Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/GaKfTqsXTBbzB0l6PPjCOtbieE8.roa
File: GaKfTqsXTBbzB0l6PPjCOtbieE8.roa (raw, json)
Hash identifier: bGjsSkVxtFTtg2bHcJH2NQE4duud/iaOMe/znbQ8Z78=
Subject key identifier: 19:A2:9F:4E:AB:17:4C:16:F3:07:49:7A:3C:F8:C2:3A:D6:E2:78:4F
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 0194221FD0CC652FB0FE965BE06EF29E592A
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/GaKfTqsXTBbzB0l6PPjCOtbieE8.roa
Signing time: Wed 01 Jan 2025 13:48:17 +0000
ROA not before: Wed 01 Jan 2025 13:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 89.43.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d0:cc:65:2f:b0:fe:96:5b:e0:6e:f2:9e:59:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Jan 1 13:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19a29f4eab174c16f307497a3cf8c23ad6e2784f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:87:0d:87:d8:48:e2:90:73:58:1b:c7:a5:5b:
7c:78:5c:b6:ad:02:b0:4c:cd:e4:4c:02:45:84:fb:
b7:f9:62:d5:ed:be:ae:8f:0b:e8:ed:94:ea:84:19:
ac:46:6c:22:02:cd:29:69:b2:c0:ca:77:8d:76:e9:
d6:e1:17:91:61:68:32:99:d6:6b:77:3a:e9:2e:20:
4d:ce:21:ce:ef:3c:2b:3d:0d:f9:81:5d:12:e0:03:
fb:26:18:dc:2b:3f:64:53:17:dc:9b:a2:06:49:7f:
d3:5c:d1:b1:2b:fe:af:18:fb:8b:06:d8:1d:cb:7b:
91:b5:7c:bb:4b:88:98:a8:70:bf:b3:c4:c9:1e:9f:
b8:f7:31:82:02:8b:62:e4:03:32:76:fa:db:ff:9c:
4c:17:14:12:6b:0e:40:63:7c:db:5d:92:a9:04:d9:
8b:a8:62:90:0d:b7:12:93:49:3c:3a:06:0f:57:d6:
df:9a:eb:b5:6b:ae:48:a2:87:25:e3:a1:b5:0b:11:
01:ff:0d:cf:94:c0:be:26:c2:bf:d5:2d:56:4f:e1:
9a:99:d7:ea:20:5c:46:3a:0b:bc:24:d1:a4:e0:32:
87:bd:b4:b9:a0:fa:84:1b:b8:b3:a6:16:f7:15:ad:
40:b9:4c:89:e9:a4:e5:91:63:cc:6c:57:7a:94:2d:
ef:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A2:9F:4E:AB:17:4C:16:F3:07:49:7A:3C:F8:C2:3A:D6:E2:78:4F
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/GaKfTqsXTBbzB0l6PPjCOtbieE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.34.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:66:1c:37:83:e5:0c:5e:1d:dc:8b:d6:c8:ad:df:ef:a0:5b:
da:c6:1b:1a:55:d3:64:3c:2a:b7:8a:a4:d2:84:78:2b:e4:ff:
4e:44:17:55:95:60:6c:1d:0b:f2:bd:e2:f1:f6:fd:3a:0c:1f:
64:9d:13:c3:57:01:6a:5f:23:4e:cf:29:16:67:62:f8:9c:81:
79:2a:96:fb:9f:86:30:3e:38:27:bc:94:23:cf:dd:0b:42:ba:
38:1a:77:ca:42:43:3f:43:56:88:93:87:ae:47:08:3f:f3:91:
39:8f:a2:79:c3:8d:cb:7e:e0:26:16:41:05:3c:a5:38:87:ad:
23:8b:4c:5b:84:67:d0:a1:c1:53:48:47:f3:17:8e:81:b5:17:
4a:4b:3f:48:31:c4:ee:39:3d:ca:43:c7:bd:76:44:da:36:ce:
04:9d:c0:98:22:60:56:dc:46:30:02:58:1b:9c:ff:5d:ae:45:
c7:8a:6a:8d:dc:60:3e:cc:59:80:20:e9:09:c1:11:2a:e8:a8:
49:0e:90:cc:c5:5b:d0:e1:dd:e2:9f:3d:5f:8d:f9:41:2d:fd:
c3:18:9f:a9:40:1b:56:d9:4e:7b:d2:d6:7f:d6:b1:ac:59:d7:
f9:63:42:35:85:74:42:53:f7:8b:8a:39:78:fd:fc:f7:9a:47:
42:63:94:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH9DMZS+w/pZb4G7ynlkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjUwMTAxMTM0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWEyOWY0ZWFiMTc0YzE2ZjMwNzQ5N2EzY2Y4YzIzYWQ2ZTI3ODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4cNh9hI4pBzWBvHpVt8eFy2rQKw
TM3kTAJFhPu3+WLV7b6ujwvo7ZTqhBmsRmwiAs0pabLAyneNdunW4ReRYWgymdZr
dzrpLiBNziHO7zwrPQ35gV0S4AP7JhjcKz9kUxfcm6IGSX/TXNGxK/6vGPuLBtgd
y3uRtXy7S4iYqHC/s8TJHp+49zGCAoti5AMydvrb/5xMFxQSaw5AY3zbXZKpBNmL
qGKQDbcSk0k8OgYPV9bfmuu1a65Ioocl46G1CxEB/w3PlMC+JsK/1S1WT+Gamdfq
IFxGOgu8JNGk4DKHvbS5oPqEG7izphb3Fa1AuUyJ6aTlkWPMbFd6lC3v6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBmin06rF0wW8wdJejz4wjrW4nhPMB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvR2FLZlRxc1hUQmJ6QjBsNlBQakNPdGJpZUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSsiMA0G
CSqGSIb3DQEBCwUAA4IBAQC7Zhw3g+UMXh3ci9bIrd/voFvaxhsaVdNkPCq3iqTS
hHgr5P9ORBdVlWBsHQvyveLx9v06DB9knRPDVwFqXyNOzykWZ2L4nIF5Kpb7n4Yw
PjgnvJQjz90LQro4GnfKQkM/Q1aIk4euRwg/85E5j6J5w43LfuAmFkEFPKU4h60j
i0xbhGfQocFTSEfzF46BtRdKSz9IMcTuOT3KQ8e9dkTaNs4EncCYImBW3EYwAlgb
nP9drkXHimqN3GA+zFmAIOkJwREq6KhJDpDMxVvQ4d3inz1fjflBLf3DGJ+pQBtW
2U570tZ/1rGsWdf5Y0I1hXRCU/eLijl4/fz3mkdCY5S1
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:31:41 2025 by rpki-client