Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/vPvzH2Jkd68NGCsRhA2y2FlM_lA.roa
File: vPvzH2Jkd68NGCsRhA2y2FlM_lA.roa (raw, json)
Hash identifier: 9Klt1Up9ZbII9TfgturV2CBhPEMnjyOglIYDIB463Jw=
Subject key identifier: BC:FB:F3:1F:62:64:77:AF:0D:18:2B:11:84:0D:B2:D8:59:4C:FE:50
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019513FD9D6675CBFA3068704D9E8E8D9FB7
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/vPvzH2Jkd68NGCsRhA2y2FlM_lA.roa
Signing time: Mon 17 Feb 2025 12:59:02 +0000
ROA not before: Mon 17 Feb 2025 12:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141892
IP address blocks: 89.21.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:fd:9d:66:75:cb:fa:30:68:70:4d:9e:8e:8d:9f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 17 12:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcfbf31f626477af0d182b11840db2d8594cfe50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:21:06:cf:cc:33:75:59:63:ec:4e:42:c6:25:
c4:1f:42:ac:18:73:cd:09:32:ce:18:dc:86:93:3a:
1c:f3:90:8b:6b:a6:d7:61:d0:a4:3b:7d:0c:ae:9b:
50:ff:f3:4a:8e:d2:25:5b:65:a6:34:2c:5a:ef:e4:
10:47:bf:f7:a3:ac:69:cc:9f:34:7c:db:e9:5c:94:
73:5b:a7:ef:f2:8d:d8:59:2e:c5:ab:95:0e:e7:d2:
4c:d8:bc:38:62:00:d6:54:02:e0:24:87:86:da:f0:
d4:ae:5d:d5:46:b7:7d:fe:45:9d:29:30:25:fa:b0:
b8:e7:41:34:f8:b6:95:88:51:e0:b4:13:a5:26:32:
b6:34:1b:b5:4c:fb:a2:ab:c1:12:a7:79:9f:74:27:
68:f2:bd:96:1a:5c:93:6a:ab:e3:b6:e4:9c:b2:f3:
78:9e:bc:7e:3c:e8:6c:6b:87:af:9b:ab:94:82:40:
41:d1:41:73:8d:02:a8:8d:d9:7d:1a:16:d9:1b:5c:
4d:1b:84:e1:70:ef:d0:15:56:81:b0:3c:04:79:2f:
87:db:3c:7c:44:d8:a8:3f:30:7d:97:1a:79:80:1e:
4d:64:15:9d:1d:f8:de:dc:7b:00:94:86:35:1b:75:
6d:52:eb:03:5b:c9:b0:5f:62:bd:60:0f:34:36:f1:
28:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:FB:F3:1F:62:64:77:AF:0D:18:2B:11:84:0D:B2:D8:59:4C:FE:50
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/vPvzH2Jkd68NGCsRhA2y2FlM_lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.85.0/24
Signature Algorithm: sha256WithRSAEncryption
08:ce:47:13:5c:26:47:49:9a:8f:e2:d1:de:0d:f9:8b:95:15:
f4:c7:2c:d6:fd:b8:24:00:5a:6a:6f:2d:68:29:a2:b3:e1:0e:
b6:25:7d:86:fc:20:a4:cf:d2:4b:0c:81:a8:23:48:d4:d0:d4:
70:c9:aa:20:4c:5c:e1:69:fb:40:6f:b9:c3:55:ab:38:53:28:
0a:1b:ad:c8:6e:8a:1c:d3:87:70:1d:ed:1a:bd:30:cd:e6:9a:
02:79:a9:25:ed:ed:65:5c:cd:7f:c4:8f:4b:db:ff:00:62:da:
8d:36:38:98:15:17:d0:c0:68:47:cb:49:0f:6a:1f:da:7e:b0:
55:60:5b:89:2b:02:61:2a:36:0d:72:c5:87:8f:22:3a:2e:f5:
2a:7f:6e:84:cc:43:0b:8b:d2:23:9a:56:5f:be:f8:b4:3a:dd:
15:16:34:01:91:28:10:be:94:ea:d8:0d:43:f1:5f:50:d9:37:
ac:d5:4f:b0:c9:3e:14:55:c9:e7:95:bc:61:8b:27:be:c4:e7:
de:df:8e:59:ea:d4:6d:43:51:79:ef:ae:be:d9:64:8f:38:0c:
f5:8e:fc:a1:0b:07:cd:0d:9b:ea:42:a1:ac:60:f0:96:6a:49:
1b:21:e6:1b:7e:5d:d8:df:dc:7b:52:42:d7:96:33:65:6a:bd:
6e:68:c8:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUT/Z1mdcv6MGhwTZ6OjZ+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwMjE3MTI1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2ZiZjMxZjYyNjQ3N2FmMGQxODJiMTE4NDBkYjJkODU5NGNmZTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyEGz8wzdVlj7E5CxiXEH0KsGHPN
CTLOGNyGkzoc85CLa6bXYdCkO30MrptQ//NKjtIlW2WmNCxa7+QQR7/3o6xpzJ80
fNvpXJRzW6fv8o3YWS7Fq5UO59JM2Lw4YgDWVALgJIeG2vDUrl3VRrd9/kWdKTAl
+rC450E0+LaViFHgtBOlJjK2NBu1TPuiq8ESp3mfdCdo8r2WGlyTaqvjtuScsvN4
nrx+POhsa4evm6uUgkBB0UFzjQKojdl9GhbZG1xNG4ThcO/QFVaBsDwEeS+H2zx8
RNioPzB9lxp5gB5NZBWdHfje3HsAlIY1G3VtUusDW8mwX2K9YA80NvEoOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLz78x9iZHevDRgrEYQNsthZTP5QMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvdlB2ekgySmtkNjhOR0NzUmhBMnkyRmxNX2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRVVMA0G
CSqGSIb3DQEBCwUAA4IBAQAIzkcTXCZHSZqP4tHeDfmLlRX0xyzW/bgkAFpqby1o
KaKz4Q62JX2G/CCkz9JLDIGoI0jU0NRwyaogTFzhaftAb7nDVas4UygKG63Ibooc
04dwHe0avTDN5poCeakl7e1lXM1/xI9L2/8AYtqNNjiYFRfQwGhHy0kPah/afrBV
YFuJKwJhKjYNcsWHjyI6LvUqf26EzEMLi9IjmlZfvvi0Ot0VFjQBkSgQvpTq2A1D
8V9Q2Tes1U+wyT4UVcnnlbxhiye+xOfe345Z6tRtQ1F5766+2WSPOAz1jvyhCwfN
DZvqQqGsYPCWakkbIeYbfl3Y39x7UkLXljNlar1uaMiX
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:40:18 2025 by rpki-client