweBvs9R5TL5aX76GhycE
is3AtlmEPettbPJ5yK9OyHy9z4zJRWJn4TWNEEgTNumg09V1fVIKs/J2gBkSbfPE
j9RFERkqSRb4mM95lW9mDFhQherykBYgwSi4BZPhB8hKcgNytStIwCQshmdiYJ/0
nMgE/lQcfMZvsAv7Ujs5oZx8aQe+PYVYuRADDe462Ph3HXVtXEgAUn2gWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJhY6WvdXL7O+icUYfk1zOK5/lEEMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvbUZqcGE5MWN2czc2SnhSaC1UWE00cm4tVVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmFkcAwQA
wYeuMA0GCSqGSIb3DQEBCwUAA4IBAQCUrTt16jA18tZqWdUG0lFmLjl343jlW5uR
Ct33Qayzos0iuQd/zPkFlg6896hp3kai9EN8ld3K2n1+0WXF31Q00Qo3zH45Eopb
b91fjnGjQG0DC4mobo5AkyOxJ99e2M0zucxHAmZ9xaysEcx+FfYiLqvO7sZf2Z1L
uC92xNxWVlUHHCQG+VT17YsPmlA3/+fsCHxNLuIE6jKB0K2oa6F0YdWSCiY3M8oy
rcLkF25GKRiOgCXlFn+JD1kN7FuDNiWGARX9NENNkZOIxNgwM1/eJCQYoHy7oCbr
7nK097eUHlM0tgHJCArcThQvH9C9uXueZG+0XIZZeI+mqcJd61Ow
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:57 2025 by rpki-client