Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/vwj5b3DqyVgyISEqK_9xSSm9SZo.roa
File: vwj5b3DqyVgyISEqK_9xSSm9SZo.roa (raw, json)
Hash identifier: fEuDnN+7aG1yGh01ceefr1vb/lHLzh+afq4/JfqVebQ=
Subject key identifier: BF:08:F9:6F:70:EA:C9:58:32:21:21:2A:2B:FF:71:49:29:BD:49:9A
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019484B07FD98E3795E1B2C6919754193FAD
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/vwj5b3DqyVgyISEqK_9xSSm9SZo.roa
Signing time: Mon 20 Jan 2025 17:09:07 +0000
ROA not before: Mon 20 Jan 2025 17:09:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 89.42.213.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:84:b0:7f:d9:8e:37:95:e1:b2:c6:91:97:54:19:3f:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 20 17:09:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf08f96f70eac9583221212a2bff714929bd499a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:ff:63:55:03:1e:c6:7e:ac:94:8b:ce:f3:9f:
cb:c4:5a:cf:fc:31:7f:d0:ea:6d:3b:f5:bd:49:bb:
09:d0:b0:9d:42:43:02:0c:21:26:66:c6:52:1d:7e:
33:13:f8:b4:38:27:59:8b:ce:b9:92:25:ea:bd:18:
70:59:2a:fe:dd:34:34:a9:f9:a3:80:a9:5b:92:d1:
a5:91:a8:cd:1d:51:9b:1a:f0:70:e4:85:54:5e:89:
59:09:06:9e:bc:e2:e5:2f:6d:c4:3f:4c:f5:fa:dc:
69:af:54:c6:59:b9:d9:71:96:e8:2e:98:18:f7:b3:
30:e6:bf:8b:a9:e6:1d:f7:da:49:2d:7e:ef:e4:27:
42:de:41:c7:b6:d5:0e:48:28:c6:26:23:f7:f9:88:
32:28:b9:46:79:80:2c:6d:39:82:ed:60:60:84:b0:
d0:36:35:ff:b7:36:49:84:48:f9:76:a4:95:a2:7b:
1c:4f:14:ed:32:cb:18:0d:76:6a:b7:96:49:b1:ab:
8c:7c:a2:c3:ab:c2:fc:e0:f7:e9:cc:e0:f0:f4:38:
fd:a3:ab:86:0c:b8:e3:f7:23:f4:11:d3:91:0f:b4:
d1:11:9c:5a:8b:e6:08:2d:92:a4:cb:8a:03:ec:bd:
15:15:7f:e1:1a:d1:47:54:22:b7:04:dc:c0:19:27:
2d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:08:F9:6F:70:EA:C9:58:32:21:21:2A:2B:FF:71:49:29:BD:49:9A
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/vwj5b3DqyVgyISEqK_9xSSm9SZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.213.0/24
Signature Algorithm: sha256WithRSAEncryption
55:b9:ee:e6:c7:9a:49:91:b5:46:57:8c:93:51:8f:91:0e:fd:
da:59:8a:d9:77:d6:4c:6f:8b:e2:53:77:f5:0b:5d:96:25:34:
3e:4f:48:69:a7:ce:b3:9c:0a:df:63:29:74:6d:b8:74:08:27:
c2:74:70:93:9f:1a:4c:12:df:8b:0b:67:c3:c2:94:a9:de:c1:
c6:f1:72:5b:7a:19:eb:89:9a:85:f9:66:14:24:a4:e6:ea:b2:
4a:af:41:0a:d7:7e:cb:e1:41:19:1c:70:00:6c:ed:b0:d3:ab:
fb:0d:d1:0f:fc:48:71:c9:ec:44:f9:20:12:e5:11:95:f1:c4:
bc:31:b5:d0:82:5f:df:58:8a:00:08:9e:bb:56:6e:ac:cf:b4:
1b:55:6a:66:33:40:b1:37:87:27:d0:c1:db:c5:a2:4e:ec:f6:
15:dc:b8:0d:8d:d4:e2:52:ca:34:33:e0:e4:5f:1b:44:c3:60:
0e:c3:45:37:8a:2f:ca:1a:c4:b7:a7:11:dc:e8:b8:18:53:fd:
a6:32:ad:61:2d:b6:31:54:1c:96:ce:80:56:2b:9a:e9:05:03:
1f:b0:08:ef:c7:ee:3d:3a:7d:9b:d3:08:42:79:cb:95:06:21:
55:a5:20:8b:cc:6f:d3:3b:5d:38:64:f2:a5:04:7d:3f:12:32:
f8:46:90:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSEsH/ZjjeV4bLGkZdUGT+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMTIwMTcwOTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjA4Zjk2ZjcwZWFjOTU4MzIyMTIxMmEyYmZmNzE0OTI5YmQ0OTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9f9jVQMexn6slIvO85/LxFrP/DF/
0OptO/W9SbsJ0LCdQkMCDCEmZsZSHX4zE/i0OCdZi865kiXqvRhwWSr+3TQ0qfmj
gKlbktGlkajNHVGbGvBw5IVUXolZCQaevOLlL23EP0z1+txpr1TGWbnZcZboLpgY
97Mw5r+LqeYd99pJLX7v5CdC3kHHttUOSCjGJiP3+YgyKLlGeYAsbTmC7WBghLDQ
NjX/tzZJhEj5dqSVonscTxTtMssYDXZqt5ZJsauMfKLDq8L84PfpzODw9Dj9o6uG
DLjj9yP0EdORD7TREZxai+YILZKky4oD7L0VFX/hGtFHVCK3BNzAGSct1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8I+W9w6slYMiEhKiv/cUkpvUmaMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvdndqNWIzRHF5Vmd5SVNFcUtfOXhTU205U1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSrVMA0G
CSqGSIb3DQEBCwUAA4IBAQBVue7mx5pJkbVGV4yTUY+RDv3aWYrZd9ZMb4viU3f1
C12WJTQ+T0hpp86znArfYyl0bbh0CCfCdHCTnxpMEt+LC2fDwpSp3sHG8XJbehnr
iZqF+WYUJKTm6rJKr0EK137L4UEZHHAAbO2w06v7DdEP/EhxyexE+SAS5RGV8cS8
MbXQgl/fWIoACJ67Vm6sz7QbVWpmM0CxN4cn0MHbxaJO7PYV3LgNjdTiUso0M+Dk
XxtEw2AOw0U3ii/KGsS3pxHc6LgYU/2mMq1hLbYxVByWzoBWK5rpBQMfsAjvx+49
On2b0whCecuVBiFVpSCLzG/TO104ZPKlBH0/EjL4RpB7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:07 2025 by rpki-client