Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/irmafOolxajIUAAu4T-WCDDYGuE.roa
File: irmafOolxajIUAAu4T-WCDDYGuE.roa (raw, json)
Hash identifier: B2dN9t4bHqneaqFXcxWnKXREXDW4ZcJ7+Z7DVVfobpU=
Subject key identifier: 8A:B9:9A:7C:EA:25:C5:A8:C8:50:00:2E:E1:3F:96:08:30:D8:1A:E1
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 019538BAD3BFCD93D628CA6816D01690A707
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/irmafOolxajIUAAu4T-WCDDYGuE.roa
Signing time: Mon 24 Feb 2025 16:12:02 +0000
ROA not before: Mon 24 Feb 2025 16:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41852
IP address blocks: 89.39.72.0/22 maxlen: 24
2a03:9c20:4000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:38:ba:d3:bf:cd:93:d6:28:ca:68:16:d0:16:90:a7:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Feb 24 16:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ab99a7cea25c5a8c850002ee13f960830d81ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:11:c4:b5:70:db:ed:84:1e:e3:f1:2e:8f:84:
40:84:ec:00:69:13:72:a5:e6:5a:3a:39:e6:00:8f:
9a:c0:a5:e4:98:49:4e:93:91:5a:62:5f:c1:80:ed:
77:4d:4c:d9:cd:17:09:5f:14:df:98:a5:5a:a0:0a:
c6:07:8f:06:24:c9:6c:a9:1b:a7:a0:e9:ee:28:89:
39:b3:50:6b:2c:91:05:5a:b2:d1:5f:5a:0b:77:46:
e7:3e:36:10:de:e3:91:59:08:10:b9:69:3a:c5:78:
df:85:80:d5:2d:72:88:c8:45:52:de:dd:c2:9e:e1:
f6:50:9a:6d:1a:84:60:96:20:ab:66:71:76:61:9c:
ff:b7:63:19:b2:07:aa:8f:76:b7:a0:63:b8:4b:af:
4e:a6:96:b5:09:a4:0d:35:2c:28:b9:7f:9f:f5:f6:
c9:92:37:4c:5c:99:05:c2:d4:fd:5f:9f:5b:9e:69:
41:91:f8:d1:b9:cd:b3:84:51:92:57:f0:82:00:ff:
74:41:bd:e8:de:2d:61:5f:64:e9:8f:67:04:5e:1f:
34:f1:27:9e:4e:ec:c3:aa:d0:04:1b:c6:e1:3d:37:
ee:c2:17:80:75:a5:0d:aa:e6:e9:9a:a3:4f:ec:83:
a5:82:08:58:39:ec:f7:92:eb:d4:ed:fc:6b:28:33:
e9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B9:9A:7C:EA:25:C5:A8:C8:50:00:2E:E1:3F:96:08:30:D8:1A:E1
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/irmafOolxajIUAAu4T-WCDDYGuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.72.0/22
IPv6:
2a03:9c20:4000::/36
Signature Algorithm: sha256WithRSAEncryption
48:b4:d9:dc:9e:c9:48:91:8c:14:f2:21:1e:ac:90:4c:dc:c9:
d1:15:5c:a5:ba:fa:b9:2f:e2:5f:a0:60:05:61:8b:20:80:51:
ea:a7:41:3e:e3:6c:f8:2d:ca:23:d7:64:8b:de:8e:c2:49:e2:
98:9c:30:e5:6a:6d:c8:0c:07:8c:c9:8b:1f:9c:86:5e:4b:d2:
bb:4a:94:47:db:82:61:4e:df:2b:c4:cd:fc:77:7f:d5:e8:a5:
8e:55:e9:0b:b2:d0:bd:28:46:b1:44:c8:63:c9:f4:53:bd:81:
05:44:90:5a:b0:cd:64:9b:70:be:a1:b0:d5:af:54:80:e3:c6:
a6:35:3a:6d:e1:fa:73:58:3e:3b:f8:c5:5d:86:e8:6e:29:d8:
7f:36:74:3a:47:17:ac:16:d2:76:60:7f:1a:d9:05:70:0a:99:
c3:3c:f5:79:ac:85:10:1d:22:af:58:98:b7:c5:2f:fa:f8:b9:
5a:9c:6e:3f:26:b9:36:ef:4e:8c:35:a2:8b:fc:44:26:d5:43:
fc:ee:7b:11:e4:56:53:20:90:80:c7:3d:46:11:4e:f4:42:7d:
77:e7:0a:b7:85:43:85:61:56:d0:b1:f5:33:14:e4:ec:0f:ea:
e3:0f:53:2a:9c:a0:5a:16:d0:65:5e:4a:38:07:85:fd:cf:7f:
be:d6:e1:2d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZU4utO/zZPWKMpoFtAWkKcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjUwMjI0MTYxMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWI5OWE3Y2VhMjVjNWE4Yzg1MDAwMmVlMTNmOTYwODMwZDgxYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BHEtXDb7YQe4/Euj4RAhOwAaRNy
peZaOjnmAI+awKXkmElOk5FaYl/BgO13TUzZzRcJXxTfmKVaoArGB48GJMlsqRun
oOnuKIk5s1BrLJEFWrLRX1oLd0bnPjYQ3uORWQgQuWk6xXjfhYDVLXKIyEVS3t3C
nuH2UJptGoRgliCrZnF2YZz/t2MZsgeqj3a3oGO4S69Oppa1CaQNNSwouX+f9fbJ
kjdMXJkFwtT9X59bnmlBkfjRuc2zhFGSV/CCAP90Qb3o3i1hX2Tpj2cEXh808See
TuzDqtAEG8bhPTfuwheAdaUNqubpmqNP7IOlgghYOez3kuvU7fxrKDPpFQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIq5mnzqJcWoyFAALuE/lggw2BrhMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvaXJtYWZPb2x4YWpJVUFBdTRULVdDRERZR3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCWSdIMA4E
AgACMAgDBgQqA5wgQDANBgkqhkiG9w0BAQsFAAOCAQEASLTZ3J7JSJGMFPIhHqyQ
TNzJ0RVcpbr6uS/iX6BgBWGLIIBR6qdBPuNs+C3KI9dki96OwknimJww5WptyAwH
jMmLH5yGXkvSu0qUR9uCYU7fK8TN/Hd/1eiljlXpC7LQvShGsUTIY8n0U72BBUSQ
WrDNZJtwvqGw1a9UgOPGpjU6beH6c1g+O/jFXYbobinYfzZ0OkcXrBbSdmB/GtkF
cAqZwzz1eayFEB0ir1iYt8Uv+vi5WpxuPya5Nu9OjDWii/xEJtVD/O57EeRWUyCQ
gMc9RhFO9EJ9d+cKt4VDhWFW0LH1MxTk7A/q4w9TKpygWhbQZV5KOAeF/c9/vtbh
LQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:32:04 2025 by rpki-client