Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/35ffbf-485d-4906-8654-8ac7e036eb81/1/XQmWlyt6GDq_vsTxgQL-Ne5fkg8.roa
File: XQmWlyt6GDq_vsTxgQL-Ne5fkg8.roa (raw, json)
Hash identifier: XKQlEPyRUf0XKnRNq7X1evnp/6HInQVZ7yi1ek6xb8I=
Subject key identifier: 5D:09:96:97:2B:7A:18:3A:BF:BE:C4:F1:81:02:FE:35:EE:5F:92:0F
Certificate issuer: /CN=e9bf904f418bfc7b49b85f3abdac417cca5e3759
Certificate serial: 018CC8DEA54C285518316A7CEB010D0C54FC
Authority key identifier: E9:BF:90:4F:41:8B:FC:7B:49:B8:5F:3A:BD:AC:41:7C:CA:5E:37:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b-QT0GL_HtJuF86vaxBfMpeN1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/35ffbf-485d-4906-8654-8ac7e036eb81/1/XQmWlyt6GDq_vsTxgQL-Ne5fkg8.roa
Signing time: Tue 02 Jan 2024 06:31:23 +0000
ROA not before: Tue 02 Jan 2024 06:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212642
IP address blocks: 89.221.111.0/24 maxlen: 24
2a00:1e1f:ff00::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:a5:4c:28:55:18:31:6a:7c:eb:01:0d:0c:54:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9bf904f418bfc7b49b85f3abdac417cca5e3759
Validity
Not Before: Jan 2 06:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d0996972b7a183abfbec4f18102fe35ee5f920f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2b:2e:87:0d:61:7a:e2:af:23:30:f0:ba:58:
fb:38:96:2a:52:09:a1:e6:52:75:fb:41:73:ab:a8:
0b:49:aa:a7:ea:b0:65:8b:b4:b5:cd:fc:80:09:45:
93:08:19:a7:fe:61:e2:d8:2f:91:cd:df:6f:f9:71:
ec:78:5f:97:09:2a:49:db:a8:63:84:e5:40:e5:2d:
bd:62:21:f8:49:1d:43:6d:67:56:97:79:a2:f0:8d:
63:54:a9:65:42:f9:e2:7a:4b:23:aa:16:2b:d2:74:
35:32:40:44:ec:a9:23:ce:60:99:35:19:42:80:28:
06:c3:e6:c8:3a:7f:98:6f:04:e0:09:98:fd:a6:77:
7b:f0:06:0e:d6:e7:91:d4:34:a4:1c:04:4b:9c:da:
91:80:95:b6:6a:23:1a:de:11:c4:ff:9a:3f:a7:b3:
1e:5d:b1:33:52:0d:25:02:1c:1a:20:e3:3b:5d:6c:
a7:5c:56:9d:97:1b:6d:bc:0f:d8:35:34:5c:09:19:
ab:8f:15:0e:51:97:18:73:9c:20:ab:6c:e0:1a:bb:
bf:68:14:af:c2:0b:8b:b3:6a:34:4e:24:d7:5c:fb:
1b:5d:a6:26:f8:12:5b:c0:a1:20:0c:6a:86:f4:e2:
3d:8b:a2:1b:e0:4a:cf:7e:b3:2f:d5:73:41:22:59:
08:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:09:96:97:2B:7A:18:3A:BF:BE:C4:F1:81:02:FE:35:EE:5F:92:0F
X509v3 Authority Key Identifier:
keyid:E9:BF:90:4F:41:8B:FC:7B:49:B8:5F:3A:BD:AC:41:7C:CA:5E:37:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b-QT0GL_HtJuF86vaxBfMpeN1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/35ffbf-485d-4906-8654-8ac7e036eb81/1/XQmWlyt6GDq_vsTxgQL-Ne5fkg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/35ffbf-485d-4906-8654-8ac7e036eb81/1/6b-QT0GL_HtJuF86vaxBfMpeN1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.221.111.0/24
IPv6:
2a00:1e1f:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
13:fa:f7:79:0a:3c:3f:cb:94:68:4c:c6:42:23:6d:63:f6:00:
f3:c1:8a:7d:f9:39:11:d7:59:14:4e:e2:24:f3:78:5e:ed:93:
2e:45:59:55:0f:87:e3:94:dd:a7:c7:68:a8:05:29:57:9e:c7:
01:ea:04:4f:9a:a3:65:be:1c:3c:92:51:1a:d1:e9:25:61:08:
14:72:7c:4f:c9:d2:96:33:59:30:00:8c:35:93:b5:55:df:24:
4b:f3:ac:21:c9:c1:cb:e0:6a:4a:9f:6a:ec:4d:46:9d:e8:60:
41:af:6e:94:07:ef:4c:51:a5:7e:65:50:4c:22:be:02:34:19:
13:49:1a:1d:df:a8:35:32:1a:7d:4d:5b:74:0f:bb:b8:88:7f:
7c:4b:86:80:24:03:47:20:0d:d3:f3:49:3b:4d:0f:11:4a:6f:
b5:38:56:a6:34:83:71:08:41:27:95:ba:0a:d2:cf:22:e5:a2:
8f:7a:03:83:ce:8e:b0:0f:ba:78:ab:d4:96:8c:a4:35:7d:01:
37:4d:48:cd:c1:db:43:c0:e5:61:08:0e:63:81:85:c0:9d:0f:
74:d0:75:ce:dc:80:89:40:33:5c:2e:65:35:4a:8e:ad:3e:62:
22:25:dc:fd:1c:b4:af:16:43:06:91:0d:b5:24:7d:84:84:1d:
f7:9a:97:1e
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzI3qVMKFUYMWp86wENDFT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmY5MDRmNDE4YmZjN2I0OWI4NWYzYWJkYWM0MTdjY2E1
ZTM3NTkwHhcNMjQwMTAyMDYzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDA5OTY5NzJiN2ExODNhYmZiZWM0ZjE4MTAyZmUzNWVlNWY5MjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmysuhw1heuKvIzDwulj7OJYqUgmh
5lJ1+0Fzq6gLSaqn6rBli7S1zfyACUWTCBmn/mHi2C+Rzd9v+XHseF+XCSpJ26hj
hOVA5S29YiH4SR1DbWdWl3mi8I1jVKllQvnieksjqhYr0nQ1MkBE7KkjzmCZNRlC
gCgGw+bIOn+YbwTgCZj9pnd78AYO1ueR1DSkHARLnNqRgJW2aiMa3hHE/5o/p7Me
XbEzUg0lAhwaIOM7XWynXFadlxttvA/YNTRcCRmrjxUOUZcYc5wgq2zgGru/aBSv
wguLs2o0TiTXXPsbXaYm+BJbwKEgDGqG9OI9i6Ib4ErPfrMv1XNBIlkI+wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFF0Jlpcrehg6v77E8YEC/jXuX5IPMB8GA1UdIwQY
MBaAFOm/kE9Bi/x7SbhfOr2sQXzKXjdZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmItUVQwR0xfSHRKdUY4NnZheEJmTXBlTjFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8zNWZmYmYtNDg1ZC00OTA2LTg2NTQt
OGFjN2UwMzZlYjgxLzEvWFFtV2x5dDZHRHFfdnNUeGdRTC1OZTVma2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8zNWZmYmYtNDg1ZC00OTA2LTg2NTQtOGFjN2UwMzZlYjgx
LzEvNmItUVQwR0xfSHRKdUY4NnZheEJmTXBlTjFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAWd1vMA4E
AgACMAgDBgAqAB4f/zANBgkqhkiG9w0BAQsFAAOCAQEAE/r3eQo8P8uUaEzGQiNt
Y/YA88GKffk5EddZFE7iJPN4Xu2TLkVZVQ+H45Tdp8doqAUpV57HAeoET5qjZb4c
PJJRGtHpJWEIFHJ8T8nSljNZMACMNZO1Vd8kS/OsIcnBy+BqSp9q7E1GnehgQa9u
lAfvTFGlfmVQTCK+AjQZE0kaHd+oNTIafU1bdA+7uIh/fEuGgCQDRyAN0/NJO00P
EUpvtThWpjSDcQhBJ5W6CtLPIuWij3oDg86OsA+6eKvUloykNX0BN01IzcHbQ8Dl
YQgOY4GFwJ0PdNB1ztyAiUAzXC5lNUqOrT5iIiXc/Ry0rxZDBpENtSR9hIQd95qX
Hg==
-----END CERTIFICATE-----
Generated at Mon May 12 11:14:30 2025 by rpki-client