Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/aCwRSHVYBYpytuE1o9MjNgDXz9I.roa
File: aCwRSHVYBYpytuE1o9MjNgDXz9I.roa (raw, json)
Hash identifier: lR91pW0BeR+aoFpolYB6lJ9nl5KY3mWGfuxUgw4Zch4=
Subject key identifier: 68:2C:11:48:75:58:05:8A:72:B6:E1:35:A3:D3:23:36:00:D7:CF:D2
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 019427B6118B6A411BA7A4A30F6369AA0CBA
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/aCwRSHVYBYpytuE1o9MjNgDXz9I.roa
Signing time: Thu 02 Jan 2025 15:50:30 +0000
ROA not before: Thu 02 Jan 2025 15:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216248
IP address blocks: 89.188.164.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:11:8b:6a:41:1b:a7:a4:a3:0f:63:69:aa:0c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 2 15:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=682c11487558058a72b6e135a3d3233600d7cfd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ff:ea:24:d2:43:f8:c4:ea:fc:e7:9e:de:7f:
f0:8f:5e:33:31:b5:7f:bf:8d:3b:b5:e0:e9:7c:60:
d2:24:c2:41:86:1f:e6:b1:bf:05:9e:30:6b:18:7c:
a6:67:6f:19:94:ad:12:b0:66:22:60:7f:0a:b2:6d:
3f:11:ee:32:48:fe:34:00:13:c6:de:8f:a8:50:83:
2c:95:28:f7:f3:6c:1d:2f:ad:03:a8:1e:17:3f:7f:
5a:48:89:e5:ee:81:8b:05:d9:62:d8:08:de:14:3c:
12:31:57:5f:48:98:89:a6:1d:83:34:a7:a2:b4:5a:
1a:69:1d:ee:7a:0a:7c:0f:94:c4:44:a1:ed:fa:fe:
e0:f2:49:d0:2e:81:77:ab:55:37:ec:3c:8f:02:c1:
3a:d2:06:dd:21:26:af:7c:9a:37:ea:19:57:9a:f6:
16:c6:b2:0a:f7:85:97:70:8c:a2:c5:8e:1a:6c:1b:
ed:23:6d:5e:d5:ee:38:84:c4:03:b3:1f:c7:83:dd:
cc:ed:ab:54:10:18:08:cf:68:b1:f1:e2:b5:a1:5d:
81:83:b3:a6:cf:73:1b:ab:50:1e:60:b6:6a:47:a1:
7e:13:3a:c6:1b:c1:f8:0d:72:e8:ad:65:38:85:8a:
3e:40:79:62:e1:44:e2:3b:4f:7f:ca:60:12:b9:e4:
75:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2C:11:48:75:58:05:8A:72:B6:E1:35:A3:D3:23:36:00:D7:CF:D2
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/aCwRSHVYBYpytuE1o9MjNgDXz9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.164.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:2b:b0:29:54:c8:59:ac:b7:88:ed:05:0c:44:35:f0:68:0b:
6c:2a:7c:27:94:d3:71:dd:e5:f9:28:ce:55:d3:76:1d:04:d1:
52:50:7f:d2:37:49:ec:e6:71:ce:4d:81:fb:6f:99:da:80:0f:
f1:e6:4d:63:4a:6f:50:0d:5f:80:ec:99:ba:04:20:f4:dd:01:
2b:71:2a:54:8a:8c:17:be:c9:74:a7:bc:64:c7:f3:ac:34:57:
1e:8c:f7:88:19:aa:23:69:d7:31:33:70:83:b4:b1:4b:b4:36:
ea:c9:d0:93:eb:f3:65:91:68:6b:bb:4c:9c:b9:e7:3f:bd:1b:
ea:31:e8:b6:ad:ee:a9:31:2a:85:3c:4e:0b:58:10:ef:1f:68:
21:3c:b9:fb:bd:24:f0:95:cc:d7:69:cc:ea:1c:ea:6e:0d:4a:
a5:42:c8:a4:f8:76:75:c0:5c:ad:f5:06:19:3b:72:40:52:52:
23:eb:f7:a4:e7:a2:95:af:73:93:54:59:7d:25:fc:6c:59:d3:
2c:55:bb:a9:c9:f7:ca:99:e2:8b:cd:85:6e:a6:d5:78:d4:bc:
eb:dc:f6:3d:bb:7d:e0:bb:03:39:14:33:b8:f8:93:b0:8b:38:
18:99:76:52:68:9e:a2:ed:49:f1:9f:21:7c:d8:be:c9:f6:09:
59:60:10:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnthGLakEbp6SjD2Npqgy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjUwMTAyMTU1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODJjMTE0ODc1NTgwNThhNzJiNmUxMzVhM2QzMjMzNjAwZDdjZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlf/qJNJD+MTq/Oee3n/wj14zMbV/
v407teDpfGDSJMJBhh/msb8FnjBrGHymZ28ZlK0SsGYiYH8Ksm0/Ee4ySP40ABPG
3o+oUIMslSj382wdL60DqB4XP39aSInl7oGLBdli2AjeFDwSMVdfSJiJph2DNKei
tFoaaR3uegp8D5TERKHt+v7g8knQLoF3q1U37DyPAsE60gbdISavfJo36hlXmvYW
xrIK94WXcIyixY4abBvtI21e1e44hMQDsx/Hg93M7atUEBgIz2ix8eK1oV2Bg7Om
z3Mbq1AeYLZqR6F+EzrGG8H4DXLorWU4hYo+QHli4UTiO09/ymASueR1aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgsEUh1WAWKcrbhNaPTIzYA18/SMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvYUN3UlNIVllCWXB5dHVFMW85TWpOZ0RYejlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWbykMA0G
CSqGSIb3DQEBCwUAA4IBAQB8K7ApVMhZrLeI7QUMRDXwaAtsKnwnlNNx3eX5KM5V
03YdBNFSUH/SN0ns5nHOTYH7b5nagA/x5k1jSm9QDV+A7Jm6BCD03QErcSpUiowX
vsl0p7xkx/OsNFcejPeIGaojadcxM3CDtLFLtDbqydCT6/NlkWhru0ycuec/vRvq
Mei2re6pMSqFPE4LWBDvH2ghPLn7vSTwlczXaczqHOpuDUqlQsik+HZ1wFyt9QYZ
O3JAUlIj6/ek56KVr3OTVFl9JfxsWdMsVbupyffKmeKLzYVuptV41Lzr3PY9u33g
uwM5FDO4+JOwizgYmXZSaJ6i7UnxnyF82L7J9glZYBAE
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:49:07 2025 by rpki-client