Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/dsp7kqVP0MzNdwTliVhJeAMNQ1g.roa
File: dsp7kqVP0MzNdwTliVhJeAMNQ1g.roa (raw, json)
Hash identifier: OcOQ2uKsSo0YuxZEB31opI6ZblHX6qOV3I408glZcv0=
Subject key identifier: 76:CA:7B:92:A5:4F:D0:CC:CD:77:04:E5:89:58:49:78:03:0D:43:58
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 019420D61E11674C2F154CA0DEC92A630344
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/dsp7kqVP0MzNdwTliVhJeAMNQ1g.roa
Signing time: Wed 01 Jan 2025 07:48:10 +0000
ROA not before: Wed 01 Jan 2025 07:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216314
IP address blocks: 89.43.40.0/24 maxlen: 24
89.43.42.0/24 maxlen: 24
89.43.43.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:1e:11:67:4c:2f:15:4c:a0:de:c9:2a:63:03:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 1 07:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76ca7b92a54fd0cccd7704e589584978030d4358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f5:47:d8:7d:cf:1c:32:ca:5e:f6:0b:49:4c:
90:e9:7f:32:74:86:fb:ed:4b:7e:06:a0:d0:db:41:
21:03:95:b1:c4:1c:1e:4b:b0:49:20:5b:4a:7d:7e:
eb:7c:bf:d3:d9:55:3c:b1:9a:0b:e4:11:ed:80:d5:
34:13:b6:5c:ad:68:f8:ce:60:e6:ef:35:1d:fd:fe:
7c:cc:62:dc:1f:97:34:c7:28:66:ed:84:d2:c9:19:
6c:cb:c1:84:4a:dc:60:ea:b5:6a:b3:2d:c6:c3:0c:
b7:9f:16:e0:a3:2c:89:54:b5:f7:0c:bf:9f:43:7d:
b5:60:4b:5a:b9:8c:8d:0e:2d:2b:6d:52:77:8c:48:
f6:54:40:8c:35:14:61:ec:e4:74:52:56:b6:f7:a0:
30:9a:16:d3:5e:7f:81:9a:12:bb:ab:50:b7:13:24:
f9:d5:db:28:4d:e2:94:d7:cc:3c:eb:b9:f8:42:94:
15:27:9d:6a:0b:80:5e:80:21:41:3e:32:f5:21:7c:
6d:d9:99:21:00:52:9d:21:81:a6:79:69:58:5d:70:
82:a0:e5:54:e4:3f:a3:e4:44:14:24:b6:8c:f8:fc:
41:9b:9c:92:91:0e:81:c4:d8:76:f9:5b:67:ab:2e:
c1:65:3b:b3:95:62:6e:ec:a8:cb:0a:91:c1:83:2c:
67:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CA:7B:92:A5:4F:D0:CC:CD:77:04:E5:89:58:49:78:03:0D:43:58
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/dsp7kqVP0MzNdwTliVhJeAMNQ1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.40.0/24
89.43.42.0-89.43.44.255
Signature Algorithm: sha256WithRSAEncryption
b0:2c:26:26:97:75:aa:83:aa:df:9a:4f:ce:95:25:20:73:74:
29:48:79:f2:37:d0:6c:8e:f6:f3:bc:bb:64:8f:34:1b:06:9b:
c8:f1:bf:4a:9c:31:89:d5:3d:2c:ee:d6:28:e9:98:63:8c:74:
0c:c5:ac:a1:98:36:65:45:60:f8:c5:6e:36:83:94:00:e5:6b:
ea:20:91:e9:ec:a0:1a:66:3b:89:6a:13:43:ed:19:b2:ee:2d:
ec:70:27:52:81:40:98:17:52:82:4a:0f:38:d8:e2:e0:73:36:
d8:4c:a6:4c:82:35:9a:5e:b8:16:7e:3f:8a:0c:86:f1:b2:2c:
47:de:14:04:ac:52:9f:16:c8:cc:a4:0e:1b:5c:26:e8:2b:03:
5d:0a:42:96:ff:36:48:b7:66:51:12:a3:3a:1c:0c:cd:94:73:
cb:2d:74:a6:14:6a:81:75:39:91:f7:0d:d5:4f:6b:68:07:17:
4d:4d:97:37:4f:9d:85:2d:6e:ac:71:07:22:7f:5f:36:64:17:
f2:ec:b2:d6:66:bd:76:4b:9c:c8:02:1e:ca:5e:4d:b2:f5:33:
d3:5b:a6:3d:af:81:05:89:1e:2b:df:cf:78:8e:39:fb:0c:56:
ac:66:62:d5:2c:6a:02:01:4a:f7:08:05:ef:1d:e5:7e:5c:a8:
1f:88:0c:12
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQg1h4RZ0wvFUyg3skqYwNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwMTAxMDc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmNhN2I5MmE1NGZkMGNjY2Q3NzA0ZTU4OTU4NDk3ODAzMGQ0MzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvVH2H3PHDLKXvYLSUyQ6X8ydIb7
7Ut+BqDQ20EhA5WxxBweS7BJIFtKfX7rfL/T2VU8sZoL5BHtgNU0E7ZcrWj4zmDm
7zUd/f58zGLcH5c0xyhm7YTSyRlsy8GEStxg6rVqsy3Gwwy3nxbgoyyJVLX3DL+f
Q321YEtauYyNDi0rbVJ3jEj2VECMNRRh7OR0Ula296AwmhbTXn+BmhK7q1C3EyT5
1dsoTeKU18w867n4QpQVJ51qC4BegCFBPjL1IXxt2ZkhAFKdIYGmeWlYXXCCoOVU
5D+j5EQUJLaM+PxBm5ySkQ6BxNh2+Vtnqy7BZTuzlWJu7KjLCpHBgyxnjwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHbKe5KlT9DMzXcE5YlYSXgDDUNYMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvZHNwN2txVlAwTXpOZHdUbGlWaEplQU1OUTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWSsoMAwD
BAFZKyoDBABZKywwDQYJKoZIhvcNAQELBQADggEBALAsJiaXdaqDqt+aT86VJSBz
dClIefI30GyO9vO8u2SPNBsGm8jxv0qcMYnVPSzu1ijpmGOMdAzFrKGYNmVFYPjF
bjaDlADla+ogkensoBpmO4lqE0PtGbLuLexwJ1KBQJgXUoJKDzjY4uBzNthMpkyC
NZpeuBZ+P4oMhvGyLEfeFASsUp8WyMykDhtcJugrA10KQpb/Nki3ZlESozocDM2U
c8stdKYUaoF1OZH3DdVPa2gHF01NlzdPnYUtbqxxByJ/XzZkF/LsstZmvXZLnMgC
HspeTbL1M9Nbpj2vgQWJHivfz3iOOfsMVqxmYtUsagIBSvcIBe8d5X5cqB+IDBI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:52:10 2025 by rpki-client