Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/sbLvFMgj6Jq6Jzwq0zNNWs9TO5U.roa
File: sbLvFMgj6Jq6Jzwq0zNNWs9TO5U.roa (raw, json)
Hash identifier: RnEcO1PV1R8uV7pqkm7BEJzKyWQROhGQ8R28ZT/IOG0=
Subject key identifier: B1:B2:EF:14:C8:23:E8:9A:BA:27:3C:2A:D3:33:4D:5A:CF:53:3B:95
Certificate issuer: /CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8
Certificate serial: 019517DD2299DA2667A8A16AB87477C965DB
Authority key identifier: 85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/sbLvFMgj6Jq6Jzwq0zNNWs9TO5U.roa
Signing time: Tue 18 Feb 2025 07:02:03 +0000
ROA not before: Tue 18 Feb 2025 07:02:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214418
IP address blocks: 89.40.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:17:dd:22:99:da:26:67:a8:a1:6a:b8:74:77:c9:65:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8
Validity
Not Before: Feb 18 07:02:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1b2ef14c823e89aba273c2ad3334d5acf533b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e3:50:8e:8e:6b:9a:c5:b7:15:81:a9:79:c3:
45:39:7e:26:39:aa:66:ec:41:5c:2c:5d:1e:1c:d2:
cf:2e:09:3f:ca:75:b0:58:4a:35:c2:46:f9:f4:91:
2e:0d:56:5c:80:e7:b6:f1:3c:cd:43:19:b6:10:ab:
9c:43:3d:6a:18:a4:08:85:48:da:80:d6:b4:84:2e:
84:10:fb:3b:62:b6:3c:13:b2:f1:f1:5c:ab:7a:d1:
fe:75:6c:b9:ca:db:3d:5a:88:b1:ae:e3:95:db:bc:
9c:08:d9:bc:d2:c8:cf:44:ac:a3:2b:7f:fc:1c:b4:
b9:da:1c:0d:33:7d:a6:3c:24:d1:f1:fa:7e:a8:48:
15:5a:03:24:7f:80:ea:f1:8d:39:30:f7:d5:cc:37:
fa:9a:fa:96:52:55:00:96:86:fb:01:a6:23:f7:0c:
60:4f:05:91:21:95:5a:0e:cb:89:fb:bf:42:1a:42:
ae:08:b5:92:f2:1f:c5:1c:42:70:bc:bf:c0:8d:9f:
5c:d1:88:f5:bf:43:e9:df:de:4e:53:51:39:05:fb:
a4:2a:2e:4a:f0:df:92:ad:18:11:ed:a9:7c:e3:3f:
9b:4d:34:34:c1:37:b4:2c:ce:dd:25:d0:a9:63:1a:
3e:04:fa:c7:e1:2a:55:2a:a3:12:d8:6e:a2:34:d0:
ec:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B2:EF:14:C8:23:E8:9A:BA:27:3C:2A:D3:33:4D:5A:CF:53:3B:95
X509v3 Authority Key Identifier:
keyid:85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/sbLvFMgj6Jq6Jzwq0zNNWs9TO5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.27.0/24
Signature Algorithm: sha256WithRSAEncryption
22:a3:b6:c1:57:46:76:14:ff:98:7d:e7:dc:84:de:ab:64:9f:
7a:be:1c:3c:8a:56:a4:55:aa:d5:28:7d:52:3e:67:8b:5e:43:
bb:84:cd:24:42:32:96:5b:d3:b6:58:e8:98:c3:31:18:ad:9b:
2d:5a:0d:04:dd:bd:0a:3e:a5:fb:de:a2:48:6d:5c:c3:d7:10:
a1:86:a9:02:99:a5:1d:af:36:66:5d:03:d4:5a:ef:86:9f:88:
9b:65:02:79:2e:31:39:db:46:f0:79:96:96:3d:61:8c:59:cf:
f8:aa:fb:c5:cf:3b:5f:a7:13:53:81:f4:b6:04:89:6b:ea:31:
93:88:34:ba:ba:73:51:a7:65:fa:fc:5e:25:99:3c:24:66:04:
84:3f:ba:64:93:72:6d:65:d0:ad:8c:8d:50:2b:ec:87:3e:e7:
22:6a:a4:e1:04:ea:66:a3:99:54:9b:b4:33:ea:7e:e6:f5:89:
86:26:06:77:cb:88:5d:e8:0f:07:86:02:79:5e:ef:50:ce:ec:
ef:77:ab:aa:9b:6e:24:3c:f9:ef:52:48:bb:53:31:cb:42:4f:
65:3d:51:c4:8f:0c:e4:c3:d6:b9:0d:2d:1e:96:1a:c2:0a:7c:
c2:6c:c6:69:89:dc:aa:9d:ae:12:55:ee:71:cf:b5:b4:22:75:
09:65:12:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUX3SKZ2iZnqKFquHR3yWXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1Zjg3MDExOWU1OTIxYmYxMjQ5NWRjOTAyZGNmZTNkOGQ0
YTM3ZDgwHhcNMjUwMjE4MDcwMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWIyZWYxNGM4MjNlODlhYmEyNzNjMmFkMzMzNGQ1YWNmNTMzYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+NQjo5rmsW3FYGpecNFOX4mOapm
7EFcLF0eHNLPLgk/ynWwWEo1wkb59JEuDVZcgOe28TzNQxm2EKucQz1qGKQIhUja
gNa0hC6EEPs7YrY8E7Lx8VyretH+dWy5yts9WoixruOV27ycCNm80sjPRKyjK3/8
HLS52hwNM32mPCTR8fp+qEgVWgMkf4Dq8Y05MPfVzDf6mvqWUlUAlob7AaYj9wxg
TwWRIZVaDsuJ+79CGkKuCLWS8h/FHEJwvL/AjZ9c0Yj1v0Pp395OU1E5BfukKi5K
8N+SrRgR7al84z+bTTQ0wTe0LM7dJdCpYxo+BPrH4SpVKqMS2G6iNNDsYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLGy7xTII+iauic8KtMzTVrPUzuVMB8GA1UdIwQY
MBaAFIX4cBGeWSG/EkldyQLc/j2NSjfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTIt
ZWE4NGE1MWViM2RjLzEvc2JMdkZNZ2o2SnE2Snp3cTB6Tk5XczlUTzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTItZWE4NGE1MWViM2Rj
LzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSgbMA0G
CSqGSIb3DQEBCwUAA4IBAQAio7bBV0Z2FP+YfefchN6rZJ96vhw8ilakVarVKH1S
PmeLXkO7hM0kQjKWW9O2WOiYwzEYrZstWg0E3b0KPqX73qJIbVzD1xChhqkCmaUd
rzZmXQPUWu+Gn4ibZQJ5LjE520bweZaWPWGMWc/4qvvFzztfpxNTgfS2BIlr6jGT
iDS6unNRp2X6/F4lmTwkZgSEP7pkk3JtZdCtjI1QK+yHPuciaqThBOpmo5lUm7Qz
6n7m9YmGJgZ3y4hd6A8HhgJ5Xu9Qzuzvd6uqm24kPPnvUki7UzHLQk9lPVHEjwzk
w9a5DS0elhrCCnzCbMZpidyqna4SVe5xz7W0InUJZRIk
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:53:46 2025 by rpki-client on console.sobornost.net