Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/dXeaBJl10vB-B0zSVkLwNY_iIs4.roa
File: dXeaBJl10vB-B0zSVkLwNY_iIs4.roa (raw, json)
Hash identifier: F86Ia5myX5pjFnoQkxccwMDKgx5XnQXJd15fpxB0f8o=
Subject key identifier: 75:77:9A:04:99:75:D2:F0:7E:07:4C:D2:56:42:F0:35:8F:E2:22:CE
Certificate issuer: /CN=043a9c35d9e1a2f4d34a754fa26d203657847218
Certificate serial: 0194244504FF070A707B6B60399018EE8371
Authority key identifier: 04:3A:9C:35:D9:E1:A2:F4:D3:4A:75:4F:A2:6D:20:36:57:84:72:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/dXeaBJl10vB-B0zSVkLwNY_iIs4.roa
Signing time: Wed 01 Jan 2025 23:48:10 +0000
ROA not before: Wed 01 Jan 2025 23:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211300
IP address blocks: 152.89.240.0/24 maxlen: 24
152.89.241.0/24 maxlen: 24
152.89.242.0/24 maxlen: 24
152.89.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:04:ff:07:0a:70:7b:6b:60:39:90:18:ee:83:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=043a9c35d9e1a2f4d34a754fa26d203657847218
Validity
Not Before: Jan 1 23:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75779a049975d2f07e074cd25642f0358fe222ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:18:69:ec:f3:0d:51:63:8c:e3:f3:f7:a0:f6:
c5:c6:6f:19:29:55:2a:c1:71:8c:17:45:84:4d:49:
93:22:26:d8:9b:44:ef:ee:1d:5a:37:98:29:24:2d:
4f:69:88:b2:68:98:a9:1c:a0:fe:0f:05:58:12:c4:
41:95:69:62:65:b6:1d:28:33:68:f7:da:42:3d:d8:
9a:de:59:ce:d5:aa:b2:ec:2e:97:fe:0f:e1:7d:be:
22:23:13:69:8a:e4:b4:87:52:e9:4d:e0:3c:33:ef:
27:29:bd:87:8d:39:c8:9b:e6:72:67:79:e0:2a:f4:
d4:87:6a:55:fb:77:4b:8f:af:6b:22:03:ae:54:fd:
a3:0f:5a:7a:bd:7a:2b:48:9e:e6:be:d8:4f:5e:29:
71:b8:a2:f4:b8:1e:6b:36:d8:43:56:22:80:71:6b:
91:7e:99:50:31:bb:d5:91:cb:c1:8f:b7:a8:29:8e:
2d:82:06:2b:40:93:54:a0:24:97:e5:61:6d:38:51:
88:3e:7a:47:19:48:0b:5b:b9:36:23:62:d1:fc:63:
3c:1f:3c:c1:4e:cc:4b:fd:a9:c5:2b:34:1c:12:5e:
bc:6e:93:24:28:c5:c3:9e:dd:db:fa:b2:72:58:6c:
5f:dd:51:5d:d2:f7:b0:be:4b:ea:96:c8:85:5b:d5:
c1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:77:9A:04:99:75:D2:F0:7E:07:4C:D2:56:42:F0:35:8F:E2:22:CE
X509v3 Authority Key Identifier:
keyid:04:3A:9C:35:D9:E1:A2:F4:D3:4A:75:4F:A2:6D:20:36:57:84:72:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/dXeaBJl10vB-B0zSVkLwNY_iIs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.240.0/22
Signature Algorithm: sha256WithRSAEncryption
be:3c:d8:8d:fa:37:94:4e:86:75:a4:b8:04:17:dc:5d:ba:79:
a6:f0:26:49:f0:d8:d4:d0:34:76:c3:9a:86:77:70:bd:ca:1c:
50:60:46:44:06:1f:c6:6c:28:e6:fa:7c:de:07:c2:12:bf:b3:
eb:e5:e3:4e:b9:09:ed:f7:d2:21:49:59:a5:cf:fe:f5:6d:35:
89:01:bc:b0:60:a9:7a:45:81:c9:f7:23:b9:db:54:52:dc:bf:
5f:69:a1:67:d2:87:01:ef:f8:18:9f:ca:13:82:ed:41:c0:ce:
bb:97:c6:a6:65:90:68:fd:87:a8:11:f5:68:a1:c9:66:cf:9b:
70:16:50:84:f4:a0:3c:81:d6:4b:68:67:06:1f:54:d0:7f:32:
4a:99:92:8e:35:3a:e9:57:3d:4b:f9:72:cd:16:3d:e8:40:54:
20:37:01:3c:7f:80:cc:05:ad:fc:6c:2c:ec:50:88:cc:e9:af:
5a:0d:9a:59:a2:8a:1a:42:6c:e4:f3:a7:5c:91:42:50:3d:4c:
b9:4e:3f:a0:e0:0e:79:88:56:2b:38:29:e6:67:ec:6e:d7:78:
20:3f:9f:0d:c6:2d:fc:b7:a4:c9:8d:5f:6f:e7:6f:3b:10:e7:
89:f9:b3:19:1b:1e:88:7e:b1:25:5f:c9:80:5a:07:57:0a:ef:
e4:35:8b:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRQT/Bwpwe2tgOZAY7oNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0M2E5YzM1ZDllMWEyZjRkMzRhNzU0ZmEyNmQyMDM2NTc4
NDcyMTgwHhcNMjUwMTAxMjM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTc3OWEwNDk5NzVkMmYwN2UwNzRjZDI1NjQyZjAzNThmZTIyMmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Bhp7PMNUWOM4/P3oPbFxm8ZKVUq
wXGMF0WETUmTIibYm0Tv7h1aN5gpJC1PaYiyaJipHKD+DwVYEsRBlWliZbYdKDNo
99pCPdia3lnO1aqy7C6X/g/hfb4iIxNpiuS0h1LpTeA8M+8nKb2HjTnIm+ZyZ3ng
KvTUh2pV+3dLj69rIgOuVP2jD1p6vXorSJ7mvthPXilxuKL0uB5rNthDViKAcWuR
fplQMbvVkcvBj7eoKY4tggYrQJNUoCSX5WFtOFGIPnpHGUgLW7k2I2LR/GM8HzzB
TsxL/anFKzQcEl68bpMkKMXDnt3b+rJyWGxf3VFd0vewvkvqlsiFW9XBnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHV3mgSZddLwfgdM0lZC8DWP4iLOMB8GA1UdIwQY
MBaAFAQ6nDXZ4aL000p1T6JtIDZXhHIYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkRxY05kbmhvdlRUU25WUG9tMGdObGVFY2hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zYjEwNGEtYzAzOS00MmMyLTlmZjEt
ODVjYmQyMDY4ZThmLzEvZFhlYUJKbDEwdkItQjB6U1ZrTHdOWV9pSXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zYjEwNGEtYzAzOS00MmMyLTlmZjEtODVjYmQyMDY4ZThm
LzEvQkRxY05kbmhvdlRUU25WUG9tMGdObGVFY2hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFnwMA0G
CSqGSIb3DQEBCwUAA4IBAQC+PNiN+jeUToZ1pLgEF9xdunmm8CZJ8NjU0DR2w5qG
d3C9yhxQYEZEBh/GbCjm+nzeB8ISv7Pr5eNOuQnt99IhSVmlz/71bTWJAbywYKl6
RYHJ9yO521RS3L9faaFn0ocB7/gYn8oTgu1BwM67l8amZZBo/YeoEfVooclmz5tw
FlCE9KA8gdZLaGcGH1TQfzJKmZKONTrpVz1L+XLNFj3oQFQgNwE8f4DMBa38bCzs
UIjM6a9aDZpZoooaQmzk86dckUJQPUy5Tj+g4A55iFYrOCnmZ+xu13ggP58Nxi38
t6TJjV9v5287EOeJ+bMZGx6IfrElX8mAWgdXCu/kNYvS
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:43:50 2025 by rpki-client