Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/fff1c7-cee1-4fa6-a99b-c9c8ab188853/1/YixLFlfODucpz3SmvGUoO943czQ.roa
File: YixLFlfODucpz3SmvGUoO943czQ.roa (raw, json)
Hash identifier: U+vdy0unHKQkRcci4HnKyZFl5mHyggPlDsq3RNujwyk=
Subject key identifier: 62:2C:4B:16:57:CE:0E:E7:29:CF:74:A6:BC:65:28:3B:DE:37:73:34
Certificate issuer: /CN=69226ceb40c671f30acf11fa36b8d7d1c6754704
Certificate serial: 019421B2522B77E01673EAA3F10A6EAE441C
Authority key identifier: 69:22:6C:EB:40:C6:71:F3:0A:CF:11:FA:36:B8:D7:D1:C6:75:47:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aSJs60DGcfMKzxH6NrjX0cZ1RwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/fff1c7-cee1-4fa6-a99b-c9c8ab188853/1/YixLFlfODucpz3SmvGUoO943czQ.roa
Signing time: Wed 01 Jan 2025 11:48:42 +0000
ROA not before: Wed 01 Jan 2025 11:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38968
IP address blocks: 89.28.216.0/21 maxlen: 21
89.28.219.0/24 maxlen: 24
89.28.220.0/24 maxlen: 24
89.28.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:52:2b:77:e0:16:73:ea:a3:f1:0a:6e:ae:44:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69226ceb40c671f30acf11fa36b8d7d1c6754704
Validity
Not Before: Jan 1 11:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=622c4b1657ce0ee729cf74a6bc65283bde377334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:68:ff:3a:e2:6f:57:a8:23:8f:7b:36:be:5d:
46:98:a6:fc:7b:4f:8e:44:94:79:06:11:62:ba:fb:
d2:c3:ae:1a:75:17:20:89:04:7b:d7:54:84:d1:09:
28:fb:98:9a:a8:51:2a:7f:e4:17:b9:3c:53:ec:38:
ac:0e:57:dd:a9:ab:32:33:cf:17:0f:c6:40:33:6b:
63:b3:9d:e7:63:69:b9:bb:31:e3:a1:16:d6:49:65:
a6:7a:fd:34:d3:10:51:63:8e:66:ef:b4:2b:43:76:
d0:3c:df:3f:ce:de:c2:d6:71:2a:56:03:98:9e:70:
82:89:99:46:66:24:57:79:ba:ce:21:4d:b9:f4:33:
9e:14:9b:05:ba:cb:1a:09:cb:44:a6:1b:5e:b3:38:
fc:3f:d8:54:5e:05:8c:1e:6d:c1:f0:57:87:d6:40:
d7:15:00:ed:83:62:5b:fc:b1:c4:b0:ba:44:00:6e:
a1:24:e0:db:a8:70:60:65:f7:5c:ee:c9:59:25:09:
03:ad:d1:53:c0:8d:03:0f:9e:7f:6a:6f:33:3a:3d:
a9:17:d7:4c:8b:b2:d0:fa:d9:01:cc:b6:41:6b:59:
a6:fc:59:19:76:a4:39:e2:5a:40:7f:21:0c:19:8b:
6d:db:4a:a9:d5:14:dd:77:5b:02:4f:17:72:7d:b5:
01:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:2C:4B:16:57:CE:0E:E7:29:CF:74:A6:BC:65:28:3B:DE:37:73:34
X509v3 Authority Key Identifier:
keyid:69:22:6C:EB:40:C6:71:F3:0A:CF:11:FA:36:B8:D7:D1:C6:75:47:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aSJs60DGcfMKzxH6NrjX0cZ1RwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fff1c7-cee1-4fa6-a99b-c9c8ab188853/1/YixLFlfODucpz3SmvGUoO943czQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fff1c7-cee1-4fa6-a99b-c9c8ab188853/1/aSJs60DGcfMKzxH6NrjX0cZ1RwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.28.216.0/21
Signature Algorithm: sha256WithRSAEncryption
b9:62:02:b5:19:b2:b9:13:cd:0c:71:21:60:0f:4e:9b:bc:b1:
7d:3b:73:6f:c9:3f:73:38:25:0e:0f:4b:e4:77:4f:d8:94:f8:
54:51:ba:47:a2:5f:ef:f0:ea:e8:4a:8e:77:e0:fc:84:e1:05:
64:39:a8:e1:f3:ed:e0:22:c0:2b:25:41:59:2d:79:d5:c2:38:
b0:df:da:45:2a:22:f5:5d:b3:df:52:cd:c1:6f:42:8e:64:40:
eb:dd:5c:55:58:34:36:2f:2f:2c:b1:eb:8e:f4:76:16:65:80:
0e:48:e8:01:8e:60:08:c2:fd:7d:7b:46:b9:d0:37:ea:99:b9:
6b:e6:9c:6b:a6:b8:39:2d:57:54:1f:f6:be:69:a3:12:da:26:
af:79:ec:ae:fe:c2:85:c3:c4:0a:56:bc:7b:b7:5e:b8:1e:26:
c0:d9:9e:74:51:a2:45:ce:41:f6:50:41:f3:8b:c8:bb:85:0e:
56:ad:08:44:eb:b8:85:91:37:4e:6a:a1:85:86:51:81:38:7f:
ce:af:9d:b4:dd:22:79:53:cb:23:3b:b7:25:7f:e7:41:43:e0:
ef:cf:96:dc:39:ad:31:3a:07:bb:d1:45:ca:c7:79:fc:24:40:
93:28:dc:1f:cb:cb:e2:92:95:af:80:14:db:58:d9:14:e3:df:
f5:67:26:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhslIrd+AWc+qj8QpurkQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MjI2Y2ViNDBjNjcxZjMwYWNmMTFmYTM2YjhkN2QxYzY3
NTQ3MDQwHhcNMjUwMTAxMTE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjJjNGIxNjU3Y2UwZWU3MjljZjc0YTZiYzY1MjgzYmRlMzc3MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomj/OuJvV6gjj3s2vl1GmKb8e0+O
RJR5BhFiuvvSw64adRcgiQR711SE0Qko+5iaqFEqf+QXuTxT7DisDlfdqasyM88X
D8ZAM2tjs53nY2m5uzHjoRbWSWWmev000xBRY45m77QrQ3bQPN8/zt7C1nEqVgOY
nnCCiZlGZiRXebrOIU259DOeFJsFussaCctEphteszj8P9hUXgWMHm3B8FeH1kDX
FQDtg2Jb/LHEsLpEAG6hJODbqHBgZfdc7slZJQkDrdFTwI0DD55/am8zOj2pF9dM
i7LQ+tkBzLZBa1mm/FkZdqQ54lpAfyEMGYtt20qp1RTdd1sCTxdyfbUBuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGIsSxZXzg7nKc90prxlKDveN3M0MB8GA1UdIwQY
MBaAFGkibOtAxnHzCs8R+ja419HGdUcEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVNKczYwREdjZk1LenhINk5yalgwY1oxUndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9mZmYxYzctY2VlMS00ZmE2LWE5OWIt
YzljOGFiMTg4ODUzLzEvWWl4TEZsZk9EdWNwejNTbXZHVW9POTQzY3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9mZmYxYzctY2VlMS00ZmE2LWE5OWItYzljOGFiMTg4ODUz
LzEvYVNKczYwREdjZk1LenhINk5yalgwY1oxUndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWRzYMA0G
CSqGSIb3DQEBCwUAA4IBAQC5YgK1GbK5E80McSFgD06bvLF9O3NvyT9zOCUOD0vk
d0/YlPhUUbpHol/v8OroSo534PyE4QVkOajh8+3gIsArJUFZLXnVwjiw39pFKiL1
XbPfUs3Bb0KOZEDr3VxVWDQ2Ly8sseuO9HYWZYAOSOgBjmAIwv19e0a50Dfqmblr
5pxrprg5LVdUH/a+aaMS2iaveeyu/sKFw8QKVrx7t164HibA2Z50UaJFzkH2UEHz
i8i7hQ5WrQhE67iFkTdOaqGFhlGBOH/Or5203SJ5U8sjO7clf+dBQ+Dvz5bcOa0x
Oge70UXKx3n8JECTKNwfy8vikpWvgBTbWNkU49/1ZyYQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:12 2025 by rpki-client