Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/iVxulShReTYBVaVMHOSAPgJMX4w.roa
File: iVxulShReTYBVaVMHOSAPgJMX4w.roa (raw, json)
Hash identifier: K1U4ekJDUmOT/6sNVV1rdRQsFS3D9+kf/By0ijYc4Q0=
Subject key identifier: 89:5C:6E:95:28:51:79:36:01:55:A5:4C:1C:E4:80:3E:02:4C:5F:8C
Certificate issuer: /CN=862ba21fcfcc34c9d9b5a7c6081585e0a0ee70ae
Certificate serial: 0194266B4F19F21DEEDCA51C3402333AC5DB
Authority key identifier: 86:2B:A2:1F:CF:CC:34:C9:D9:B5:A7:C6:08:15:85:E0:A0:EE:70:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiuiH8_MNMnZtafGCBWF4KDucK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/iVxulShReTYBVaVMHOSAPgJMX4w.roa
Signing time: Thu 02 Jan 2025 09:49:14 +0000
ROA not before: Thu 02 Jan 2025 09:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39033
IP address blocks: 89.104.114.0/24 maxlen: 24
185.91.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:4f:19:f2:1d:ee:dc:a5:1c:34:02:33:3a:c5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=862ba21fcfcc34c9d9b5a7c6081585e0a0ee70ae
Validity
Not Before: Jan 2 09:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=895c6e95285179360155a54c1ce4803e024c5f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:dc:a0:f3:51:ec:7e:40:68:5d:a3:9d:9f:15:
6b:e4:3c:86:0f:b4:17:a5:b2:aa:bd:a2:35:38:90:
bd:e9:d0:44:83:83:76:8b:7f:3e:14:9f:bc:7b:7e:
d2:93:47:52:aa:34:aa:d6:3a:b6:20:15:93:49:74:
7d:c6:72:03:2f:3b:f5:19:2b:04:d3:b1:ba:0b:02:
5d:3c:46:93:01:d0:d2:bd:9a:4e:e5:ec:e1:87:b9:
b1:13:ba:92:ed:b5:ad:53:69:a4:ca:ba:3b:26:1a:
7e:63:34:11:cb:77:5d:75:04:08:a5:39:42:18:ed:
8d:68:b2:b1:20:de:56:13:6f:79:24:b8:73:bb:73:
0f:b4:a6:bb:49:3a:49:67:26:87:3e:1e:7e:74:67:
7f:e2:3f:aa:ec:fa:0e:9d:bb:2f:d8:67:c4:b5:79:
23:a9:f0:d4:33:50:45:20:63:7b:09:3a:66:51:0f:
ff:8f:7e:c4:e8:17:2b:97:5d:a9:87:91:c7:03:67:
01:a7:d5:64:02:cf:84:10:63:37:56:70:1a:b4:c1:
ba:b7:cb:20:16:05:97:92:22:b8:cb:0c:af:9c:37:
49:a6:57:93:3c:29:72:25:88:97:51:3b:ca:41:42:
59:27:fd:0e:fa:a3:85:82:98:96:f0:f0:72:eb:6e:
37:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5C:6E:95:28:51:79:36:01:55:A5:4C:1C:E4:80:3E:02:4C:5F:8C
X509v3 Authority Key Identifier:
keyid:86:2B:A2:1F:CF:CC:34:C9:D9:B5:A7:C6:08:15:85:E0:A0:EE:70:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiuiH8_MNMnZtafGCBWF4KDucK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/iVxulShReTYBVaVMHOSAPgJMX4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/hiuiH8_MNMnZtafGCBWF4KDucK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.104.114.0/24
185.91.125.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:19:cd:91:54:f0:ef:43:1f:39:07:31:ac:97:20:8a:d7:b7:
99:38:9d:41:c9:35:53:95:bc:7b:37:a3:83:dc:25:0b:d1:77:
92:e3:46:d4:fd:de:67:04:7c:80:80:40:6a:18:d4:44:39:55:
63:4f:68:65:49:de:e4:c8:40:34:31:0f:ff:3a:45:24:5c:d6:
15:4b:92:ca:d6:0e:72:0f:04:5e:c5:bb:22:77:36:b0:a5:d5:
92:66:4c:91:63:2c:c2:96:79:3e:59:44:00:2b:eb:5b:2e:36:
2d:fe:23:4d:02:bf:c3:ed:50:82:5f:e3:52:d7:35:b8:48:ab:
56:96:fa:a8:46:a8:a2:ef:bd:cb:e6:c4:a5:d9:4f:10:7f:fa:
b0:ef:8b:e5:a4:38:57:02:5c:5b:ad:9c:65:43:16:80:5a:5b:
d7:fe:bc:51:d0:fd:f6:8a:4a:3d:ec:57:c9:b5:ba:6d:fb:ce:
7b:88:e6:e9:63:31:d8:53:ad:5d:d6:2a:62:82:4f:a9:26:6a:
e1:c5:47:59:8d:59:bd:31:f9:47:21:ae:aa:cb:22:f8:6d:4d:
b1:1b:7e:6d:e5:e2:cf:34:5f:31:cc:89:55:91:5a:5b:74:08:
ab:27:39:81:18:1e:1f:92:f8:81:70:e9:34:45:cb:a9:02:ca:
bd:9e:3f:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQma08Z8h3u3KUcNAIzOsXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MmJhMjFmY2ZjYzM0YzlkOWI1YTdjNjA4MTU4NWUwYTBl
ZTcwYWUwHhcNMjUwMTAyMDk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTVjNmU5NTI4NTE3OTM2MDE1NWE1NGMxY2U0ODAzZTAyNGM1ZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNyg81HsfkBoXaOdnxVr5DyGD7QX
pbKqvaI1OJC96dBEg4N2i38+FJ+8e37Sk0dSqjSq1jq2IBWTSXR9xnIDLzv1GSsE
07G6CwJdPEaTAdDSvZpO5ezhh7mxE7qS7bWtU2mkyro7Jhp+YzQRy3dddQQIpTlC
GO2NaLKxIN5WE295JLhzu3MPtKa7STpJZyaHPh5+dGd/4j+q7PoOnbsv2GfEtXkj
qfDUM1BFIGN7CTpmUQ//j37E6Bcrl12ph5HHA2cBp9VkAs+EEGM3VnAatMG6t8sg
FgWXkiK4ywyvnDdJpleTPClyJYiXUTvKQUJZJ/0O+qOFgpiW8PBy6243wwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIlcbpUoUXk2AVWlTBzkgD4CTF+MMB8GA1UdIwQY
MBaAFIYroh/PzDTJ2bWnxggVheCg7nCuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGl1aUg4X01OTW5adGFmR0NCV0Y0S0R1Y0s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80NzVlNmYtODlhNS00M2U4LTgzYjkt
NDk1YTk1OWIxNmU3LzEvaVZ4dWxTaFJlVFlCVmFWTUhPU0FQZ0pNWDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni80NzVlNmYtODlhNS00M2U4LTgzYjktNDk1YTk1OWIxNmU3
LzEvaGl1aUg4X01OTW5adGFmR0NCV0Y0S0R1Y0s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWWhyAwQA
uVt9MA0GCSqGSIb3DQEBCwUAA4IBAQBPGc2RVPDvQx85BzGslyCK17eZOJ1ByTVT
lbx7N6OD3CUL0XeS40bU/d5nBHyAgEBqGNREOVVjT2hlSd7kyEA0MQ//OkUkXNYV
S5LK1g5yDwRexbsidzawpdWSZkyRYyzClnk+WUQAK+tbLjYt/iNNAr/D7VCCX+NS
1zW4SKtWlvqoRqii773L5sSl2U8Qf/qw74vlpDhXAlxbrZxlQxaAWlvX/rxR0P32
iko97FfJtbpt+857iObpYzHYU61d1ipigk+pJmrhxUdZjVm9MflHIa6qyyL4bU2x
G35t5eLPNF8xzIlVkVpbdAirJzmBGB4fkviBcOk0RcupAsq9nj8D
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:24 2025 by rpki-client on console.sobornost.net