Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/dL1L6tqa28t9cyS2Ck4XBGGRM80.roa
File: dL1L6tqa28t9cyS2Ck4XBGGRM80.roa (raw, json)
Hash identifier: bbgB11lkahcdKguY+KZR5J7Bg9/36S9jQp6+ZOyYa7Y=
Subject key identifier: 74:BD:4B:EA:DA:9A:DB:CB:7D:73:24:B6:0A:4E:17:04:61:91:33:CD
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01958C53159052201810F95B756F614F105B
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/dL1L6tqa28t9cyS2Ck4XBGGRM80.roa
Signing time: Wed 12 Mar 2025 21:46:50 +0000
ROA not before: Wed 12 Mar 2025 21:46:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213574
IP address blocks: 89.144.10.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8c:53:15:90:52:20:18:10:f9:5b:75:6f:61:4f:10:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 12 21:46:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74bd4beada9adbcb7d7324b60a4e1704619133cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3a:99:01:c3:d5:6d:0c:85:9b:3d:57:eb:91:
a5:dd:85:a3:e3:31:34:33:6c:01:e7:84:29:27:f1:
46:6a:79:76:a0:e3:4b:33:6f:93:b8:7d:17:0c:25:
31:0b:e6:50:a6:31:b5:ee:ab:83:be:8c:65:98:44:
75:6f:72:50:db:93:6d:56:0b:19:5e:be:f6:b2:ad:
3e:e4:fa:49:57:29:03:51:18:a2:a2:a0:8b:2c:4c:
b9:06:69:57:2b:de:79:6f:58:8c:e8:83:37:2b:f1:
b8:48:23:0f:78:64:ef:80:ed:51:e1:6a:ba:aa:b9:
42:25:12:8a:fe:1f:75:a7:13:bc:54:59:da:1c:1b:
46:49:60:74:55:b7:36:bd:4a:31:08:be:b8:46:20:
24:82:f7:15:3c:3a:e9:bf:40:f8:23:64:f2:fe:74:
b2:2e:74:a6:c1:44:40:53:2a:d1:62:fb:ed:c2:0b:
85:40:7f:e7:42:f6:58:9a:fc:d2:ae:0e:8b:40:b2:
0f:e3:1f:4e:10:44:bf:ba:db:29:80:4f:a0:39:e4:
b5:e9:77:9a:82:4e:90:36:fa:3d:a2:26:54:46:3e:
6f:54:9a:77:1d:db:0a:18:9c:07:d8:c1:0b:ff:91:
1e:31:6f:42:08:46:2c:21:49:ad:ac:14:d0:b0:1a:
a7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BD:4B:EA:DA:9A:DB:CB:7D:73:24:B6:0A:4E:17:04:61:91:33:CD
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/dL1L6tqa28t9cyS2Ck4XBGGRM80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.144.10.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:19:88:4b:9d:44:83:7b:4c:4f:ca:8e:bb:58:c6:29:39:39:
cc:c0:0c:e7:00:4b:ec:ac:df:ae:bd:cc:72:4f:b3:0c:f5:a9:
db:c8:90:fb:4e:ed:63:c5:1b:a7:84:c2:d0:90:71:d3:ee:12:
7b:c0:11:c2:18:b9:db:80:bb:9b:fd:3f:0c:55:81:0d:d1:57:
47:50:5d:36:93:5e:40:5f:03:9b:e5:37:ec:79:42:b0:2c:a8:
84:e7:f4:de:a8:2b:62:0b:29:23:56:b6:d5:86:08:61:a3:11:
5e:53:c7:b8:4c:8f:94:f3:37:fa:24:08:50:a9:0e:a1:b7:ac:
52:5b:7c:19:4c:a3:3c:6c:3d:56:85:b2:10:25:4e:f4:60:30:
99:8f:27:7b:da:0d:f8:29:3f:76:33:f1:d9:fa:b3:cc:c7:ae:
7d:a1:cb:5f:62:4b:25:39:ae:37:33:97:8e:56:20:6b:67:86:
c9:04:8d:51:7a:de:90:6b:0d:46:67:c3:f9:ef:9b:a2:34:2b:
cb:49:ab:6b:a7:50:93:27:4f:d0:ed:83:5a:93:90:5e:8b:73:
01:e9:0e:a9:04:32:ac:4a:fe:e1:cd:e1:ed:df:ee:ec:29:fb:
16:3c:5d:78:5c:e4:03:ec:03:ae:0c:91:d6:43:ec:c5:3c:f0:
a2:ac:8a:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWMUxWQUiAYEPlbdW9hTxBbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzEyMjE0NjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGJkNGJlYWRhOWFkYmNiN2Q3MzI0YjYwYTRlMTcwNDYxOTEzM2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjqZAcPVbQyFmz1X65Gl3YWj4zE0
M2wB54QpJ/FGanl2oONLM2+TuH0XDCUxC+ZQpjG17quDvoxlmER1b3JQ25NtVgsZ
Xr72sq0+5PpJVykDURiioqCLLEy5BmlXK955b1iM6IM3K/G4SCMPeGTvgO1R4Wq6
qrlCJRKK/h91pxO8VFnaHBtGSWB0Vbc2vUoxCL64RiAkgvcVPDrpv0D4I2Ty/nSy
LnSmwURAUyrRYvvtwguFQH/nQvZYmvzSrg6LQLIP4x9OEES/utspgE+gOeS16Xea
gk6QNvo9oiZURj5vVJp3HdsKGJwH2MEL/5EeMW9CCEYsIUmtrBTQsBqnpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHS9S+ramtvLfXMktgpOFwRhkTPNMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvZEwxTDZ0cWEyOHQ5Y3lTMkNrNFhCR0dSTTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWZAKMA0G
CSqGSIb3DQEBCwUAA4IBAQBaGYhLnUSDe0xPyo67WMYpOTnMwAznAEvsrN+uvcxy
T7MM9anbyJD7Tu1jxRunhMLQkHHT7hJ7wBHCGLnbgLub/T8MVYEN0VdHUF02k15A
XwOb5TfseUKwLKiE5/TeqCtiCykjVrbVhghhoxFeU8e4TI+U8zf6JAhQqQ6ht6xS
W3wZTKM8bD1WhbIQJU70YDCZjyd72g34KT92M/HZ+rPMx659octfYkslOa43M5eO
ViBrZ4bJBI1Ret6Qaw1GZ8P575uiNCvLSatrp1CTJ0/Q7YNak5Bei3MB6Q6pBDKs
Sv7hzeHt3+7sKfsWPF14XOQD7AOuDJHWQ+zFPPCirIpS
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:18:06 2025 by rpki-client