Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/iQM89N-8pmdX0FKn2_ZUBdzCshE.roa
File: iQM89N-8pmdX0FKn2_ZUBdzCshE.roa (raw, json)
Hash identifier: NTnxEBzWzfIQmnb4pTpW6WXtbroKOIVyfaC55jLlJKo=
Subject key identifier: 89:03:3C:F4:DF:BC:A6:67:57:D0:52:A7:DB:F6:54:05:DC:C2:B2:11
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 0195D6F8E4F5791595BFC03B8D3A7470577E
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/iQM89N-8pmdX0FKn2_ZUBdzCshE.roa
Signing time: Thu 27 Mar 2025 09:39:50 +0000
ROA not before: Thu 27 Mar 2025 09:39:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9924
IP address blocks: 2.18.16.0/23 maxlen: 23
2.21.16.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d6:f8:e4:f5:79:15:95:bf:c0:3b:8d:3a:74:70:57:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 09:39:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89033cf4dfbca66757d052a7dbf65405dcc2b211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:70:6b:ac:ce:63:4f:69:73:be:3b:14:00:4a:
46:c8:69:8e:4c:3e:63:ae:6e:e8:12:2b:61:22:4a:
02:65:79:93:3c:cb:e5:80:5b:27:c2:94:c9:e6:1d:
8a:04:17:c6:95:b7:00:df:3e:aa:5f:bb:62:61:f5:
6d:e2:dd:4a:09:88:35:2d:a0:1a:a9:6f:a8:e4:45:
86:8d:12:cf:b4:e1:08:71:ec:99:34:a2:cd:08:b9:
6e:4a:89:b5:db:f6:b6:48:9e:50:ed:c4:c1:87:5e:
91:75:93:bc:f2:53:5a:c4:07:76:6f:a5:45:07:a9:
a6:af:27:ac:74:a8:26:ce:00:4f:d4:fc:bb:ee:09:
c6:f6:bb:61:96:5a:26:90:20:8f:40:d3:15:a9:00:
81:b2:b3:31:13:f4:bf:07:2a:46:c9:12:02:39:80:
f5:e2:92:f4:36:25:ab:3e:d6:8f:c8:81:db:ff:52:
f7:13:16:ce:d7:d1:7b:51:a9:ba:a7:a2:6b:f6:63:
8d:cf:32:eb:dc:41:c7:3f:4b:67:6a:eb:4d:53:12:
2b:4f:f8:9e:33:50:4a:ee:32:af:99:45:4c:b7:d7:
96:ba:6e:f3:c7:69:39:5b:85:54:f0:67:91:86:51:
d5:00:ee:b0:29:87:ee:4a:f7:53:2b:cb:a2:de:ff:
a0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:03:3C:F4:DF:BC:A6:67:57:D0:52:A7:DB:F6:54:05:DC:C2:B2:11
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/iQM89N-8pmdX0FKn2_ZUBdzCshE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.18.16.0/23
2.21.16.0/22
Signature Algorithm: sha256WithRSAEncryption
71:a7:cd:63:20:42:cd:9b:25:6c:4f:a3:01:45:c0:30:ff:7c:
a7:9e:d8:a1:fc:a8:cc:00:14:4b:ed:f9:d5:7e:b3:a4:28:c1:
a2:dd:44:c8:24:db:83:e2:69:6c:43:68:6b:e2:9e:01:f3:82:
06:e8:f6:0d:de:6d:c5:fc:3b:d3:7b:42:0b:b2:8b:b1:68:ae:
7c:31:7a:8f:40:a8:70:53:f3:68:82:84:e8:4d:74:da:95:dd:
17:b4:af:d1:56:8d:7f:cb:e7:84:d4:b0:fa:6f:9a:0c:22:54:
2f:21:e4:e4:9a:29:d8:0d:fb:54:3a:f8:e1:f0:f8:7b:a8:0c:
bb:30:a4:05:6d:61:2c:c1:f4:2e:64:cd:44:d1:cc:e0:92:90:
cc:86:97:85:4b:c3:59:c4:d0:53:04:21:37:fe:65:8b:fb:71:
e8:ad:e4:18:82:84:34:e1:fb:89:6b:26:bb:e1:14:91:7d:35:
c8:55:05:f4:2e:cf:84:0b:59:03:cd:aa:78:d3:a4:fd:c4:00:
4d:19:38:78:c7:f4:89:b9:4f:3f:4c:eb:79:de:f4:8a:62:93:
2b:a8:77:1d:0c:67:e0:09:2d:f5:a6:f6:0e:9f:56:2f:e0:e0:
90:85:2a:43:20:2c:49:31:b4:b8:d2:c1:ff:69:5f:95:67:0f:
13:29:35:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXW+OT1eRWVv8A7jTp0cFd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMzI3MDkzOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTAzM2NmNGRmYmNhNjY3NTdkMDUyYTdkYmY2NTQwNWRjYzJiMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3BrrM5jT2lzvjsUAEpGyGmOTD5j
rm7oEithIkoCZXmTPMvlgFsnwpTJ5h2KBBfGlbcA3z6qX7tiYfVt4t1KCYg1LaAa
qW+o5EWGjRLPtOEIceyZNKLNCLluSom12/a2SJ5Q7cTBh16RdZO88lNaxAd2b6VF
B6mmryesdKgmzgBP1Py77gnG9rthllomkCCPQNMVqQCBsrMxE/S/BypGyRICOYD1
4pL0NiWrPtaPyIHb/1L3ExbO19F7Uam6p6Jr9mONzzLr3EHHP0tnautNUxIrT/ie
M1BK7jKvmUVMt9eWum7zx2k5W4VU8GeRhlHVAO6wKYfuSvdTK8ui3v+giwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIkDPPTfvKZnV9BSp9v2VAXcwrIRMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvaVFNODlOLThwbWRYMEZLbjJfWlVCZHpDc2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBAhIQAwQC
AhUQMA0GCSqGSIb3DQEBCwUAA4IBAQBxp81jIELNmyVsT6MBRcAw/3ynntih/KjM
ABRL7fnVfrOkKMGi3UTIJNuD4mlsQ2hr4p4B84IG6PYN3m3F/DvTe0ILsouxaK58
MXqPQKhwU/NogoToTXTald0XtK/RVo1/y+eE1LD6b5oMIlQvIeTkminYDftUOvjh
8Ph7qAy7MKQFbWEswfQuZM1E0czgkpDMhpeFS8NZxNBTBCE3/mWL+3HoreQYgoQ0
4fuJaya74RSRfTXIVQX0Ls+EC1kDzap406T9xABNGTh4x/SJuU8/TOt53vSKYpMr
qHcdDGfgCS31pvYOn1Yv4OCQhSpDICxJMbS40sH/aV+VZw8TKTUm
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:19:57 2025 by rpki-client