Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/tSrMnczmlEbYIQOpkEmwHRnQpzI.roa
File: tSrMnczmlEbYIQOpkEmwHRnQpzI.roa (raw, json)
Hash identifier: FuBmyi06UTvYJhovqEho4RVXPO+aGk1wa3ZPdqXvWWY=
Subject key identifier: B5:2A:CC:9D:CC:E6:94:46:D8:21:03:A9:90:49:B0:1D:19:D0:A7:32
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019548E8DCACC8D0E7EEBC887985AA512B7E
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/tSrMnczmlEbYIQOpkEmwHRnQpzI.roa
Signing time: Thu 27 Feb 2025 19:36:15 +0000
ROA not before: Thu 27 Feb 2025 19:36:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 89.21.86.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
109.122.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:48:e8:dc:ac:c8:d0:e7:ee:bc:88:79:85:aa:51:2b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 27 19:36:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b52acc9dcce69446d82103a99049b01d19d0a732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c1:67:4c:05:58:2e:c8:96:81:18:5a:ea:d4:
e3:75:6d:3c:a6:34:12:d4:82:dc:fd:ae:81:c0:05:
6a:27:cc:47:19:de:cc:2e:6e:95:85:21:82:f7:a6:
34:7b:48:57:9f:ef:54:c4:71:10:3e:bc:98:71:f8:
0b:98:c6:a9:df:bd:8a:a5:9e:e1:1f:e5:b3:ba:51:
3f:4b:4e:f2:66:ae:8e:04:e2:37:17:df:a5:11:f1:
78:91:f6:0d:2e:e1:c1:f5:f1:2e:b9:8b:0e:0f:81:
db:40:3f:ee:3b:ad:51:ba:54:7a:c3:e3:01:10:ad:
e8:1a:67:ad:4a:f7:5e:c6:ac:7d:ea:87:c3:3b:7a:
d8:2c:00:79:a6:ea:e2:cf:b4:2c:64:fd:4c:9b:cc:
73:47:87:25:9a:c5:5f:d9:5d:0d:5e:b3:bd:f4:f9:
f7:ef:a2:9f:ad:1c:65:b1:d2:6b:9c:6d:0c:c2:59:
b4:d0:20:30:e2:55:aa:02:ab:b0:06:8f:8d:67:98:
42:06:ea:90:93:30:d6:49:b1:d2:db:af:ea:e9:53:
b8:6a:5f:8b:db:6a:8d:0d:7d:71:75:0f:7f:5b:80:
a2:c1:8a:c1:ac:87:da:a0:63:23:94:dc:9d:bb:2a:
9a:92:96:98:5b:64:39:eb:4d:cd:e6:9f:24:79:61:
f5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:2A:CC:9D:CC:E6:94:46:D8:21:03:A9:90:49:B0:1D:19:D0:A7:32
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/tSrMnczmlEbYIQOpkEmwHRnQpzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.86.0/24
109.122.43.0/24
109.122.45.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:24:2f:57:58:81:2d:30:9c:76:a6:c5:12:9b:d0:d7:7a:b7:
6f:69:96:1e:5e:3f:63:5a:85:11:fc:85:b0:cb:10:2b:13:40:
fb:c2:03:68:9d:49:e9:c6:07:28:53:91:1d:05:0c:32:88:c6:
eb:79:64:e6:d3:c1:c6:97:ae:82:29:bc:75:75:19:d8:4e:11:
08:31:b2:ac:a9:42:c8:55:a2:a9:91:33:4c:22:57:e9:77:2a:
91:85:fc:60:38:74:18:b9:e4:6b:97:37:ff:1d:5d:7f:f8:a0:
c0:64:36:ef:20:0e:75:67:68:e1:77:14:b4:fc:99:c0:e7:1c:
b0:4c:e5:c1:d2:db:57:0f:0e:66:db:03:58:3d:3c:14:65:18:
46:10:33:b1:a3:14:4c:4e:b0:2a:ab:5d:9d:ed:f3:c6:ec:8c:
cb:47:3d:1a:a6:7f:e2:e1:96:11:8b:85:bf:1e:18:19:ff:28:
43:70:c7:b0:33:48:23:e5:10:5a:03:bd:f6:35:02:ef:fe:be:
c2:fc:9a:b9:1c:d7:6c:b3:d5:87:e3:b0:91:c8:4b:07:79:72:
70:eb:20:95:2d:47:95:88:75:73:dc:bf:4f:b7:22:60:83:b4:
30:4b:92:55:ff:ef:f5:4a:e0:50:a5:1e:44:b7:e8:d0:4f:4b:
67:9f:c5:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVI6NysyNDn7ryIeYWqUSt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwMjI3MTkzNjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTJhY2M5ZGNjZTY5NDQ2ZDgyMTAzYTk5MDQ5YjAxZDE5ZDBhNzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMFnTAVYLsiWgRha6tTjdW08pjQS
1ILc/a6BwAVqJ8xHGd7MLm6VhSGC96Y0e0hXn+9UxHEQPryYcfgLmMap372KpZ7h
H+WzulE/S07yZq6OBOI3F9+lEfF4kfYNLuHB9fEuuYsOD4HbQD/uO61RulR6w+MB
EK3oGmetSvdexqx96ofDO3rYLAB5puriz7QsZP1Mm8xzR4clmsVf2V0NXrO99Pn3
76KfrRxlsdJrnG0Mwlm00CAw4lWqAquwBo+NZ5hCBuqQkzDWSbHS26/q6VO4al+L
22qNDX1xdQ9/W4CiwYrBrIfaoGMjlNyduyqakpaYW2Q5603N5p8keWH1oQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLUqzJ3M5pRG2CEDqZBJsB0Z0KcyMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvdFNyTW5jem1sRWJZSVFPcGtFbXdIUm5RcHpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWRVWAwQA
bXorAwQAbXotMA0GCSqGSIb3DQEBCwUAA4IBAQBLJC9XWIEtMJx2psUSm9DXerdv
aZYeXj9jWoUR/IWwyxArE0D7wgNonUnpxgcoU5EdBQwyiMbreWTm08HGl66CKbx1
dRnYThEIMbKsqULIVaKpkTNMIlfpdyqRhfxgOHQYueRrlzf/HV1/+KDAZDbvIA51
Z2jhdxS0/JnA5xywTOXB0ttXDw5m2wNYPTwUZRhGEDOxoxRMTrAqq12d7fPG7IzL
Rz0apn/i4ZYRi4W/HhgZ/yhDcMewM0gj5RBaA732NQLv/r7C/Jq5HNdss9WH47CR
yEsHeXJw6yCVLUeViHVz3L9PtyJgg7QwS5JV/+/1SuBQpR5Et+jQT0tnn8UG
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:07:22 2025 by rpki-client