Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/BQh7QT9BX7cTqXjHHhGh4E0jau4.roa
File: BQh7QT9BX7cTqXjHHhGh4E0jau4.roa (raw, json)
Hash identifier: ji+6a8qXV045VZtKjEfl6cGy7fTl7ME8scmY2gpWI2s=
Subject key identifier: 05:08:7B:41:3F:41:5F:B7:13:A9:78:C7:1E:11:A1:E0:4D:23:6A:EE
Certificate issuer: /CN=258f0753c033c1af091866d094264512696ca68b
Certificate serial: 019422FB749C9E35168061633E0C98CF7979
Authority key identifier: 25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/BQh7QT9BX7cTqXjHHhGh4E0jau4.roa
Signing time: Wed 01 Jan 2025 17:48:12 +0000
ROA not before: Wed 01 Jan 2025 17:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197615
IP address blocks: 89.234.242.0/23 maxlen: 23
89.234.244.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:74:9c:9e:35:16:80:61:63:3e:0c:98:cf:79:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f0753c033c1af091866d094264512696ca68b
Validity
Not Before: Jan 1 17:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05087b413f415fb713a978c71e11a1e04d236aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c0:b4:8e:c3:da:e7:11:59:89:b2:37:04:69:
ee:94:4f:50:a1:d6:1a:d2:b3:f1:f7:65:48:c8:64:
b7:23:8e:3e:7f:06:be:7e:72:c5:28:6b:c5:d3:ea:
3f:9e:2e:18:cb:5e:e1:56:8e:eb:a4:66:a9:d5:b9:
e3:33:6d:96:87:69:2b:67:09:7b:09:d2:95:ad:0e:
3b:3c:10:60:65:20:cd:d1:ff:76:d6:7b:92:b5:08:
c0:74:fa:ec:01:e8:27:38:0e:de:74:51:13:61:a9:
c3:8a:f4:54:7a:11:af:0e:91:3c:39:ba:d2:14:89:
f9:16:58:8a:e8:4c:f3:b6:6d:bf:78:aa:f3:ca:97:
f9:00:ca:4a:2f:1a:b9:f0:7d:87:ad:20:1e:ad:af:
4f:1f:f3:ae:7c:91:04:93:0f:66:06:8e:4e:15:5d:
0e:7c:fc:9d:a7:48:55:c2:77:bd:fd:af:f0:0a:4a:
6d:67:75:dd:2a:50:6f:98:f7:9f:83:1b:e2:c1:98:
4f:82:db:47:c4:fa:71:4a:1a:b0:d9:fd:04:f6:62:
de:97:b2:3f:4b:d6:22:97:44:33:1c:09:4a:f8:08:
df:ed:ff:ed:b3:d5:63:32:e3:fa:58:cd:a1:e1:48:
56:75:f6:01:17:13:69:78:0d:32:28:ed:76:0f:ec:
cc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:08:7B:41:3F:41:5F:B7:13:A9:78:C7:1E:11:A1:E0:4D:23:6A:EE
X509v3 Authority Key Identifier:
keyid:25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/BQh7QT9BX7cTqXjHHhGh4E0jau4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.242.0-89.234.245.255
Signature Algorithm: sha256WithRSAEncryption
40:03:ff:11:55:d7:fe:a6:07:ee:e4:3d:d5:91:16:a4:3d:e5:
9a:ab:24:45:a4:ff:17:2f:43:9e:bb:46:f9:90:2a:84:57:00:
02:49:76:81:e6:de:66:28:e8:ce:15:3c:36:59:1d:ab:0d:a1:
0f:55:df:1f:55:4a:ea:ea:44:30:ea:1f:b4:f0:51:98:ff:95:
a5:1e:20:31:0d:43:75:82:ac:0f:68:da:99:a6:f5:30:6b:33:
66:b0:4f:86:13:c3:b5:dd:a2:59:fd:4e:7c:35:2a:83:fe:ea:
6b:da:0d:a7:e3:62:18:15:23:be:dc:38:93:45:25:0e:e3:b6:
66:1e:2e:b8:59:a2:9f:91:2e:b7:dd:2b:97:f9:34:cb:63:cf:
d3:fb:95:ec:03:cd:56:65:d3:f7:57:c6:53:39:bc:06:c7:14:
15:7f:4d:23:f0:f6:25:b4:4b:98:ff:25:c9:7b:20:8a:0a:52:
de:77:10:39:97:cd:cd:c6:0d:bf:ab:f8:c7:4d:4e:30:27:e4:
69:85:03:40:4f:01:02:bf:c3:26:da:c2:fa:69:45:00:b3:8c:
dd:90:ca:28:f0:e7:39:be:0e:19:17:7e:60:76:bb:4c:75:a8:
45:13:40:b6:27:7e:b1:a0:59:c6:56:8e:1a:8c:e2:19:c2:26:
30:95:d3:1c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQi+3ScnjUWgGFjPgyYz3l5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGYwNzUzYzAzM2MxYWYwOTE4NjZkMDk0MjY0NTEyNjk2
Y2E2OGIwHhcNMjUwMTAxMTc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTA4N2I0MTNmNDE1ZmI3MTNhOTc4YzcxZTExYTFlMDRkMjM2YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6cC0jsPa5xFZibI3BGnulE9QodYa
0rPx92VIyGS3I44+fwa+fnLFKGvF0+o/ni4Yy17hVo7rpGap1bnjM22Wh2krZwl7
CdKVrQ47PBBgZSDN0f921nuStQjAdPrsAegnOA7edFETYanDivRUehGvDpE8ObrS
FIn5FliK6Ezztm2/eKrzypf5AMpKLxq58H2HrSAera9PH/OufJEEkw9mBo5OFV0O
fPydp0hVwne9/a/wCkptZ3XdKlBvmPefgxviwZhPgttHxPpxShqw2f0E9mLel7I/
S9Yil0QzHAlK+Ajf7f/ts9VjMuP6WM2h4UhWdfYBFxNpeA0yKO12D+zMVQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAUIe0E/QV+3E6l4xx4RoeBNI2ruMB8GA1UdIwQY
MBaAFCWPB1PAM8GvCRhm0JQmRRJpbKaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQt
MmMyZjBkMjRmOTM2LzEvQlFoN1FUOUJYN2NUcVhqSEhoR2g0RTBqYXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQtMmMyZjBkMjRmOTM2
LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFZ6vID
BAFZ6vQwDQYJKoZIhvcNAQELBQADggEBAEAD/xFV1/6mB+7kPdWRFqQ95ZqrJEWk
/xcvQ567RvmQKoRXAAJJdoHm3mYo6M4VPDZZHasNoQ9V3x9VSurqRDDqH7TwUZj/
laUeIDENQ3WCrA9o2pmm9TBrM2awT4YTw7Xdoln9Tnw1KoP+6mvaDafjYhgVI77c
OJNFJQ7jtmYeLrhZop+RLrfdK5f5NMtjz9P7lewDzVZl0/dXxlM5vAbHFBV/TSPw
9iW0S5j/Jcl7IIoKUt53EDmXzc3GDb+r+MdNTjAn5GmFA0BPAQK/wybawvppRQCz
jN2Qyijw5zm+DhkXfmB2u0x1qEUTQLYnfrGgWcZWjhqM4hnCJjCV0xw=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:31 2025 by rpki-client on console.sobornost.net