Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/IrmBgkgcgkreze6614a3_bfIQpY.roa
File: IrmBgkgcgkreze6614a3_bfIQpY.roa (raw, json)
Hash identifier: +7FInOTr287RxeFcE2HI5uBa//SqE2joxbyN0vKhyng=
Subject key identifier: 22:B9:81:82:48:1C:82:4A:DE:CD:EE:BA:D7:86:B7:FD:B7:C8:42:96
Certificate issuer: /CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Certificate serial: 019421B1B443258F4236F7C15EA144171A9E
Authority key identifier: EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/IrmBgkgcgkreze6614a3_bfIQpY.roa
Signing time: Wed 01 Jan 2025 11:48:01 +0000
ROA not before: Wed 01 Jan 2025 11:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56729
IP address blocks: 89.40.96.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:b4:43:25:8f:42:36:f7:c1:5e:a1:44:17:1a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Validity
Not Before: Jan 1 11:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22b98182481c824adecdeebad786b7fdb7c84296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:17:47:80:ce:29:d8:0e:af:d7:83:ae:78:2b:
19:df:cf:5e:13:3e:f5:f4:5b:3a:a1:20:8a:07:1d:
fc:c0:98:51:43:5d:85:01:8a:eb:78:02:22:a1:c3:
c4:37:01:19:1d:50:1c:e4:93:29:c1:af:3f:14:00:
fa:25:43:39:2b:96:6d:c0:b8:51:b4:38:13:2a:e0:
b9:f5:6b:6c:61:9e:05:bb:dd:32:f4:f0:6f:7d:2b:
e7:63:33:73:ba:e3:ba:53:d0:95:93:1f:92:48:6f:
70:01:a9:24:ec:f6:81:10:af:ec:e6:e0:8b:3d:f0:
ed:f3:da:9b:06:14:a0:32:7f:e1:47:f7:9c:f7:1c:
5c:8a:ca:bb:da:6b:f2:fc:0e:93:13:73:3c:bc:34:
66:6c:3c:bc:51:ea:e6:43:23:f1:bc:02:3a:4a:03:
5d:1b:45:2a:8e:8e:cf:43:70:55:b2:fe:cb:f4:b2:
e2:7e:19:0e:bb:e2:b4:ab:7d:43:e4:24:5a:fd:b7:
c0:35:a3:29:53:4a:91:61:07:04:29:34:38:13:93:
08:28:83:45:09:f7:71:74:de:b6:bb:49:97:55:c7:
1c:ee:95:61:44:a0:e0:52:58:03:d6:16:83:ce:f1:
1c:bc:06:ca:f4:b0:7d:88:85:bc:d0:df:67:a4:c1:
6b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B9:81:82:48:1C:82:4A:DE:CD:EE:BA:D7:86:B7:FD:B7:C8:42:96
X509v3 Authority Key Identifier:
keyid:EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/IrmBgkgcgkreze6614a3_bfIQpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.96.0/22
Signature Algorithm: sha256WithRSAEncryption
14:3f:b2:76:5c:fa:3a:d1:13:d1:01:77:ce:f0:ad:2f:0d:9b:
d6:fe:64:f4:26:00:c4:e6:3a:70:9e:68:e6:88:bb:0e:66:13:
8d:a6:8e:ac:07:2c:9f:4a:ba:6f:a4:78:1b:9f:37:0f:f8:ab:
d2:9a:81:15:db:2f:8e:42:19:0a:2d:55:79:fe:c6:4f:5e:40:
47:1c:fe:64:07:5d:cd:c7:65:ca:4e:d8:bf:a8:68:a4:1e:43:
54:d8:48:96:f7:70:5f:35:09:c6:a3:1e:5b:70:ee:ae:5c:81:
88:6b:11:71:13:38:23:dd:de:50:42:ec:d3:ec:60:35:50:2e:
bf:3a:d5:80:5e:8d:a2:f4:d6:a3:44:d1:2a:75:df:83:c1:aa:
bb:85:d7:7b:a1:92:a0:71:54:a0:60:98:d5:41:b8:30:5e:7a:
f0:3c:d3:79:60:b8:9f:9b:c6:ae:ba:22:4d:95:22:55:b6:57:
8b:53:59:45:9c:b7:04:04:b0:62:07:3a:b7:2c:5e:45:b4:35:
db:2c:de:60:3f:f3:7a:39:4f:aa:70:85:a6:36:1c:aa:68:cf:
4b:73:fb:11:4f:d9:37:0d:ea:1b:21:27:27:14:cf:35:64:72:
02:bd:60:80:31:a2:d4:1d:7f:88:4b:75:04:c8:89:a9:1c:45:
59:f4:22:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsbRDJY9CNvfBXqFEFxqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjQyZTgwNjAyYWVkZjU4YTNjN2E4MTg4M2MxYTM0ZjY5
ZDJmYjQwHhcNMjUwMTAxMTE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmI5ODE4MjQ4MWM4MjRhZGVjZGVlYmFkNzg2YjdmZGI3Yzg0Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxdHgM4p2A6v14OueCsZ389eEz71
9Fs6oSCKBx38wJhRQ12FAYrreAIiocPENwEZHVAc5JMpwa8/FAD6JUM5K5ZtwLhR
tDgTKuC59WtsYZ4Fu90y9PBvfSvnYzNzuuO6U9CVkx+SSG9wAakk7PaBEK/s5uCL
PfDt89qbBhSgMn/hR/ec9xxcisq72mvy/A6TE3M8vDRmbDy8UermQyPxvAI6SgNd
G0Uqjo7PQ3BVsv7L9LLifhkOu+K0q31D5CRa/bfANaMpU0qRYQcEKTQ4E5MIKINF
CfdxdN62u0mXVccc7pVhRKDgUlgD1haDzvEcvAbK9LB9iIW80N9npMFrPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCK5gYJIHIJK3s3uuteGt/23yEKWMB8GA1UdIwQY
MBaAFOv0LoBgKu31ijx6gYg8GjT2nS+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2Mt
MTkwM2VkYWZhOGJmLzEvSXJtQmdrZ2Nna3JlemU2NjE0YTNfYmZJUXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2MtMTkwM2VkYWZhOGJm
LzEvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWShgMA0G
CSqGSIb3DQEBCwUAA4IBAQAUP7J2XPo60RPRAXfO8K0vDZvW/mT0JgDE5jpwnmjm
iLsOZhONpo6sByyfSrpvpHgbnzcP+KvSmoEV2y+OQhkKLVV5/sZPXkBHHP5kB13N
x2XKTti/qGikHkNU2EiW93BfNQnGox5bcO6uXIGIaxFxEzgj3d5QQuzT7GA1UC6/
OtWAXo2i9NajRNEqdd+Dwaq7hdd7oZKgcVSgYJjVQbgwXnrwPNN5YLifm8auuiJN
lSJVtleLU1lFnLcEBLBiBzq3LF5FtDXbLN5gP/N6OU+qcIWmNhyqaM9Lc/sRT9k3
DeobIScnFM81ZHICvWCAMaLUHX+IS3UEyImpHEVZ9CJu
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:18:03 2025 by rpki-client