Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/itbVtWP59mCPTrHaDnFdRJMUVew.roa
File: itbVtWP59mCPTrHaDnFdRJMUVew.roa (raw, json)
Hash identifier: e0BQXURiCQ3TdcGRBASSre11rKXIoznsycIbHY0QbKM=
Subject key identifier: 8A:D6:D5:B5:63:F9:F6:60:8F:4E:B1:DA:0E:71:5D:44:93:14:55:EC
Certificate issuer: /CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
Certificate serial: 01941FFA2641512EDFA0AF16B1B764E2F482
Authority key identifier: D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/itbVtWP59mCPTrHaDnFdRJMUVew.roa
Signing time: Wed 01 Jan 2025 03:47:54 +0000
ROA not before: Wed 01 Jan 2025 03:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39370
IP address blocks: 89.147.0.0/23 maxlen: 23
89.147.0.0/24 maxlen: 24
89.147.1.0/24 maxlen: 24
89.147.2.0/24 maxlen: 24
89.147.3.0/24 maxlen: 24
89.147.4.0/24 maxlen: 24
89.147.5.0/24 maxlen: 24
89.147.6.0/23 maxlen: 23
89.147.6.0/24 maxlen: 24
89.147.7.0/24 maxlen: 24
89.147.32.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:26:41:51:2e:df:a0:af:16:b1:b7:64:e2:f4:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
Validity
Not Before: Jan 1 03:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ad6d5b563f9f6608f4eb1da0e715d44931455ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c2:4d:2b:3c:0f:92:76:cf:e8:60:6c:a1:87:
5c:4a:7c:0d:98:0c:26:e6:a8:7f:03:df:05:f0:59:
06:8b:27:3c:bc:f7:67:ac:ba:03:51:ee:26:bf:c4:
26:dd:eb:b5:82:4e:d8:94:b3:8a:e4:a1:04:ec:e1:
f5:e3:2f:1f:be:5e:fe:41:df:fe:b4:e2:83:ae:a6:
85:4f:95:3e:f2:5c:9d:a8:89:45:51:7a:cc:78:e8:
7e:93:1d:cc:85:d2:15:79:d6:4a:a6:43:10:28:cc:
87:e9:7d:b0:c1:7b:ff:da:95:03:61:77:87:0c:53:
1c:f4:6e:5e:bc:c1:fa:8b:f7:08:0d:4d:49:54:24:
66:94:52:c1:4a:6d:ff:60:19:11:c7:04:10:63:6a:
76:fe:de:4f:dc:39:b4:9e:a5:c7:d0:0b:2c:d6:d6:
bd:79:d1:4b:d8:94:11:0c:d3:4b:11:2e:71:07:c0:
21:db:9e:06:16:44:18:b9:1f:61:d8:26:26:f4:f8:
55:e0:f6:22:12:64:ef:f2:92:ed:3b:53:4a:08:ca:
b8:a0:0e:11:28:0e:af:a1:37:04:b5:8a:03:ac:36:
29:39:47:60:16:a0:68:b5:a0:f4:be:d2:50:b1:f7:
7b:55:06:97:3b:2e:96:14:f9:8a:e8:36:c9:16:55:
8d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D6:D5:B5:63:F9:F6:60:8F:4E:B1:DA:0E:71:5D:44:93:14:55:EC
X509v3 Authority Key Identifier:
keyid:D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/itbVtWP59mCPTrHaDnFdRJMUVew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.147.0.0/21
89.147.32.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:a5:7c:a9:5a:eb:f0:1b:65:4c:84:95:06:3f:8b:9b:5e:ed:
ba:20:cd:53:c6:f0:c7:78:53:76:02:43:f4:03:af:96:f0:22:
ee:07:66:61:b9:17:b1:c0:c8:6b:42:41:26:83:54:94:ac:33:
ef:20:85:ca:3e:ae:3a:ea:59:cd:7e:e5:1a:51:ea:15:af:da:
c7:2f:a1:5a:e1:ef:0f:e9:2d:b3:d4:9c:de:4b:23:76:1d:a9:
ab:49:41:6c:b1:80:b8:9f:a9:35:95:94:3c:cd:2a:73:9e:33:
71:82:0f:bf:b7:3c:0e:9e:8e:00:b1:34:94:28:51:96:ae:83:
f9:f3:3c:13:91:7e:88:c0:a9:dd:6e:30:6b:c9:1f:ef:f3:2f:
cc:e2:2a:2f:90:a7:28:fa:aa:9a:c1:bf:51:f9:ee:a5:9d:81:
0d:a5:dd:28:79:b6:48:e7:b3:53:dd:ba:07:c0:f5:a1:1b:b3:
1d:f5:ce:8f:8a:61:2c:98:95:6d:f7:30:5f:d0:2b:8a:cb:e1:
e3:3e:69:7d:f4:69:7f:70:01:e5:83:78:f2:4b:ef:bc:00:08:
3f:07:b4:30:c1:85:47:ba:53:29:5e:37:6d:98:2a:be:34:8d:
06:d7:5a:e3:2b:88:07:dd:3c:3c:b8:52:6a:a7:e2:77:ee:d6:
8d:21:7a:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQf+iZBUS7foK8Wsbdk4vSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZDA2NzRiZDZmMGNjOTE3NTIxOWEzMjhjOGIzOTY4Mjlm
NmMwYWYwHhcNMjUwMTAxMDM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQ2ZDViNTYzZjlmNjYwOGY0ZWIxZGEwZTcxNWQ0NDkzMTQ1NWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsJNKzwPknbP6GBsoYdcSnwNmAwm
5qh/A98F8FkGiyc8vPdnrLoDUe4mv8Qm3eu1gk7YlLOK5KEE7OH14y8fvl7+Qd/+
tOKDrqaFT5U+8lydqIlFUXrMeOh+kx3MhdIVedZKpkMQKMyH6X2wwXv/2pUDYXeH
DFMc9G5evMH6i/cIDU1JVCRmlFLBSm3/YBkRxwQQY2p2/t5P3Dm0nqXH0Ass1ta9
edFL2JQRDNNLES5xB8Ah254GFkQYuR9h2CYm9PhV4PYiEmTv8pLtO1NKCMq4oA4R
KA6voTcEtYoDrDYpOUdgFqBotaD0vtJQsfd7VQaXOy6WFPmK6DbJFlWN2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIrW1bVj+fZgj06x2g5xXUSTFFXsMB8GA1UdIwQY
MBaAFNfQZ0vW8MyRdSGaMoyLOWgp9sCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2It
ODIzMmZhM2U2MjlkLzEvaXRiVnRXUDU5bUNQVHJIYURuRmRSSk1VVmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2ItODIzMmZhM2U2Mjlk
LzEvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWZMAAwQB
WZMgMA0GCSqGSIb3DQEBCwUAA4IBAQBspXypWuvwG2VMhJUGP4ubXu26IM1TxvDH
eFN2AkP0A6+W8CLuB2ZhuRexwMhrQkEmg1SUrDPvIIXKPq466lnNfuUaUeoVr9rH
L6Fa4e8P6S2z1JzeSyN2HamrSUFssYC4n6k1lZQ8zSpznjNxgg+/tzwOno4AsTSU
KFGWroP58zwTkX6IwKndbjBryR/v8y/M4iovkKco+qqawb9R+e6lnYENpd0oebZI
57NT3boHwPWhG7Md9c6PimEsmJVt9zBf0CuKy+HjPml99Gl/cAHlg3jyS++8AAg/
B7QwwYVHulMpXjdtmCq+NI0G11rjK4gH3Tw8uFJqp+J37taNIXrg
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:40:38 2025 by rpki-client