Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GkcKjV7118jMNm5nPyAA4Z3ouWA.roa
File: GkcKjV7118jMNm5nPyAA4Z3ouWA.roa (raw, json)
Hash identifier: cm4w2ZSn0HfMovoNlTVnUj5AwMHX2j1hCCEb7xgSykw=
Subject key identifier: 1A:47:0A:8D:5E:F5:D7:C8:CC:36:6E:67:3F:20:00:E1:9D:E8:B9:60
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB600AD8FA9B57727B1DA270D89BA3
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GkcKjV7118jMNm5nPyAA4Z3ouWA.roa
Signing time: Mon 01 Jan 2024 02:30:05 +0000
ROA not before: Mon 01 Jan 2024 02:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 89.23.112.0/24 maxlen: 24
89.23.118.0/24 maxlen: 24
89.23.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:60:0a:d8:fa:9b:57:72:7b:1d:a2:70:d8:9b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a470a8d5ef5d7c8cc366e673f2000e19de8b960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:37:29:28:23:3f:e9:b0:aa:87:f7:a5:da:43:
fc:64:df:39:fc:3f:31:71:bb:80:2e:be:7c:a1:30:
0f:e6:96:cb:44:76:e8:40:84:b5:95:1f:98:0c:c7:
ea:67:70:6a:aa:ba:31:51:d3:c3:80:a6:49:8e:ee:
51:1f:03:a0:ba:b0:ec:be:45:79:84:2d:0a:32:56:
2c:90:77:24:5c:92:ca:5e:48:78:7d:32:30:6c:0f:
c1:1f:37:15:93:58:07:6d:82:0f:8d:1d:1f:f3:da:
89:88:e8:e9:1e:51:53:ca:e1:54:0e:b7:67:6b:5b:
92:f9:a2:a2:2f:77:b4:fe:6d:bc:a8:88:12:d8:63:
4a:6f:aa:a3:82:5e:99:30:d5:3e:5f:5a:d6:9a:5a:
04:3d:b9:ee:01:4c:e7:e2:8a:74:aa:38:e3:43:31:
dd:e4:5b:ac:e3:5f:40:bf:05:19:0d:98:26:77:9c:
28:a1:6c:42:7f:24:14:aa:60:7f:32:c1:91:36:af:
59:7d:09:32:13:59:e1:8c:2a:a1:ab:c3:48:3b:21:
83:7e:64:ad:64:ac:31:da:d4:f6:87:0d:7c:2c:30:
e2:c3:33:3f:53:f5:5f:4d:2d:c7:ba:86:e9:6c:08:
b5:e9:24:a8:6f:7e:e7:3a:bc:d1:a7:c2:26:eb:30:
3b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:47:0A:8D:5E:F5:D7:C8:CC:36:6E:67:3F:20:00:E1:9D:E8:B9:60
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GkcKjV7118jMNm5nPyAA4Z3ouWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.112.0/24
89.23.118.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:f7:56:e0:70:5c:1a:da:a3:ba:96:80:0d:31:5f:2b:4b:a9:
0d:4c:a1:41:46:64:13:61:7c:28:2b:6a:ed:35:41:47:93:e8:
34:6e:91:f6:1c:3d:92:45:d2:e2:fe:32:d3:f0:66:b7:cc:fb:
cb:68:08:f4:e7:8a:c8:89:43:ef:5c:c7:53:9e:1d:95:4b:3c:
f7:35:7e:1c:79:18:e7:04:f6:d7:f5:50:44:6d:14:e6:98:96:
b3:43:cf:bb:45:98:c5:66:48:e7:7f:a4:b9:bd:85:cf:e9:60:
d6:e1:f8:b8:af:aa:49:bb:c8:73:dd:c0:4e:f3:cc:4b:92:ed:
35:b7:d1:a1:3f:d2:67:c3:08:a1:9f:96:86:99:f4:ad:bf:7d:
6f:ff:5f:f4:25:95:14:87:62:22:e2:20:14:31:f0:f2:33:a8:
c6:fd:07:f6:5c:32:ad:6f:87:d3:cf:52:c2:38:19:cb:f5:86:
73:30:b8:10:b3:4f:ef:21:1f:5b:51:e4:56:82:f5:57:d0:5f:
a6:d3:7a:4c:76:2b:24:db:21:df:a4:48:d0:80:0a:a9:0d:88:
61:88:ff:7c:a7:dd:ae:c0:e9:1f:6d:fe:89:ed:a1:de:65:22:
86:a3:06:d4:00:45:4e:5f:ab:cd:ce:17:f9:ce:b3:3f:b4:f1:
89:ff:1a:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC22AK2PqbV3J7HaJw2JujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTQ3MGE4ZDVlZjVkN2M4Y2MzNjZlNjczZjIwMDBlMTlkZThiOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzcpKCM/6bCqh/el2kP8ZN85/D8x
cbuALr58oTAP5pbLRHboQIS1lR+YDMfqZ3BqqroxUdPDgKZJju5RHwOgurDsvkV5
hC0KMlYskHckXJLKXkh4fTIwbA/BHzcVk1gHbYIPjR0f89qJiOjpHlFTyuFUDrdn
a1uS+aKiL3e0/m28qIgS2GNKb6qjgl6ZMNU+X1rWmloEPbnuAUzn4op0qjjjQzHd
5Fus419AvwUZDZgmd5wooWxCfyQUqmB/MsGRNq9ZfQkyE1nhjCqhq8NIOyGDfmSt
ZKwx2tT2hw18LDDiwzM/U/VfTS3HuobpbAi16SSob37nOrzRp8Im6zA7nwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBpHCo1e9dfIzDZuZz8gAOGd6LlgMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvR2tjS2pWNzExOGpNTm01blB5QUE0WjNvdVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWRdwAwQB
WRd2MA0GCSqGSIb3DQEBCwUAA4IBAQC291bgcFwa2qO6loANMV8rS6kNTKFBRmQT
YXwoK2rtNUFHk+g0bpH2HD2SRdLi/jLT8Ga3zPvLaAj054rIiUPvXMdTnh2VSzz3
NX4ceRjnBPbX9VBEbRTmmJazQ8+7RZjFZkjnf6S5vYXP6WDW4fi4r6pJu8hz3cBO
88xLku01t9GhP9Jnwwihn5aGmfStv31v/1/0JZUUh2Ii4iAUMfDyM6jG/Qf2XDKt
b4fTz1LCOBnL9YZzMLgQs0/vIR9bUeRWgvVX0F+m03pMdisk2yHfpEjQgAqpDYhh
iP98p92uwOkfbf6J7aHeZSKGowbUAEVOX6vNzhf5zrM/tPGJ/xrl
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:00:39 2025 by rpki-client