Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/rfAqhHSyB0bVC5i8dVtfZe-treM.roa
File: rfAqhHSyB0bVC5i8dVtfZe-treM.roa (raw, json)
Hash identifier: tI9pAzBOPcqsKJP119w8Wmg6uhaucxG8mazRidS4T3g=
Subject key identifier: AD:F0:2A:84:74:B2:07:46:D5:0B:98:BC:75:5B:5F:65:EF:AD:AD:E3
Certificate issuer: /CN=cb889feed135dc03492d8b3e828c7309587d1411
Certificate serial: 019426D956AB5A39A88972BB3F8A207BC882
Authority key identifier: CB:88:9F:EE:D1:35:DC:03:49:2D:8B:3E:82:8C:73:09:58:7D:14:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y4if7tE13ANJLYs-goxzCVh9FBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/rfAqhHSyB0bVC5i8dVtfZe-treM.roa
Signing time: Thu 02 Jan 2025 11:49:25 +0000
ROA not before: Thu 02 Jan 2025 11:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4749
IP address blocks: 147.189.32.0/23 maxlen: 23
147.189.32.0/24 maxlen: 24
147.189.33.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:56:ab:5a:39:a8:89:72:bb:3f:8a:20:7b:c8:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb889feed135dc03492d8b3e828c7309587d1411
Validity
Not Before: Jan 2 11:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adf02a8474b20746d50b98bc755b5f65efadade3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:23:50:c8:bd:10:b5:5c:3b:fe:ba:bd:6d:6a:
dc:77:4f:e5:df:55:a3:fd:f3:71:78:fe:5a:4b:39:
1a:b5:8b:e0:fe:28:fd:14:cc:af:78:7c:60:0c:2a:
a3:e1:fb:66:10:25:2e:3e:eb:cc:44:fc:ea:2f:d3:
17:08:0c:2d:03:5d:9e:50:39:e8:70:f5:7f:6e:48:
74:80:c0:73:11:a3:97:35:50:34:28:80:08:27:21:
d9:bf:e9:e1:e4:13:6f:93:2e:c4:0b:92:5e:de:d4:
10:3b:8b:3e:98:e4:40:f8:bd:89:b8:af:b7:c0:53:
ba:42:af:55:c3:78:a5:94:2c:0c:01:f6:33:7c:9a:
e9:bb:b9:44:ff:68:96:67:b7:91:4f:48:cd:d0:49:
96:a7:cb:e6:29:47:d8:41:88:03:ab:30:8e:fd:98:
a0:57:2f:b2:a2:d8:d4:4d:2b:0d:4b:4f:7f:03:4f:
ae:ff:6a:08:32:2f:45:0e:91:a5:39:3f:f7:e9:12:
c1:c6:ce:7c:d6:e8:3f:3c:f9:b2:37:9b:cf:56:48:
66:f9:d6:02:20:7a:f9:cc:f7:a5:c6:ea:63:13:c1:
e7:45:a5:94:da:e1:81:8a:a5:81:af:65:00:0e:d6:
72:74:91:49:a3:e1:3b:56:d2:1a:70:e5:67:fd:cc:
e3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F0:2A:84:74:B2:07:46:D5:0B:98:BC:75:5B:5F:65:EF:AD:AD:E3
X509v3 Authority Key Identifier:
keyid:CB:88:9F:EE:D1:35:DC:03:49:2D:8B:3E:82:8C:73:09:58:7D:14:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y4if7tE13ANJLYs-goxzCVh9FBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/rfAqhHSyB0bVC5i8dVtfZe-treM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/df0e81-bdcb-4a24-8435-c1f12e58fedd/1/y4if7tE13ANJLYs-goxzCVh9FBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.32.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:d4:b5:a3:f9:b8:e4:f3:89:20:29:a4:a1:47:4a:70:52:eb:
4f:b7:b9:a6:69:7f:cd:fa:a5:55:37:5f:b4:8e:8a:f4:8f:11:
47:d3:eb:51:df:8b:16:9d:ea:24:68:29:64:fb:e7:d3:73:35:
fa:a2:32:01:fb:e5:0f:7d:51:ea:ca:5a:e6:0c:ce:74:37:d5:
16:f2:1a:20:f0:ef:ed:c3:c7:35:95:50:40:56:48:cf:f4:b8:
a4:5e:c7:14:51:ec:6e:12:7b:b0:13:9e:af:98:1d:14:fe:80:
4e:02:33:d6:6f:1f:0e:89:6b:bc:e6:fd:39:19:66:95:a4:cd:
40:c2:74:9d:64:90:20:cf:5e:21:40:4b:cb:3e:28:da:b0:b5:
5d:f3:ba:b4:b3:f9:bc:b4:bb:88:09:5e:f6:7d:b6:4a:dc:84:
e1:6e:1d:9d:56:ca:6d:27:4d:17:d4:b1:eb:ab:ad:0e:59:8b:
a3:e7:47:d4:64:6c:44:63:3b:e0:e7:46:c5:20:a8:ff:63:dc:
2f:3f:6d:fa:ae:f4:84:d6:1a:b2:94:62:f8:93:98:ee:14:9d:
91:58:9e:ec:2f:29:9c:31:36:d5:6a:91:3d:b1:40:1f:3e:bd:
a1:59:a3:d4:41:19:f2:87:29:e5:12:51:3c:c2:02:7f:4d:42:
1c:74:7f:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2VarWjmoiXK7P4oge8iCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiODg5ZmVlZDEzNWRjMDM0OTJkOGIzZTgyOGM3MzA5NTg3
ZDE0MTEwHhcNMjUwMTAyMTE0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGYwMmE4NDc0YjIwNzQ2ZDUwYjk4YmM3NTViNWY2NWVmYWRhZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyNQyL0QtVw7/rq9bWrcd0/l31Wj
/fNxeP5aSzkatYvg/ij9FMyveHxgDCqj4ftmECUuPuvMRPzqL9MXCAwtA12eUDno
cPV/bkh0gMBzEaOXNVA0KIAIJyHZv+nh5BNvky7EC5Je3tQQO4s+mORA+L2JuK+3
wFO6Qq9Vw3illCwMAfYzfJrpu7lE/2iWZ7eRT0jN0EmWp8vmKUfYQYgDqzCO/Zig
Vy+yotjUTSsNS09/A0+u/2oIMi9FDpGlOT/36RLBxs581ug/PPmyN5vPVkhm+dYC
IHr5zPelxupjE8HnRaWU2uGBiqWBr2UADtZydJFJo+E7VtIacOVn/czjCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK3wKoR0sgdG1QuYvHVbX2Xvra3jMB8GA1UdIwQY
MBaAFMuIn+7RNdwDSS2LPoKMcwlYfRQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTRpZjd0RTEzQU5KTFlzLWdveHpDVmg5RkJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9kZjBlODEtYmRjYi00YTI0LTg0MzUt
YzFmMTJlNThmZWRkLzEvcmZBcWhIU3lCMGJWQzVpOGRWdGZaZS10cmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9kZjBlODEtYmRjYi00YTI0LTg0MzUtYzFmMTJlNThmZWRk
LzEveTRpZjd0RTEzQU5KTFlzLWdveHpDVmg5RkJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk70gMA0G
CSqGSIb3DQEBCwUAA4IBAQAt1LWj+bjk84kgKaShR0pwUutPt7mmaX/N+qVVN1+0
jor0jxFH0+tR34sWneokaClk++fTczX6ojIB++UPfVHqylrmDM50N9UW8hog8O/t
w8c1lVBAVkjP9LikXscUUexuEnuwE56vmB0U/oBOAjPWbx8OiWu85v05GWaVpM1A
wnSdZJAgz14hQEvLPijasLVd87q0s/m8tLuICV72fbZK3IThbh2dVsptJ00X1LHr
q60OWYuj50fUZGxEYzvg50bFIKj/Y9wvP236rvSE1hqylGL4k5juFJ2RWJ7sLymc
MTbVapE9sUAfPr2hWaPUQRnyhynlElE8wgJ/TUIcdH8R
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:36:10 2025 by rpki-client