Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/0esZKuZd06vTF3egbk7SFqajsIo.roa
File: 0esZKuZd06vTF3egbk7SFqajsIo.roa (raw, json)
Hash identifier: P0O/NDwq3sTeK/AsSKKPK6Qr+cdWA34yW0U7UgVxZHg=
Subject key identifier: D1:EB:19:2A:E6:5D:D3:AB:D3:17:77:A0:6E:4E:D2:16:A6:A3:B0:8A
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0194221F922DAD250933E30352E832948DD1
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/0esZKuZd06vTF3egbk7SFqajsIo.roa
Signing time: Wed 01 Jan 2025 13:48:01 +0000
ROA not before: Wed 01 Jan 2025 13:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205343
IP address blocks: 89.252.206.0/24 maxlen: 24
89.252.207.0/24 maxlen: 24
89.252.242.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:92:2d:ad:25:09:33:e3:03:52:e8:32:94:8d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 1 13:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1eb192ae65dd3abd31777a06e4ed216a6a3b08a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4b:b5:29:2d:b8:95:57:6d:5c:fe:20:9f:dc:
3b:6a:e6:a3:f8:1a:d4:f3:dc:90:07:af:67:07:0b:
1a:9f:a1:a1:cf:7a:7c:3f:1e:6c:43:6c:b5:46:89:
85:97:eb:6d:57:1c:a8:dc:8f:53:78:37:32:76:cf:
a5:d1:bb:a5:aa:90:bd:f6:ee:79:7b:7c:a5:8f:af:
4b:74:8b:6c:12:3d:2e:2c:86:c5:58:66:ab:5a:40:
80:1d:68:b2:ec:19:e7:79:7c:f2:43:a7:d7:b9:f3:
15:14:cf:41:22:4f:05:39:e8:c1:47:24:48:48:df:
73:d1:cd:ce:ca:11:cf:75:7c:5b:19:9f:91:e1:8d:
00:f4:94:c3:ce:0a:af:b9:57:d0:4c:84:7d:aa:92:
2c:08:aa:c9:c1:56:01:97:46:48:fa:47:4c:c6:46:
dc:91:70:75:0e:00:fa:0a:47:7b:c5:53:f5:cc:c9:
39:d2:69:9f:79:26:fc:e3:49:37:f6:b0:b2:1c:10:
24:a0:7a:a7:e1:e5:4c:d9:c1:fe:81:4c:20:3a:90:
6a:b2:76:e2:90:a0:bd:6e:07:96:96:2b:7c:fa:4f:
96:0c:98:aa:60:27:32:42:7d:c6:62:22:81:b1:3c:
5b:68:13:35:a0:f5:8f:10:ad:67:72:9f:e5:bf:6b:
67:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:EB:19:2A:E6:5D:D3:AB:D3:17:77:A0:6E:4E:D2:16:A6:A3:B0:8A
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/0esZKuZd06vTF3egbk7SFqajsIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.206.0/23
89.252.242.0/23
Signature Algorithm: sha256WithRSAEncryption
d7:41:04:49:5f:bb:9c:44:77:42:3f:91:c5:28:24:23:7a:6c:
32:53:ad:e5:67:7a:f2:61:fe:49:b7:e3:cd:0b:ef:b4:00:6d:
21:11:ef:25:0e:5b:77:d8:ea:34:c3:01:d5:ff:1d:18:cf:ad:
ce:75:d0:3c:30:ae:50:f5:46:8c:dc:4d:17:8f:52:66:fc:c3:
28:ef:a0:af:aa:ac:d7:91:77:59:3a:70:d6:b5:25:80:2d:30:
f4:b4:44:fa:11:ac:75:df:85:96:ab:b3:7f:00:01:b4:93:0c:
18:8d:2d:a0:2b:a7:49:82:92:b3:39:54:8e:b5:5c:35:15:68:
2a:8b:21:cd:a8:0d:95:5b:c8:4f:84:8f:46:e0:c4:9f:c7:4a:
26:20:f4:30:a1:32:c1:5a:e3:c2:59:91:36:d7:4f:73:8f:b8:
2d:6d:a5:5f:7a:be:f8:62:5b:93:22:93:02:57:0f:0f:28:20:
4f:82:33:f4:2d:55:6f:34:54:23:ff:f5:37:25:7b:54:0e:e1:
9b:b5:24:fb:c0:04:35:09:d0:56:35:9c:bc:1d:e7:78:a7:a4:
03:85:c2:b0:eb:17:15:78:12:5b:f5:6e:44:c4:99:8c:30:25:
99:7b:55:21:b2:1e:83:a5:b7:f9:b6:c7:98:eb:15:c1:5b:54:
d1:35:82:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQiH5ItrSUJM+MDUugylI3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjUwMTAxMTM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWViMTkyYWU2NWRkM2FiZDMxNzc3YTA2ZTRlZDIxNmE2YTNiMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUu1KS24lVdtXP4gn9w7auaj+BrU
89yQB69nBwsan6Ghz3p8Px5sQ2y1RomFl+ttVxyo3I9TeDcyds+l0bulqpC99u55
e3ylj69LdItsEj0uLIbFWGarWkCAHWiy7BnneXzyQ6fXufMVFM9BIk8FOejBRyRI
SN9z0c3OyhHPdXxbGZ+R4Y0A9JTDzgqvuVfQTIR9qpIsCKrJwVYBl0ZI+kdMxkbc
kXB1DgD6Ckd7xVP1zMk50mmfeSb840k39rCyHBAkoHqn4eVM2cH+gUwgOpBqsnbi
kKC9bgeWlit8+k+WDJiqYCcyQn3GYiKBsTxbaBM1oPWPEK1ncp/lv2tnFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNHrGSrmXdOr0xd3oG5O0hamo7CKMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvMGVzWkt1WmQwNnZURjNlZ2JrN1NGcWFqc0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWfzOAwQB
WfzyMA0GCSqGSIb3DQEBCwUAA4IBAQDXQQRJX7ucRHdCP5HFKCQjemwyU63lZ3ry
Yf5Jt+PNC++0AG0hEe8lDlt32Oo0wwHV/x0Yz63OddA8MK5Q9UaM3E0Xj1Jm/MMo
76CvqqzXkXdZOnDWtSWALTD0tET6Eax134WWq7N/AAG0kwwYjS2gK6dJgpKzOVSO
tVw1FWgqiyHNqA2VW8hPhI9G4MSfx0omIPQwoTLBWuPCWZE2109zj7gtbaVfer74
YluTIpMCVw8PKCBPgjP0LVVvNFQj//U3JXtUDuGbtST7wAQ1CdBWNZy8Hed4p6QD
hcKw6xcVeBJb9W5ExJmMMCWZe1Uhsh6Dpbf5tseY6xXBW1TRNYLa
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:04 2025 by rpki-client on console.sobornost.net