Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/G8jjrx8EZbysXI_Z13e_0NqYZdU.roa
File: G8jjrx8EZbysXI_Z13e_0NqYZdU.roa (raw, json)
Hash identifier: GPSkTNwl/L8vVjia7LOR9ahqlqqIZvGFNcWIGIi/vHw=
Subject key identifier: 1B:C8:E3:AF:1F:04:65:BC:AC:5C:8F:D9:D7:77:BF:D0:DA:98:65:D5
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019426DA03ECE54E40E62D96A8432BB1E333
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/G8jjrx8EZbysXI_Z13e_0NqYZdU.roa
Signing time: Thu 02 Jan 2025 11:50:09 +0000
ROA not before: Thu 02 Jan 2025 11:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61102
IP address blocks: 89.46.239.0/24 maxlen: 24
2a03:f80:972::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:da:03:ec:e5:4e:40:e6:2d:96:a8:43:2b:b1:e3:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 2 11:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bc8e3af1f0465bcac5c8fd9d777bfd0da9865d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c3:f7:0e:e4:92:27:3c:06:da:3c:9f:42:0b:
85:1a:24:88:0f:85:03:d1:5f:33:97:8d:52:76:e2:
02:c4:9a:fe:1b:9d:80:d2:da:ec:58:a0:21:f7:82:
e8:ce:b9:a8:df:dd:89:4d:d8:1f:c4:e0:23:8d:18:
86:c4:e6:ae:1f:44:bd:17:f1:eb:14:bc:e3:a8:1f:
44:23:a9:ac:98:a4:cb:ef:37:ad:ac:46:c8:d0:28:
4c:16:15:7c:37:4d:89:63:0b:bb:30:cf:49:6e:46:
7b:ed:a3:c1:fe:76:05:32:c0:f9:a2:b7:fe:5f:8d:
27:06:0b:8e:b2:0b:b8:e6:d9:7c:e3:7d:c0:cf:5e:
d4:17:c6:0d:04:25:91:ae:56:30:24:c1:fc:b1:02:
9d:44:1b:0f:a6:ae:83:e2:48:69:dd:3e:90:c5:b5:
33:3c:f4:c0:c1:db:53:b6:74:2c:b6:fc:bd:83:e5:
2c:aa:22:8a:2e:de:09:79:43:61:52:b8:6e:82:9b:
39:50:fe:c9:a3:80:7a:5e:a6:5a:54:cb:43:48:03:
0d:83:54:03:a7:8a:a0:c7:74:7f:54:02:73:1f:a0:
bd:14:06:da:79:63:dd:0d:52:a1:da:f9:69:50:f6:
2a:b3:d2:a3:0c:aa:16:24:e5:5b:4d:d8:19:bd:f1:
21:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C8:E3:AF:1F:04:65:BC:AC:5C:8F:D9:D7:77:BF:D0:DA:98:65:D5
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/G8jjrx8EZbysXI_Z13e_0NqYZdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.239.0/24
IPv6:
2a03:f80:972::/48
Signature Algorithm: sha256WithRSAEncryption
be:2e:b7:87:7f:d6:53:74:68:81:16:44:a2:c8:86:80:e2:0c:
ad:21:e7:1e:23:43:d3:3f:19:ac:4c:2d:d2:cc:db:ef:2d:bb:
c2:55:41:3c:44:71:11:2c:7d:f9:6a:ff:c7:0f:62:74:39:a7:
d9:82:c3:1c:58:74:08:35:13:83:dd:2d:d8:5d:b6:3e:34:59:
7e:d8:6a:fa:d9:fa:cc:25:02:47:d0:dd:b1:c0:0e:1f:22:f9:
9b:43:57:a0:8a:ff:9e:c6:63:32:f6:81:64:55:f6:a2:84:6d:
a6:c3:c1:dc:f7:86:70:9e:e8:b1:90:37:5a:af:6c:10:65:95:
e4:17:48:3b:34:51:ea:64:86:19:9f:24:de:ee:99:96:ec:73:
b5:8c:6a:cd:f4:24:9c:92:88:34:ff:14:48:61:ee:94:39:8b:
ae:df:a7:fe:fd:82:59:12:00:1f:0d:04:2a:ae:cb:77:f9:2d:
57:c7:c8:45:1e:fa:29:bb:be:55:93:15:23:b4:73:2d:6a:1d:
1c:9b:ca:e4:33:31:15:d3:82:b3:e9:a5:96:1b:38:e8:60:90:
3e:e1:25:a9:d3:14:87:79:38:93:f1:2d:37:81:22:81:7e:34:
fd:a4:0e:13:07:35:21:e7:f2:d8:87:d8:e0:c0:dd:c0:d5:9c:
7b:76:68:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQm2gPs5U5A5i2WqEMrseMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwMTAyMTE1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM4ZTNhZjFmMDQ2NWJjYWM1YzhmZDlkNzc3YmZkMGRhOTg2NWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8P3DuSSJzwG2jyfQguFGiSID4UD
0V8zl41SduICxJr+G52A0trsWKAh94Lozrmo392JTdgfxOAjjRiGxOauH0S9F/Hr
FLzjqB9EI6msmKTL7zetrEbI0ChMFhV8N02JYwu7MM9JbkZ77aPB/nYFMsD5orf+
X40nBguOsgu45tl8433Az17UF8YNBCWRrlYwJMH8sQKdRBsPpq6D4khp3T6QxbUz
PPTAwdtTtnQstvy9g+UsqiKKLt4JeUNhUrhugps5UP7Jo4B6XqZaVMtDSAMNg1QD
p4qgx3R/VAJzH6C9FAbaeWPdDVKh2vlpUPYqs9KjDKoWJOVbTdgZvfEhVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBvI468fBGW8rFyP2dd3v9DamGXVMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvRzhqanJ4OEVaYnlzWElfWjEzZV8wTnFZWmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWS7vMA8E
AgACMAkDBwAqAw+ACXIwDQYJKoZIhvcNAQELBQADggEBAL4ut4d/1lN0aIEWRKLI
hoDiDK0h5x4jQ9M/GaxMLdLM2+8tu8JVQTxEcREsfflq/8cPYnQ5p9mCwxxYdAg1
E4PdLdhdtj40WX7YavrZ+swlAkfQ3bHADh8i+ZtDV6CK/57GYzL2gWRV9qKEbabD
wdz3hnCe6LGQN1qvbBBlleQXSDs0UepkhhmfJN7umZbsc7WMas30JJySiDT/FEhh
7pQ5i67fp/79glkSAB8NBCquy3f5LVfHyEUe+im7vlWTFSO0cy1qHRybyuQzMRXT
grPppZYbOOhgkD7hJanTFId5OJPxLTeBIoF+NP2kDhMHNSHn8tiH2ODA3cDVnHt2
aE4=
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:07:59 2025 by rpki-client