Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/130d95-5641-4ada-80c0-da3e1192cdf6/1/wiDHcS0iTsfwm6c97RKRXwFMQDU.roa
File: wiDHcS0iTsfwm6c97RKRXwFMQDU.roa (raw, json)
Hash identifier: 9nPfgHjI+btRAVI2Wt5za4YufA+AcNW7aC+26eTYpiY=
Subject key identifier: C2:20:C7:71:2D:22:4E:C7:F0:9B:A7:3D:ED:12:91:5F:01:4C:40:35
Certificate issuer: /CN=2eebb691b24f2879253e3a6a45e0b5c52673b09d
Certificate serial: 01943C61A2333B3A803EF79FA24CC7FFA951
Authority key identifier: 2E:EB:B6:91:B2:4F:28:79:25:3E:3A:6A:45:E0:B5:C5:26:73:B0:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Luu2kbJPKHklPjpqReC1xSZzsJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/130d95-5641-4ada-80c0-da3e1192cdf6/1/wiDHcS0iTsfwm6c97RKRXwFMQDU.roa
Signing time: Mon 06 Jan 2025 16:10:18 +0000
ROA not before: Mon 06 Jan 2025 16:10:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 89.19.218.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3c:61:a2:33:3b:3a:80:3e:f7:9f:a2:4c:c7:ff:a9:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2eebb691b24f2879253e3a6a45e0b5c52673b09d
Validity
Not Before: Jan 6 16:10:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c220c7712d224ec7f09ba73ded12915f014c4035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b9:0b:a8:0b:c2:08:a2:b8:a6:c1:bf:89:b4:
f1:5f:e6:fb:61:67:5a:4f:74:68:af:de:5c:dd:ae:
ac:c6:04:27:59:f8:49:63:54:98:a1:30:67:c5:f7:
46:8c:8d:bd:55:58:7e:d5:45:44:18:65:86:99:76:
c3:38:ce:07:8c:ec:a2:af:9e:cb:94:a4:31:75:d7:
d7:3a:b1:3a:06:96:c8:58:2e:53:56:a9:04:5b:41:
f5:57:a3:e8:b5:03:9e:fa:12:92:95:a4:e2:cb:82:
78:4f:e3:9a:95:37:99:33:0d:1a:f4:db:c2:7a:27:
25:da:bb:cc:72:5c:1d:16:8d:e2:5a:a0:b8:15:35:
1f:1a:78:57:39:ea:bd:3b:03:07:9d:2c:5a:c5:ca:
d5:5b:8b:a9:9e:f2:87:df:68:5b:29:f3:f5:a8:16:
23:d4:1f:25:c0:f4:20:f9:0d:3d:18:d9:72:b5:17:
a1:58:a6:3a:e0:be:36:17:84:ad:05:96:c9:66:94:
35:61:48:ae:c9:a1:a9:bd:b8:d5:6c:97:bc:dd:06:
f8:a9:a8:c3:9f:f5:de:b1:49:52:7d:3d:89:03:44:
02:7b:2f:77:2b:ae:03:12:8f:89:01:da:2b:d8:07:
70:5f:c8:36:80:65:86:a4:cd:f6:8f:f2:90:56:7f:
2b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:20:C7:71:2D:22:4E:C7:F0:9B:A7:3D:ED:12:91:5F:01:4C:40:35
X509v3 Authority Key Identifier:
keyid:2E:EB:B6:91:B2:4F:28:79:25:3E:3A:6A:45:E0:B5:C5:26:73:B0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Luu2kbJPKHklPjpqReC1xSZzsJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/130d95-5641-4ada-80c0-da3e1192cdf6/1/wiDHcS0iTsfwm6c97RKRXwFMQDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/130d95-5641-4ada-80c0-da3e1192cdf6/1/Luu2kbJPKHklPjpqReC1xSZzsJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.218.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:46:b9:6e:d7:4b:fe:87:ae:e2:30:43:84:9c:ac:63:88:60:
de:98:43:a0:87:b3:84:5f:48:86:38:ec:70:dd:be:53:43:a7:
ab:ac:49:52:84:37:04:69:08:61:76:1c:f9:ba:42:3d:ef:97:
19:8c:ca:db:36:e6:a5:c0:e9:12:05:ae:aa:74:0e:79:77:09:
40:69:90:1f:04:d4:cb:c7:15:5e:c5:37:03:d4:ab:3b:fb:54:
7a:93:ac:c6:e8:5d:66:94:5d:e3:2d:df:eb:43:59:7a:5e:36:
b0:98:8e:54:ef:99:6b:c7:e7:df:df:31:55:a8:9d:f9:bc:2b:
b3:a8:44:df:79:c0:a3:40:0c:8d:b5:fe:5d:c3:38:ac:bd:d5:
96:36:54:ac:43:37:66:67:89:3d:92:6a:b2:0a:8a:12:6e:44:
96:a8:f9:51:2e:c9:84:2e:d2:f5:76:e1:fc:19:ca:05:c8:eb:
13:38:59:01:db:b2:6c:5e:42:d9:fd:99:44:22:a7:cb:5d:e1:
2b:cc:49:28:ce:20:37:63:73:67:d1:42:39:61:16:8a:08:a3:
39:85:ac:19:12:a9:be:7c:7d:56:c9:2c:c0:a0:60:e4:d1:45:
fe:a7:9f:d4:94:7e:17:8b:97:c4:34:b2:44:b1:16:f5:6a:50:
be:d4:c1:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ8YaIzOzqAPvefokzH/6lRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZWJiNjkxYjI0ZjI4NzkyNTNlM2E2YTQ1ZTBiNWM1MjY3
M2IwOWQwHhcNMjUwMTA2MTYxMDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjIwYzc3MTJkMjI0ZWM3ZjA5YmE3M2RlZDEyOTE1ZjAxNGM0MDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLkLqAvCCKK4psG/ibTxX+b7YWda
T3Ror95c3a6sxgQnWfhJY1SYoTBnxfdGjI29VVh+1UVEGGWGmXbDOM4HjOyir57L
lKQxddfXOrE6BpbIWC5TVqkEW0H1V6PotQOe+hKSlaTiy4J4T+OalTeZMw0a9NvC
eicl2rvMclwdFo3iWqC4FTUfGnhXOeq9OwMHnSxaxcrVW4upnvKH32hbKfP1qBYj
1B8lwPQg+Q09GNlytRehWKY64L42F4StBZbJZpQ1YUiuyaGpvbjVbJe83Qb4qajD
n/XesUlSfT2JA0QCey93K64DEo+JAdor2AdwX8g2gGWGpM32j/KQVn8rrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIgx3EtIk7H8JunPe0SkV8BTEA1MB8GA1UdIwQY
MBaAFC7rtpGyTyh5JT46akXgtcUmc7CdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHV1MmtiSlBLSGtsUGpwcVJlQzF4U1p6c0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xMzBkOTUtNTY0MS00YWRhLTgwYzAt
ZGEzZTExOTJjZGY2LzEvd2lESGNTMGlUc2Z3bTZjOTdSS1JYd0ZNUURVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xMzBkOTUtNTY0MS00YWRhLTgwYzAtZGEzZTExOTJjZGY2
LzEvTHV1MmtiSlBLSGtsUGpwcVJlQzF4U1p6c0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRPaMA0G
CSqGSIb3DQEBCwUAA4IBAQChRrlu10v+h67iMEOEnKxjiGDemEOgh7OEX0iGOOxw
3b5TQ6errElShDcEaQhhdhz5ukI975cZjMrbNualwOkSBa6qdA55dwlAaZAfBNTL
xxVexTcD1Ks7+1R6k6zG6F1mlF3jLd/rQ1l6XjawmI5U75lrx+ff3zFVqJ35vCuz
qETfecCjQAyNtf5dwzisvdWWNlSsQzdmZ4k9kmqyCooSbkSWqPlRLsmELtL1duH8
GcoFyOsTOFkB27JsXkLZ/ZlEIqfLXeErzEkoziA3Y3Nn0UI5YRaKCKM5hawZEqm+
fH1WySzAoGDk0UX+p5/UlH4Xi5fENLJEsRb1alC+1ME1
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:17:36 2025 by rpki-client