Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/JcQ4XnNNuhCFCptegJ4OikKt6EI.roa
File: JcQ4XnNNuhCFCptegJ4OikKt6EI.roa (raw, json)
Hash identifier: V4uiHg1qNVTGH4cwLosCcAcAuUHU5FHwvSgPuESRx7Y=
Subject key identifier: 25:C4:38:5E:73:4D:BA:10:85:0A:9B:5E:80:9E:0E:8A:42:AD:E8:42
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0194221F88C3B3FD8D30F178C34131345780
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/JcQ4XnNNuhCFCptegJ4OikKt6EI.roa
Signing time: Wed 01 Jan 2025 13:47:59 +0000
ROA not before: Wed 01 Jan 2025 13:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35503
IP address blocks: 89.252.196.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:88:c3:b3:fd:8d:30:f1:78:c3:41:31:34:57:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 1 13:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25c4385e734dba10850a9b5e809e0e8a42ade842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5a:c6:09:3a:5d:4b:a7:e5:5d:bf:85:a2:d7:
f5:a6:5f:f9:07:b0:15:8f:82:8e:4f:b0:7c:00:20:
47:5b:51:5c:c7:9f:7e:3a:c8:af:04:af:27:a6:45:
94:f8:83:27:ff:2b:56:33:0b:f3:f2:09:18:ca:a8:
d6:c5:cb:6a:5e:db:e4:57:51:ec:26:b7:bf:6b:79:
1a:f5:b3:1b:b5:f0:ed:78:ff:da:cb:19:83:17:41:
50:a7:37:34:0f:9f:62:31:7d:e6:9a:25:29:e7:cb:
ff:d7:39:70:54:f5:01:09:04:31:42:6c:28:bd:24:
06:6b:9c:1f:1a:bf:b2:46:bf:a4:33:46:46:2d:c7:
1b:e2:04:54:07:59:63:13:8b:df:cf:33:09:04:6f:
1b:31:fe:97:f7:f4:af:e9:07:6f:aa:8e:68:4d:0d:
56:61:5c:26:0a:a1:4b:bc:50:f2:fe:19:b1:47:a2:
28:1f:5d:74:fa:15:f7:18:cb:9d:e4:fb:a7:95:c8:
37:7d:b9:12:df:34:36:69:cc:b3:21:8b:14:14:56:
1b:af:c3:4c:4f:7f:e9:92:0a:6e:e9:1d:1a:0b:eb:
c9:c3:2f:aa:64:31:ff:2b:26:07:61:b1:4b:30:09:
4d:42:d7:83:f3:3c:ff:1d:67:13:01:0c:6a:f3:d4:
6f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:C4:38:5E:73:4D:BA:10:85:0A:9B:5E:80:9E:0E:8A:42:AD:E8:42
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/JcQ4XnNNuhCFCptegJ4OikKt6EI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.196.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:06:3d:f7:af:93:c2:5d:1c:b2:4d:f5:5e:d1:4f:8e:6b:72:
6c:05:be:b0:1d:ab:d3:4c:5d:a6:e3:ef:ac:53:03:8a:ca:6f:
7f:ee:8b:6c:d1:96:83:d1:16:82:2e:ab:21:6a:60:a8:33:78:
a4:cf:19:6e:13:77:74:f3:65:3e:a8:01:a0:75:c5:8c:99:07:
5d:ff:04:5d:35:39:e7:c0:5b:08:bc:43:a7:fd:8f:b4:e2:1e:
52:c5:c6:81:9d:e7:ce:77:47:5f:2d:5f:fb:8d:e2:ce:a2:be:
83:7e:9f:1b:f7:d3:8d:6e:b0:34:2b:ed:c6:8e:b8:1e:cb:ed:
a8:cb:f7:aa:8a:1f:3f:36:bb:bc:32:4a:04:f9:e2:b4:ec:23:
11:5f:98:9a:1c:26:c3:8a:13:5c:96:b2:44:16:24:10:9f:44:
d4:54:4a:b8:c4:5e:43:87:52:eb:d4:a4:3f:99:aa:5f:30:94:
f9:3a:85:8d:a2:d4:c1:6f:69:a0:b3:0d:18:af:63:f1:4d:4a:
33:32:24:c2:9d:07:e8:a0:17:e5:03:25:4f:65:8a:79:b1:cb:
17:85:98:03:55:00:23:b9:84:eb:59:81:e5:54:da:39:3f:df:
1c:5b:43:19:cd:63:03:65:24:e2:07:d5:c6:00:ae:2c:0d:03:
fd:5b:e5:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH4jDs/2NMPF4w0ExNFeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjUwMTAxMTM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWM0Mzg1ZTczNGRiYTEwODUwYTliNWU4MDllMGU4YTQyYWRlODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlrGCTpdS6flXb+Fotf1pl/5B7AV
j4KOT7B8ACBHW1Fcx59+OsivBK8npkWU+IMn/ytWMwvz8gkYyqjWxctqXtvkV1Hs
Jre/a3ka9bMbtfDteP/ayxmDF0FQpzc0D59iMX3mmiUp58v/1zlwVPUBCQQxQmwo
vSQGa5wfGr+yRr+kM0ZGLccb4gRUB1ljE4vfzzMJBG8bMf6X9/Sv6Qdvqo5oTQ1W
YVwmCqFLvFDy/hmxR6IoH110+hX3GMud5Punlcg3fbkS3zQ2acyzIYsUFFYbr8NM
T3/pkgpu6R0aC+vJwy+qZDH/KyYHYbFLMAlNQteD8zz/HWcTAQxq89RvXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXEOF5zTboQhQqbXoCeDopCrehCMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvSmNRNFhuTk51aENGQ3B0ZWdKNE9pa0t0NkVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfzEMA0G
CSqGSIb3DQEBCwUAA4IBAQDQBj33r5PCXRyyTfVe0U+Oa3JsBb6wHavTTF2m4++s
UwOKym9/7ots0ZaD0RaCLqshamCoM3ikzxluE3d082U+qAGgdcWMmQdd/wRdNTnn
wFsIvEOn/Y+04h5SxcaBnefOd0dfLV/7jeLOor6Dfp8b99ONbrA0K+3Gjrgey+2o
y/eqih8/Nru8MkoE+eK07CMRX5iaHCbDihNclrJEFiQQn0TUVEq4xF5Dh1Lr1KQ/
mapfMJT5OoWNotTBb2mgsw0Yr2PxTUozMiTCnQfooBflAyVPZYp5scsXhZgDVQAj
uYTrWYHlVNo5P98cW0MZzWMDZSTiB9XGAK4sDQP9W+UT
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:33:41 2025 by rpki-client