Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/vDuTbmqYDIEMwJ7q1gp31uECRmg.roa
File: vDuTbmqYDIEMwJ7q1gp31uECRmg.roa (raw, json)
Hash identifier: Km6SuzCWWL1EzJ8kwf/uxR97oCcA2aOAc1Z7c1rikAI=
Subject key identifier: BC:3B:93:6E:6A:98:0C:81:0C:C0:9E:EA:D6:0A:77:D6:E1:02:46:68
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018CD9F91324A2E75F1836FD0A1720FD92B8
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/vDuTbmqYDIEMwJ7q1gp31uECRmg.roa
Signing time: Fri 05 Jan 2024 14:13:48 +0000
ROA not before: Fri 05 Jan 2024 14:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12189
IP address blocks: 152.89.28.0/22 maxlen: 22
193.135.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:f9:13:24:a2:e7:5f:18:36:fd:0a:17:20:fd:92:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jan 5 14:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc3b936e6a980c810cc09eead60a77d6e1024668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a5:6e:7d:d0:71:a4:8f:b5:17:a4:b2:a1:04:
99:f3:48:f2:01:b9:4d:58:5a:d1:c2:1b:db:7e:b6:
9f:64:ab:0a:dc:9c:df:c6:5d:e4:11:0b:1f:5b:85:
97:7e:98:af:6d:4e:9d:2a:e2:e8:35:a7:5e:93:0a:
9c:3b:5f:af:db:90:19:77:f5:17:84:40:af:0c:ad:
37:fc:1e:9c:3a:53:3c:12:75:38:5e:34:8f:d6:7e:
08:59:01:1c:ee:d1:ec:ad:d9:33:57:8c:cf:53:be:
7e:f1:41:84:7f:28:ad:30:bf:3d:07:65:2c:25:09:
f1:63:83:04:31:31:86:cf:ab:b2:b7:40:2f:ba:23:
32:0b:0f:3d:6b:9e:2a:54:b1:21:0c:73:ad:32:bb:
d8:4f:6c:0a:9c:c8:08:69:65:18:91:06:b9:70:8f:
b7:6e:dc:c5:ad:e9:99:5c:37:4f:97:45:3e:62:b4:
fd:58:92:1e:8a:97:4d:ca:89:cf:b2:8d:8c:6f:5d:
29:12:2d:20:d3:cc:35:b0:c7:a2:b5:19:08:11:9c:
a0:a0:a6:aa:c0:cf:4b:fd:65:02:3b:9c:b3:5b:2b:
b2:43:5d:3d:b1:f1:fe:2d:a8:a6:78:ef:d9:24:93:
18:df:55:d8:a1:ed:28:e0:37:1f:43:11:48:85:73:
60:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:3B:93:6E:6A:98:0C:81:0C:C0:9E:EA:D6:0A:77:D6:E1:02:46:68
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/vDuTbmqYDIEMwJ7q1gp31uECRmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.28.0/22
193.135.174.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:e9:1c:b8:35:19:8c:41:98:1a:8d:0d:ae:c0:29:11:d9:b9:
99:d5:86:e2:b8:52:c9:b9:c0:9a:39:9c:1f:41:b2:6c:0a:2a:
d0:70:d3:4a:91:18:55:00:79:f8:b8:40:c7:f8:8c:e9:0a:7f:
3e:6f:41:e5:ce:d9:d5:a9:38:06:d8:97:8f:51:18:a4:7b:95:
71:a1:f2:4e:2e:87:31:38:e8:d0:99:8c:55:18:f8:55:5f:72:
8b:37:9a:a7:b3:85:16:f8:6b:14:54:0e:9c:2c:c9:85:00:2b:
82:a3:bc:4f:54:b7:88:03:56:8c:30:f5:20:40:76:02:1f:21:
75:33:cd:3d:ca:36:2d:5d:61:8b:d5:b6:e1:bd:d4:ee:f8:a8:
0c:8a:24:6b:f5:79:73:3b:8a:c0:05:cf:ca:a0:de:e3:33:f7:
d5:3d:a2:bc:f6:ae:4d:0a:ed:5a:44:63:28:3b:d8:c5:85:76:
1a:14:54:ec:96:ab:5d:0e:fb:68:31:a8:53:34:3b:fb:21:94:
01:09:4b:7f:b4:86:d2:f6:11:7d:2d:fc:7b:2b:73:b3:c6:9b:
75:ae:91:e6:97:87:27:e2:c3:ca:18:bc:6f:ca:45:da:14:5c:
79:e9:11:5f:f1:b7:11:0e:2a:e9:40:2e:cf:6b:54:6a:b1:03:
1d:54:42:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzZ+RMkoudfGDb9Chcg/ZK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjQwMTA1MTQxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzNiOTM2ZTZhOTgwYzgxMGNjMDllZWFkNjBhNzdkNmUxMDI0NjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaVufdBxpI+1F6SyoQSZ80jyAblN
WFrRwhvbfrafZKsK3Jzfxl3kEQsfW4WXfpivbU6dKuLoNadekwqcO1+v25AZd/UX
hECvDK03/B6cOlM8EnU4XjSP1n4IWQEc7tHsrdkzV4zPU75+8UGEfyitML89B2Us
JQnxY4MEMTGGz6uyt0AvuiMyCw89a54qVLEhDHOtMrvYT2wKnMgIaWUYkQa5cI+3
btzFremZXDdPl0U+YrT9WJIeipdNyonPso2Mb10pEi0g08w1sMeitRkIEZygoKaq
wM9L/WUCO5yzWyuyQ109sfH+LaimeO/ZJJMY31XYoe0o4DcfQxFIhXNgCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLw7k25qmAyBDMCe6tYKd9bhAkZoMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvdkR1VGJtcVlESUVNd0o3cTFncDMxdUVDUm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCmFkcAwQA
wYeuMA0GCSqGSIb3DQEBCwUAA4IBAQCr6Ry4NRmMQZgajQ2uwCkR2bmZ1YbiuFLJ
ucCaOZwfQbJsCirQcNNKkRhVAHn4uEDH+IzpCn8+b0HlztnVqTgG2JePURike5Vx
ofJOLocxOOjQmYxVGPhVX3KLN5qns4UW+GsUVA6cLMmFACuCo7xPVLeIA1aMMPUg
QHYCHyF1M809yjYtXWGL1bbhvdTu+KgMiiRr9XlzO4rABc/KoN7jM/fVPaK89q5N
Cu1aRGMoO9jFhXYaFFTslqtdDvtoMahTNDv7IZQBCUt/tIbS9hF9Lfx7K3Ozxpt1
rpHml4cn4sPKGLxvykXaFFx56RFf8bcRDirpQC7Pa1RqsQMdVEJt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:49 2025 by rpki-client