Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/3uRumfjw_VNGN2REHhoEdbfv8Q4.roa
File: 3uRumfjw_VNGN2REHhoEdbfv8Q4.roa (raw, json)
Hash identifier: EtjitrJqAc6g+S42UzHgJmm7oOPTI5kPog/yLqbDlSw=
Subject key identifier: DE:E4:6E:99:F8:F0:FD:53:46:37:64:44:1E:1A:04:75:B7:EF:F1:0E
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0194206877AD45F8A17BF0B1806F8A1B9C56
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/3uRumfjw_VNGN2REHhoEdbfv8Q4.roa
Signing time: Wed 01 Jan 2025 05:48:24 +0000
ROA not before: Wed 01 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 89.23.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:77:ad:45:f8:a1:7b:f0:b1:80:6f:8a:1b:9c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jan 1 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dee46e99f8f0fd53463764441e1a0475b7eff10e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:87:f7:71:4f:ea:e0:74:bd:30:28:b4:93:ba:
1d:3b:1d:a8:75:3d:0e:3e:1d:40:97:07:5d:86:77:
0e:43:3f:f2:1d:dc:f5:9e:64:a0:29:de:8b:e1:30:
28:3f:b9:ee:6f:89:f8:45:08:13:d6:61:d6:8c:f8:
c8:1d:99:19:f4:62:82:ee:c9:92:0b:89:98:48:f7:
a6:4a:05:b1:d0:98:6a:9c:2c:85:a5:48:3b:22:6f:
98:2e:d3:13:fc:30:10:5e:bd:d5:db:93:aa:2e:13:
f5:da:24:d1:92:91:b5:27:a0:b1:ef:50:ad:4c:48:
05:88:52:a2:19:e3:a9:db:87:ca:2b:98:b7:33:9f:
62:6f:e4:f9:86:b5:71:14:f6:d5:94:1b:d9:c9:84:
15:b2:e2:a4:bc:7d:4e:6d:29:4e:f1:bf:de:f6:04:
e5:29:3e:33:cb:a6:7c:10:44:63:78:ce:a0:b0:2b:
1b:b6:7f:61:68:d3:90:91:a5:9c:c0:65:2e:57:89:
16:73:bd:27:80:c0:ee:be:e0:16:92:2a:ab:5c:6f:
7f:b3:60:2d:a3:87:e3:5d:84:9e:96:ae:a2:c8:b5:
e3:45:71:a3:53:9e:19:c1:6d:f9:9f:cf:b2:85:1a:
03:95:a6:62:9f:26:5f:c9:9e:ae:2a:ad:1c:30:11:
ba:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E4:6E:99:F8:F0:FD:53:46:37:64:44:1E:1A:04:75:B7:EF:F1:0E
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/3uRumfjw_VNGN2REHhoEdbfv8Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.85.0/24
Signature Algorithm: sha256WithRSAEncryption
06:f5:30:9d:2e:27:d7:42:2e:7a:a7:9b:bd:43:14:8b:9b:d8:
16:6e:a1:75:fb:3c:a3:52:2a:a0:6d:9a:6c:66:b6:35:6f:f6:
dc:28:e2:84:ef:6e:e3:20:95:d2:2f:4d:55:4e:fb:a0:b5:db:
34:3f:d8:17:4b:11:e4:5c:96:0a:5f:8f:a0:58:f3:3f:7a:9e:
05:7a:22:e1:89:5d:79:5b:3d:34:23:b0:e4:6d:ef:2e:d3:f6:
fe:15:d8:cc:5b:28:02:b8:79:4f:a2:51:8c:fa:9b:c4:b9:a1:
45:1a:13:68:dd:9d:d2:89:39:d7:6d:5f:44:28:5d:85:2c:31:
ae:41:4b:25:0f:bf:ad:b8:c5:1e:42:77:f2:bd:d7:38:06:84:
aa:82:78:7b:49:b4:24:94:29:3d:3c:6a:4f:e3:8b:09:64:d9:
6f:1a:6e:bf:f8:73:03:7a:a9:3e:23:d4:91:24:a8:45:3e:57:
40:7f:9c:a4:23:b9:d4:85:c4:5e:37:ba:be:a3:14:2a:a3:7e:
45:87:0f:cf:47:d2:ec:39:de:5d:b7:ba:50:a4:07:45:68:e1:
51:d0:41:8c:d3:06:3b:a9:3a:9a:04:c0:cf:cf:24:c2:6f:f3:
31:fc:79:b4:7d:11:ae:67:e6:0f:ff:34:8c:c0:0c:4d:c3:90:
d2:6f:06:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaHetRfihe/CxgG+KG5xWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwMTAxMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWU0NmU5OWY4ZjBmZDUzNDYzNzY0NDQxZTFhMDQ3NWI3ZWZmMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYf3cU/q4HS9MCi0k7odOx2odT0O
Ph1AlwddhncOQz/yHdz1nmSgKd6L4TAoP7nub4n4RQgT1mHWjPjIHZkZ9GKC7smS
C4mYSPemSgWx0JhqnCyFpUg7Im+YLtMT/DAQXr3V25OqLhP12iTRkpG1J6Cx71Ct
TEgFiFKiGeOp24fKK5i3M59ib+T5hrVxFPbVlBvZyYQVsuKkvH1ObSlO8b/e9gTl
KT4zy6Z8EERjeM6gsCsbtn9haNOQkaWcwGUuV4kWc70ngMDuvuAWkiqrXG9/s2At
o4fjXYSelq6iyLXjRXGjU54ZwW35n8+yhRoDlaZinyZfyZ6uKq0cMBG6GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7kbpn48P1TRjdkRB4aBHW37/EOMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvM3VSdW1mandfVk5HTjJSRUhob0VkYmZ2OFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdVMA0G
CSqGSIb3DQEBCwUAA4IBAQAG9TCdLifXQi56p5u9QxSLm9gWbqF1+zyjUiqgbZps
ZrY1b/bcKOKE727jIJXSL01VTvugtds0P9gXSxHkXJYKX4+gWPM/ep4FeiLhiV15
Wz00I7Dkbe8u0/b+FdjMWygCuHlPolGM+pvEuaFFGhNo3Z3SiTnXbV9EKF2FLDGu
QUslD7+tuMUeQnfyvdc4BoSqgnh7SbQklCk9PGpP44sJZNlvGm6/+HMDeqk+I9SR
JKhFPldAf5ykI7nUhcReN7q+oxQqo35Fhw/PR9LsOd5dt7pQpAdFaOFR0EGM0wY7
qTqaBMDPzyTCb/Mx/Hm0fRGuZ+YP/zSMwAxNw5DSbwZq
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:50:51 2025 by rpki-client