Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/b7b7fa-13d0-4ffc-9878-097b4d6d81e4/1/5YTUm3AInZ3OKlBlwt5hqxXRJbw.roa
File: 5YTUm3AInZ3OKlBlwt5hqxXRJbw.roa (raw, json)
Hash identifier: PSUqZYSVv06gr+AVLnq+YX/Sexgy9uOWiMFkqPvnkl4=
Subject key identifier: E5:84:D4:9B:70:08:9D:9D:CE:2A:50:65:C2:DE:61:AB:15:D1:25:BC
Certificate issuer: /CN=6f108bd5addfabf151d9079e3d3d341269666fa7
Certificate serial: 01919E45D5FCF88698CF18D9EDD02CAB755F
Authority key identifier: 6F:10:8B:D5:AD:DF:AB:F1:51:D9:07:9E:3D:3D:34:12:69:66:6F:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bxCL1a3fq_FR2QeePT00Emlmb6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/b7b7fa-13d0-4ffc-9878-097b4d6d81e4/1/5YTUm3AInZ3OKlBlwt5hqxXRJbw.roa
Signing time: Thu 29 Aug 2024 13:14:22 +0000
ROA not before: Thu 29 Aug 2024 13:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199533
IP address blocks: 89.34.124.0/24 maxlen: 24
185.144.115.0/24 maxlen: 24
2a0f:ac80::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:45:d5:fc:f8:86:98:cf:18:d9:ed:d0:2c:ab:75:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f108bd5addfabf151d9079e3d3d341269666fa7
Validity
Not Before: Aug 29 13:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e584d49b70089d9dce2a5065c2de61ab15d125bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4d:97:71:b6:d8:6b:23:31:1d:e9:95:bf:3e:
35:b7:fa:44:5b:db:3a:d2:57:72:67:e3:01:b7:b1:
d1:6f:84:41:2e:6b:43:53:19:de:fa:18:89:ea:b8:
4c:38:48:8e:07:64:e5:99:d4:e9:78:f5:60:4f:33:
57:30:14:e8:b1:7e:f5:8c:b6:89:54:ef:eb:9f:9d:
dc:6f:da:c8:09:10:ca:28:3a:84:86:8b:14:06:da:
9a:46:9c:45:e1:99:36:19:ef:09:c4:d6:8b:39:15:
17:21:53:88:41:80:3d:85:d2:85:66:03:53:c9:51:
69:66:40:1f:cb:30:5c:26:be:8d:6e:54:64:e6:b1:
d0:23:e4:c8:a7:a4:d1:44:be:5e:06:d8:f3:f8:57:
38:1d:b3:b4:ab:96:cc:47:70:6b:4e:b3:32:19:2f:
b6:a6:9e:98:f6:a6:4f:43:32:be:fa:d1:6c:f5:e7:
bb:64:8c:db:83:79:91:c5:6e:86:93:0c:4d:52:64:
53:0b:5e:e0:c0:01:71:ce:86:82:44:64:8f:72:d1:
bb:af:ac:3c:ee:78:7d:91:4f:7a:60:e9:f4:4e:e0:
cc:fa:7d:a2:f6:9b:c7:4d:af:fe:cd:7a:e7:62:a3:
01:32:69:62:ca:26:cc:39:5e:7d:bb:ea:2f:17:88:
b0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:84:D4:9B:70:08:9D:9D:CE:2A:50:65:C2:DE:61:AB:15:D1:25:BC
X509v3 Authority Key Identifier:
keyid:6F:10:8B:D5:AD:DF:AB:F1:51:D9:07:9E:3D:3D:34:12:69:66:6F:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxCL1a3fq_FR2QeePT00Emlmb6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b7b7fa-13d0-4ffc-9878-097b4d6d81e4/1/5YTUm3AInZ3OKlBlwt5hqxXRJbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b7b7fa-13d0-4ffc-9878-097b4d6d81e4/1/bxCL1a3fq_FR2QeePT00Emlmb6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.124.0/24
185.144.115.0/24
IPv6:
2a0f:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
03:41:8d:3c:70:dd:8c:1a:1b:42:4b:36:3b:57:7e:fe:b3:6b:
94:b6:eb:f7:c5:5c:4b:3b:f0:7f:b8:6c:09:21:4a:b0:25:ea:
52:f8:ed:b3:df:f8:8a:83:1c:a6:a7:0f:ad:66:e9:0a:2d:8f:
cb:b2:cf:3b:40:53:08:2d:e3:8c:23:40:e8:f3:58:dd:b3:a4:
bb:11:76:aa:29:cc:37:79:bd:bb:ca:5a:69:54:f9:01:24:37:
52:15:0f:b8:ee:49:61:e6:80:bb:3e:f8:13:48:34:5a:f9:24:
3b:ed:75:d8:d8:25:3b:74:46:41:af:cc:ca:e8:7c:f7:78:6c:
22:8a:fb:98:c5:4d:41:1b:c0:01:5e:2d:e5:a8:b1:1c:57:15:
b2:6b:40:32:e8:16:75:a9:52:98:92:fa:66:60:a3:e2:b2:d0:
29:fa:74:ff:1f:cf:ca:f2:1a:29:23:45:4f:7f:ee:29:31:96:
22:45:90:4b:04:82:52:10:1e:dd:e1:ad:c5:a1:f5:1e:64:9d:
cb:d4:ac:94:6f:01:80:76:79:ae:55:70:e5:fd:de:52:8f:5c:
f5:0a:cf:59:a3:55:80:ed:78:0a:44:00:08:14:26:79:84:72:
a4:5a:93:54:4e:e6:44:1f:57:9d:44:97:55:30:ab:b8:59:2c:
a9:52:3a:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZGeRdX8+IaYzxjZ7dAsq3VfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTA4YmQ1YWRkZmFiZjE1MWQ5MDc5ZTNkM2QzNDEyNjk2
NjZmYTcwHhcNMjQwODI5MTMxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg0ZDQ5YjcwMDg5ZDlkY2UyYTUwNjVjMmRlNjFhYjE1ZDEyNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqU2XcbbYayMxHemVvz41t/pEW9s6
0ldyZ+MBt7HRb4RBLmtDUxne+hiJ6rhMOEiOB2TlmdTpePVgTzNXMBTosX71jLaJ
VO/rn53cb9rICRDKKDqEhosUBtqaRpxF4Zk2Ge8JxNaLORUXIVOIQYA9hdKFZgNT
yVFpZkAfyzBcJr6NblRk5rHQI+TIp6TRRL5eBtjz+Fc4HbO0q5bMR3BrTrMyGS+2
pp6Y9qZPQzK++tFs9ee7ZIzbg3mRxW6GkwxNUmRTC17gwAFxzoaCRGSPctG7r6w8
7nh9kU96YOn0TuDM+n2i9pvHTa/+zXrnYqMBMmliyibMOV59u+ovF4iwwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOWE1JtwCJ2dzipQZcLeYasV0SW8MB8GA1UdIwQY
MBaAFG8Qi9Wt36vxUdkHnj09NBJpZm+nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhDTDFhM2ZxX0ZSMlFlZVBUMDBFbWxtYjZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9iN2I3ZmEtMTNkMC00ZmZjLTk4Nzgt
MDk3YjRkNmQ4MWU0LzEvNVlUVW0zQUluWjNPS2xCbHd0NWhxeFhSSmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9iN2I3ZmEtMTNkMC00ZmZjLTk4NzgtMDk3YjRkNmQ4MWU0
LzEvYnhDTDFhM2ZxX0ZSMlFlZVBUMDBFbWxtYjZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWSJ8AwQA
uZBzMA0EAgACMAcDBQMqD6yAMA0GCSqGSIb3DQEBCwUAA4IBAQADQY08cN2MGhtC
SzY7V37+s2uUtuv3xVxLO/B/uGwJIUqwJepS+O2z3/iKgxympw+tZukKLY/Lss87
QFMILeOMI0Do81jds6S7EXaqKcw3eb27ylppVPkBJDdSFQ+47klh5oC7PvgTSDRa
+SQ77XXY2CU7dEZBr8zK6Hz3eGwiivuYxU1BG8ABXi3lqLEcVxWya0Ay6BZ1qVKY
kvpmYKPistAp+nT/H8/K8hopI0VPf+4pMZYiRZBLBIJSEB7d4a3FofUeZJ3L1KyU
bwGAdnmuVXDl/d5Sj1z1Cs9Zo1WA7XgKRAAIFCZ5hHKkWpNUTuZEH1edRJdVMKu4
WSypUjo0
-----END CERTIFICATE-----
Generated at Wed Dec 25 21:29:15 2024 by rpki-client on console.sobornost.net