Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/9bd122-d6a9-4a40-860b-b0efc01d4f9c/1/HuIbCcMZ3U5fal8WQko5r7hmFPE.roa
File: HuIbCcMZ3U5fal8WQko5r7hmFPE.roa (raw, json)
Hash identifier: gsiwtZ3Lpg7UUxzfKZ1xNGJGO5Bt4L0AcldZ67+uEoo=
Subject key identifier: 1E:E2:1B:09:C3:19:DD:4E:5F:6A:5F:16:42:4A:39:AF:B8:66:14:F1
Certificate issuer: /CN=322d91b4aa96cc5732576d42335fddd0e5d6294f
Certificate serial: 0194244579C81C4F8360094D5D0EB7CEE67D
Authority key identifier: 32:2D:91:B4:AA:96:CC:57:32:57:6D:42:33:5F:DD:D0:E5:D6:29:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mi2RtKqWzFcyV21CM1_d0OXWKU8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/9bd122-d6a9-4a40-860b-b0efc01d4f9c/1/HuIbCcMZ3U5fal8WQko5r7hmFPE.roa
Signing time: Wed 01 Jan 2025 23:48:40 +0000
ROA not before: Wed 01 Jan 2025 23:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39863
IP address blocks: 81.89.208.0/22 maxlen: 22
81.89.208.0/24 maxlen: 24
81.89.209.0/24 maxlen: 24
81.89.210.0/24 maxlen: 24
81.89.211.0/24 maxlen: 24
81.89.212.0/22 maxlen: 22
81.89.212.0/24 maxlen: 24
81.89.213.0/24 maxlen: 24
81.89.214.0/24 maxlen: 24
81.89.215.0/24 maxlen: 24
81.89.216.0/22 maxlen: 22
81.89.217.0/24 maxlen: 24
81.89.218.0/24 maxlen: 24
81.89.219.0/24 maxlen: 24
81.89.220.0/22 maxlen: 22
81.89.220.0/24 maxlen: 24
81.89.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:79:c8:1c:4f:83:60:09:4d:5d:0e:b7:ce:e6:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322d91b4aa96cc5732576d42335fddd0e5d6294f
Validity
Not Before: Jan 1 23:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ee21b09c319dd4e5f6a5f16424a39afb86614f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:27:33:a8:d0:08:d8:9b:5c:da:07:bc:e9:31:
37:a7:35:8b:3f:63:6c:1c:79:41:f5:7b:1d:83:85:
15:ef:1f:f7:db:83:e0:85:33:43:cb:e0:ef:0d:18:
e5:05:30:b6:ff:b3:7a:d4:0f:91:aa:02:c7:49:0e:
88:53:23:59:61:53:17:0d:61:f7:1f:8e:c7:9d:09:
a4:7e:d7:fc:9c:6a:99:e4:63:c9:e8:09:a5:98:a8:
d8:a8:5c:4b:5b:22:c6:1f:c2:a4:db:2d:43:bf:0a:
f8:cb:5d:2d:61:36:ec:f9:ca:85:bb:8d:0a:ec:84:
98:78:51:45:f6:70:50:3b:f4:07:ca:58:8f:4c:c7:
bb:52:a7:35:6b:87:04:c8:0e:32:86:5c:0d:07:95:
54:d7:2d:5e:36:87:a9:6f:a8:a2:cc:79:23:8b:f9:
e2:da:37:69:1a:ec:97:51:24:df:40:ea:55:62:88:
60:1c:9a:0b:40:67:47:6f:e7:25:26:cf:29:8d:cd:
1e:11:69:29:ad:27:b6:5f:35:30:cf:ac:4e:f1:85:
8a:56:fb:1c:43:7c:28:74:f9:ef:a5:6f:ba:5c:37:
fd:6a:42:50:a6:74:b3:2b:e7:3e:86:ba:7d:74:5f:
5f:0e:51:cc:fe:f7:fe:29:8d:c0:89:93:4e:1a:aa:
21:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E2:1B:09:C3:19:DD:4E:5F:6A:5F:16:42:4A:39:AF:B8:66:14:F1
X509v3 Authority Key Identifier:
keyid:32:2D:91:B4:AA:96:CC:57:32:57:6D:42:33:5F:DD:D0:E5:D6:29:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mi2RtKqWzFcyV21CM1_d0OXWKU8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/9bd122-d6a9-4a40-860b-b0efc01d4f9c/1/HuIbCcMZ3U5fal8WQko5r7hmFPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/9bd122-d6a9-4a40-860b-b0efc01d4f9c/1/Mi2RtKqWzFcyV21CM1_d0OXWKU8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.89.208.0/20
Signature Algorithm: sha256WithRSAEncryption
40:89:a0:57:97:2a:e0:9f:1c:a4:23:84:12:f3:58:9f:2a:59:
89:60:0d:fe:8a:c4:ea:b5:46:16:87:67:16:cd:f9:87:a8:78:
35:11:97:14:c4:57:1e:59:61:f0:39:f5:c3:5b:53:0f:c0:6c:
90:0f:d1:ff:13:45:02:89:8e:cd:b1:86:42:9e:e9:ce:96:2d:
27:31:e0:a6:14:5b:67:a0:3b:bf:1f:da:fd:65:29:d1:a5:73:
55:c5:2f:c1:a4:12:67:98:0f:4e:5a:13:68:d7:e6:41:b5:2b:
12:66:e2:06:e8:bd:77:bf:1d:f3:d0:2d:0d:b5:c4:9d:fb:38:
72:8a:0b:30:45:a8:cc:13:87:84:36:24:63:79:29:30:f8:74:
b8:ac:35:ea:ae:0d:b3:ea:5f:8c:dc:55:b3:33:73:2a:5f:c7:
64:69:98:34:06:2e:c6:c1:67:0f:c0:dd:cb:b2:7e:07:19:a9:
66:0b:c3:4d:3e:0a:e8:0d:f1:18:9e:9d:e2:5c:ab:75:6f:24:
7a:c5:52:8d:80:14:71:be:a0:c2:c9:af:7b:4e:09:90:5b:32:
99:12:22:2d:d9:63:21:58:28:08:32:62:47:ff:79:ea:9e:72:
08:56:5f:10:46:08:54:a0:0f:62:d8:7f:e6:7b:85:b1:af:bc:
1d:a4:32:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRXnIHE+DYAlNXQ63zuZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMmQ5MWI0YWE5NmNjNTczMjU3NmQ0MjMzNWZkZGQwZTVk
NjI5NGYwHhcNMjUwMTAxMjM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWUyMWIwOWMzMTlkZDRlNWY2YTVmMTY0MjRhMzlhZmI4NjYxNGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CczqNAI2Jtc2ge86TE3pzWLP2Ns
HHlB9Xsdg4UV7x/324PghTNDy+DvDRjlBTC2/7N61A+RqgLHSQ6IUyNZYVMXDWH3
H47HnQmkftf8nGqZ5GPJ6AmlmKjYqFxLWyLGH8Kk2y1Dvwr4y10tYTbs+cqFu40K
7ISYeFFF9nBQO/QHyliPTMe7Uqc1a4cEyA4yhlwNB5VU1y1eNoepb6iizHkji/ni
2jdpGuyXUSTfQOpVYohgHJoLQGdHb+clJs8pjc0eEWkprSe2XzUwz6xO8YWKVvsc
Q3wodPnvpW+6XDf9akJQpnSzK+c+hrp9dF9fDlHM/vf+KY3AiZNOGqohcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7iGwnDGd1OX2pfFkJKOa+4ZhTxMB8GA1UdIwQY
MBaAFDItkbSqlsxXMldtQjNf3dDl1ilPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWkyUnRLcVd6RmN5VjIxQ00xX2QwT1hXS1U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi85YmQxMjItZDZhOS00YTQwLTg2MGIt
YjBlZmMwMWQ0ZjljLzEvSHVJYkNjTVozVTVmYWw4V1FrbzVyN2htRlBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi85YmQxMjItZDZhOS00YTQwLTg2MGItYjBlZmMwMWQ0Zjlj
LzEvTWkyUnRLcVd6RmN5VjIxQ00xX2QwT1hXS1U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUVnQMA0G
CSqGSIb3DQEBCwUAA4IBAQBAiaBXlyrgnxykI4QS81ifKlmJYA3+isTqtUYWh2cW
zfmHqHg1EZcUxFceWWHwOfXDW1MPwGyQD9H/E0UCiY7NsYZCnunOli0nMeCmFFtn
oDu/H9r9ZSnRpXNVxS/BpBJnmA9OWhNo1+ZBtSsSZuIG6L13vx3z0C0NtcSd+zhy
igswRajME4eENiRjeSkw+HS4rDXqrg2z6l+M3FWzM3MqX8dkaZg0Bi7GwWcPwN3L
sn4HGalmC8NNPgroDfEYnp3iXKt1byR6xVKNgBRxvqDCya97TgmQWzKZEiIt2WMh
WCgIMmJH/3nqnnIIVl8QRghUoA9i2H/me4Wxr7wdpDLx
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:26 2025 by rpki-client