Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/U9TWmfT5aP6p2exh_0DJ4NPcVy4.roa
File: U9TWmfT5aP6p2exh_0DJ4NPcVy4.roa (raw, json)
Hash identifier: tmgVQujLcL7n9dplfKkJ0LCQNpOoMBJETXvXZkMkVcY=
Subject key identifier: 53:D4:D6:99:F4:F9:68:FE:A9:D9:EC:61:FF:40:C9:E0:D3:DC:57:2E
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018CC56F02DAD2978CE2442E32C94855D6B3
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/U9TWmfT5aP6p2exh_0DJ4NPcVy4.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211439
IP address blocks: 89.40.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:02:da:d2:97:8c:e2:44:2e:32:c9:48:55:d6:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53d4d699f4f968fea9d9ec61ff40c9e0d3dc572e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:04:21:24:9a:6d:f4:7a:61:46:5d:71:7c:8b:
0e:36:c9:1e:77:1d:71:73:7d:68:85:4a:4e:e1:4e:
fa:b6:a1:86:cb:34:54:f1:fd:c5:4f:8c:90:a9:c9:
38:d8:b4:5f:c4:29:e1:4b:31:9e:57:14:50:db:88:
58:a6:5f:35:be:be:87:25:21:84:93:3b:44:23:25:
65:e7:93:4c:22:84:52:08:28:9c:cc:d5:16:b5:12:
bc:b0:86:40:e6:59:71:9e:15:6a:66:de:c6:84:69:
b3:68:5e:6f:4f:38:f3:f6:50:89:bb:85:54:dc:22:
a3:75:14:c9:4c:50:fd:05:85:80:57:8c:b5:34:36:
03:b1:e8:41:43:ed:6f:1c:d2:8d:17:56:50:e0:26:
dc:64:7b:dd:9f:2e:3a:8e:af:3a:a0:ae:31:e3:22:
4e:ed:33:81:4e:0e:56:aa:03:9e:53:99:48:e9:c0:
b8:76:a0:e2:88:ab:d9:ae:e7:e6:c2:b9:e6:3c:cd:
7d:e4:14:bd:94:4a:9d:94:23:62:67:16:5f:f5:f9:
43:79:98:13:09:5c:d4:8c:de:5e:6b:8e:59:8b:c9:
8b:4c:08:05:f4:9f:d0:c2:3f:2e:c1:25:47:a2:9d:
b6:dd:f2:06:50:51:7b:86:9a:6a:bb:84:8e:41:21:
a6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D4:D6:99:F4:F9:68:FE:A9:D9:EC:61:FF:40:C9:E0:D3:DC:57:2E
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/U9TWmfT5aP6p2exh_0DJ4NPcVy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.166.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:19:92:bf:fc:e0:8e:29:7d:58:c2:28:9f:24:86:cc:07:d0:
47:bd:74:17:8f:56:62:77:5c:c4:bb:7f:74:c2:4a:a9:67:55:
09:78:4f:62:45:98:c6:bd:83:63:e8:10:b4:92:0a:48:5f:9f:
7c:6f:3d:9e:fb:87:4f:55:ab:12:e5:64:05:f4:a0:e6:c1:ef:
97:43:9b:bb:d6:a9:26:cc:c6:8c:dd:13:57:c9:52:9f:9e:3b:
74:5e:e3:94:5c:8e:60:8b:a8:69:bb:97:b5:4a:04:67:b9:9d:
ad:08:c7:65:9a:9d:21:9e:43:c8:8a:5b:a2:81:db:58:4b:77:
bb:dc:ac:9a:4d:02:21:f9:10:c1:ed:c8:f3:16:26:d5:3c:84:
99:75:34:21:6c:5b:51:db:45:3b:4d:c0:da:bb:d8:01:08:16:
dc:20:ee:85:2f:c9:f0:40:d0:1e:b5:1f:cc:2f:eb:b0:dd:e0:
b8:aa:79:80:76:4f:13:5c:a7:f4:fc:73:2c:0b:ac:9d:2b:4c:
fc:5f:7b:24:d2:cc:a8:e5:b7:41:b1:fe:7d:1e:6c:9a:61:51:
28:9c:76:15:e3:4c:e0:8f:9b:84:5b:3c:91:aa:16:48:72:6b:
bb:cd:d8:60:20:e1:11:d6:ee:17:4e:6c:81:3e:4f:33:28:e2:
c9:41:45:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbwLa0peM4kQuMslIVdazMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Q0ZDY5OWY0Zjk2OGZlYTlkOWVjNjFmZjQwYzllMGQzZGM1NzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwQhJJpt9HphRl1xfIsONskedx1x
c31ohUpO4U76tqGGyzRU8f3FT4yQqck42LRfxCnhSzGeVxRQ24hYpl81vr6HJSGE
kztEIyVl55NMIoRSCCiczNUWtRK8sIZA5llxnhVqZt7GhGmzaF5vTzjz9lCJu4VU
3CKjdRTJTFD9BYWAV4y1NDYDsehBQ+1vHNKNF1ZQ4CbcZHvdny46jq86oK4x4yJO
7TOBTg5WqgOeU5lI6cC4dqDiiKvZrufmwrnmPM195BS9lEqdlCNiZxZf9flDeZgT
CVzUjN5ea45Zi8mLTAgF9J/Qwj8uwSVHop223fIGUFF7hppqu4SOQSGmBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPU1pn0+Wj+qdnsYf9AyeDT3FcuMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvVTlUV21mVDVhUDZwMmV4aF8wREo0TlBjVnk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSimMA0G
CSqGSIb3DQEBCwUAA4IBAQB8GZK//OCOKX1YwiifJIbMB9BHvXQXj1Zid1zEu390
wkqpZ1UJeE9iRZjGvYNj6BC0kgpIX598bz2e+4dPVasS5WQF9KDmwe+XQ5u71qkm
zMaM3RNXyVKfnjt0XuOUXI5gi6hpu5e1SgRnuZ2tCMdlmp0hnkPIiluigdtYS3e7
3KyaTQIh+RDB7cjzFibVPISZdTQhbFtR20U7TcDau9gBCBbcIO6FL8nwQNAetR/M
L+uw3eC4qnmAdk8TXKf0/HMsC6ydK0z8X3sk0syo5bdBsf59HmyaYVEonHYV40zg
j5uEWzyRqhZIcmu7zdhgIOER1u4XTmyBPk8zKOLJQUWA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:08 2025 by rpki-client