Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/9MexhKnQUWoq4BMQ7ZNGsg4ordE.roa
File: 9MexhKnQUWoq4BMQ7ZNGsg4ordE.roa (raw, json)
Hash identifier: mjfERidgq6VEs1a+KEP8oQ2o+RO9Xow1wobEbrVpQ98=
Subject key identifier: F4:C7:B1:84:A9:D0:51:6A:2A:E0:13:10:ED:93:46:B2:0E:28:AD:D1
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0188E53D3F498D7CA4418FBC034DA955EF0C
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/9MexhKnQUWoq4BMQ7ZNGsg4ordE.roa
Signing time: Thu 22 Jun 2023 22:32:56 +0000
ROA not before: Thu 22 Jun 2023 22:32:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.250.244.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
93.114.69.0/24 maxlen: 24
188.211.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e5:3d:3f:49:8d:7c:a4:41:8f:bc:03:4d:a9:55:ef:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jun 22 22:32:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4c7b184a9d0516a2ae01310ed9346b20e28add1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:29:25:23:59:92:64:7d:e7:d4:12:6f:a0:9e:
7a:66:43:eb:1f:43:72:1b:b7:db:7c:5d:73:76:e5:
c0:cd:cd:96:de:2b:d1:9e:3f:89:8c:75:08:72:3d:
b4:8f:91:78:62:ce:fc:aa:dd:8f:aa:f7:6b:b9:72:
4f:b2:f5:63:f5:9a:eb:21:75:07:e9:da:44:e5:c3:
34:90:df:5d:92:70:f3:76:5b:2d:d0:8b:cd:b5:9e:
b5:94:2b:c8:a0:7c:3e:6f:c5:74:f2:f1:c2:bd:2d:
d1:ab:58:e5:ee:ec:4d:e1:ea:c2:60:79:a6:70:37:
d0:31:bd:20:49:6a:19:8f:69:fe:2f:ff:85:2e:ec:
9c:67:32:c6:98:44:40:9e:09:b9:cc:e0:9f:95:2c:
d5:f8:47:f3:35:3f:11:40:70:d5:f7:a3:6c:6b:f1:
8e:e7:5f:90:1e:87:c0:5e:d4:4b:8f:4e:76:53:8f:
be:00:4c:40:2e:2f:cf:a6:a7:7e:07:d3:ad:ad:70:
6d:05:71:b9:08:76:87:e2:ef:7f:3d:74:7c:76:6b:
f8:a5:87:6a:32:87:b5:60:2e:63:13:9b:ab:aa:e6:
42:fc:74:d7:54:9c:cb:6a:8b:10:06:88:73:4c:57:
58:98:90:7d:f8:06:78:61:c9:6d:c5:e7:5a:1c:96:
f8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C7:B1:84:A9:D0:51:6A:2A:E0:13:10:ED:93:46:B2:0E:28:AD:D1
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/9MexhKnQUWoq4BMQ7ZNGsg4ordE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.128.0/24
91.250.244.0/24
93.114.69.0/24
94.177.113.0/24
94.177.118.0/24
188.211.249.0/24
Signature Algorithm: sha256WithRSAEncryption
02:23:d3:d6:a8:75:15:5a:06:44:4b:6b:ee:bb:64:0c:c1:20:
94:ec:a8:dc:7f:0a:55:d5:37:5b:a7:0b:63:17:5e:3f:7b:43:
5e:76:57:a2:7e:0c:1a:e7:ea:18:78:d3:d1:54:34:de:36:93:
bb:a5:73:2a:c5:f5:2b:1a:55:93:1c:81:24:c6:6b:24:49:24:
20:d7:08:a7:ee:95:b6:e3:1e:ed:33:67:f3:75:32:fd:95:72:
92:dd:c7:c9:57:3f:fe:9c:ab:2c:70:4b:9c:ae:e6:cd:19:d1:
bf:2c:53:00:f3:40:6b:7e:b8:30:e0:37:44:a7:a4:6c:84:02:
ab:d6:98:3e:8a:bd:60:e5:16:02:b3:ed:dd:7d:8e:a1:da:d6:
40:ca:9c:9f:34:d9:ee:46:19:f5:ac:16:a4:43:b6:89:8c:91:
c3:f8:1d:aa:9d:07:43:f2:d5:55:7a:9d:bb:17:58:c1:4c:3e:
17:9b:0d:29:e9:16:b2:f1:62:9f:47:a3:1b:8c:78:86:90:4f:
bd:29:0d:66:37:db:83:8c:0a:4e:4c:51:c0:51:6d:2f:59:aa:
81:a4:c6:d6:9e:0a:aa:ca:d8:63:56:51:50:29:16:ba:7c:fb:
8f:b7:43:0d:42:ad:47:c6:d7:24:b8:47:c3:b8:d1:96:6a:8b:
dd:04:45:34
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYjlPT9JjXykQY+8A02pVe8MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNjIyMjIzMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGM3YjE4NGE5ZDA1MTZhMmFlMDEzMTBlZDkzNDZiMjBlMjhhZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSklI1mSZH3n1BJvoJ56ZkPrH0Ny
G7fbfF1zduXAzc2W3ivRnj+JjHUIcj20j5F4Ys78qt2PqvdruXJPsvVj9ZrrIXUH
6dpE5cM0kN9dknDzdlst0IvNtZ61lCvIoHw+b8V08vHCvS3Rq1jl7uxN4erCYHmm
cDfQMb0gSWoZj2n+L/+FLuycZzLGmERAngm5zOCflSzV+EfzNT8RQHDV96Nsa/GO
51+QHofAXtRLj052U4++AExALi/Ppqd+B9OtrXBtBXG5CHaH4u9/PXR8dmv4pYdq
Moe1YC5jE5urquZC/HTXVJzLaosQBohzTFdYmJB9+AZ4YcltxedaHJb42QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPTHsYSp0FFqKuATEO2TRrIOKK3RMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvOU1leGhLblFVV29xNEJNUTdaTkdzZzRvcmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSWAAwQA
W/r0AwQAXXJFAwQAXrFxAwQAXrF2AwQAvNP5MA0GCSqGSIb3DQEBCwUAA4IBAQAC
I9PWqHUVWgZES2vuu2QMwSCU7KjcfwpV1TdbpwtjF14/e0Nedleifgwa5+oYeNPR
VDTeNpO7pXMqxfUrGlWTHIEkxmskSSQg1win7pW24x7tM2fzdTL9lXKS3cfJVz/+
nKsscEucrubNGdG/LFMA80Brfrgw4DdEp6RshAKr1pg+ir1g5RYCs+3dfY6h2tZA
ypyfNNnuRhn1rBakQ7aJjJHD+B2qnQdD8tVVep27F1jBTD4Xmw0p6Ray8WKfR6Mb
jHiGkE+9KQ1mN9uDjApOTFHAUW0vWaqBpMbWngqqythjVlFQKRa6fPuPt0MNQq1H
xtckuEfDuNGWaovdBEU0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:30 2025 by rpki-client