Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/XLs5m7yFpYbQixlyQEPtxV_7mOs.roa
File: XLs5m7yFpYbQixlyQEPtxV_7mOs.roa (raw, json)
Hash identifier: Fghw0ZM8qJSM1Rk38Og5x502OtV7xRwTHNOwSJX4CJo=
Subject key identifier: 5C:BB:39:9B:BC:85:A5:86:D0:8B:19:72:40:43:ED:C5:5F:FB:98:EB
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 019427B427398F149605A1038D5D3AB71C10
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/XLs5m7yFpYbQixlyQEPtxV_7mOs.roa
Signing time: Thu 02 Jan 2025 15:48:25 +0000
ROA not before: Thu 02 Jan 2025 15:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47583
IP address blocks: 89.116.101.0/24 maxlen: 24
89.116.104.0/24 maxlen: 24
89.116.105.0/24 maxlen: 24
89.116.109.0/24 maxlen: 24
89.116.110.0/24 maxlen: 24
89.116.111.0/24 maxlen: 24
89.116.114.0/24 maxlen: 24
89.116.120.0/24 maxlen: 24
89.116.121.0/24 maxlen: 24
89.116.122.0/24 maxlen: 24
89.116.133.0/24 maxlen: 24
89.116.134.0/24 maxlen: 24
89.116.136.0/24 maxlen: 24
89.116.138.0/24 maxlen: 24
89.116.139.0/24 maxlen: 24
89.116.152.0/24 maxlen: 24
89.116.157.0/24 maxlen: 24
89.116.159.0/24 maxlen: 24
89.116.167.0/24 maxlen: 24
89.116.170.0/24 maxlen: 24
89.116.187.0/24 maxlen: 24
89.116.188.0/24 maxlen: 24
89.116.191.0/24 maxlen: 24
89.116.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:27:39:8f:14:96:05:a1:03:8d:5d:3a:b7:1c:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 2 15:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cbb399bbc85a586d08b19724043edc55ffb98eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:88:f5:4a:28:d8:fc:59:c3:aa:e5:08:81:2d:
d2:61:55:67:ad:f5:97:e0:f4:21:ce:42:1a:39:11:
72:90:11:a2:f2:86:7f:73:8b:01:af:0f:88:30:c6:
45:c2:92:82:63:25:2f:66:61:05:66:43:c3:bb:ce:
f7:0f:f9:08:27:c5:4c:e7:9a:cb:5e:b9:9e:e2:68:
e6:38:2a:fb:a1:4a:61:53:0e:48:c0:a0:a6:85:de:
13:64:07:3e:c5:b2:88:85:5d:66:77:10:5a:ac:45:
27:27:90:42:de:f1:c7:6f:62:c4:24:ae:4f:25:d7:
ff:ba:f5:bd:b7:e7:be:a4:57:b2:31:ee:19:b1:40:
96:5d:3a:5d:3d:a8:39:a3:15:1a:b7:df:5b:d8:45:
78:07:fb:f4:e6:0a:b0:39:ae:54:92:3d:d5:08:28:
a1:da:52:e9:99:fe:75:c1:dc:69:9c:e4:2c:67:a7:
ff:f0:89:dc:cc:37:db:43:3b:e4:d6:66:5c:f1:d3:
56:be:ea:f9:3d:00:7c:33:ac:bd:33:e2:bd:7b:68:
b4:19:6a:e5:c8:e9:17:cd:4b:d2:18:4a:e4:a1:65:
44:b8:eb:17:af:c0:d8:42:c7:89:1f:69:03:b7:9e:
3f:48:2e:fe:c0:dd:a7:97:a6:7b:c0:32:c3:4e:1a:
2a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BB:39:9B:BC:85:A5:86:D0:8B:19:72:40:43:ED:C5:5F:FB:98:EB
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/XLs5m7yFpYbQixlyQEPtxV_7mOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.101.0/24
89.116.104.0/23
89.116.109.0-89.116.111.255
89.116.114.0/24
89.116.120.0-89.116.122.255
89.116.133.0-89.116.134.255
89.116.136.0/24
89.116.138.0/23
89.116.152.0/24
89.116.157.0/24
89.116.159.0/24
89.116.167.0/24
89.116.170.0/24
89.116.187.0-89.116.188.255
89.116.191.0-89.116.192.255
Signature Algorithm: sha256WithRSAEncryption
66:19:42:a4:fc:66:88:5c:32:fe:56:ab:d2:e0:73:75:45:c3:
95:ef:88:8b:b7:3d:c3:af:24:f7:78:ac:88:73:5b:1e:65:5f:
59:3a:25:eb:a4:0b:68:b0:66:20:db:df:36:d4:ed:f9:f5:83:
7c:19:14:fb:b7:74:19:fd:0e:3c:2c:52:9a:62:a9:8a:68:45:
be:90:fc:00:7d:7d:bb:4a:c2:f8:1e:a1:95:ee:23:2e:82:b6:
3e:2d:5d:4c:83:aa:c2:74:35:cd:c7:fe:e8:6f:ad:70:11:7e:
e8:b3:05:ba:a8:f8:1e:fa:0d:52:98:38:cf:2c:fc:8d:f9:28:
6b:1b:ed:b5:41:53:47:26:8a:2b:d6:c0:0f:83:b9:32:38:e4:
b4:a1:27:37:e9:54:dd:fc:41:a7:50:08:d1:37:e9:f2:5d:7a:
9b:e8:48:b4:63:e6:43:5a:f6:07:25:66:39:b1:43:93:ea:14:
a9:e7:88:33:47:74:b3:c1:1d:3a:81:1e:fe:e9:2a:c4:17:fd:
36:0e:d4:3a:4e:9a:da:65:9a:bd:cc:50:5c:68:c6:7a:2d:f3:
f6:4a:89:bb:13:f8:f5:1b:93:f9:7e:af:23:ef:c0:b2:1b:17:
16:18:72:f4:3d:84:a6:85:47:c3:cd:62:c9:47:0f:bb:70:a3:
9d:3c:ac:84
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZQntCc5jxSWBaEDjV06txwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjUwMTAyMTU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2JiMzk5YmJjODVhNTg2ZDA4YjE5NzI0MDQzZWRjNTVmZmI5OGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4j1SijY/FnDquUIgS3SYVVnrfWX
4PQhzkIaORFykBGi8oZ/c4sBrw+IMMZFwpKCYyUvZmEFZkPDu873D/kIJ8VM55rL
Xrme4mjmOCr7oUphUw5IwKCmhd4TZAc+xbKIhV1mdxBarEUnJ5BC3vHHb2LEJK5P
Jdf/uvW9t+e+pFeyMe4ZsUCWXTpdPag5oxUat99b2EV4B/v05gqwOa5Ukj3VCCih
2lLpmf51wdxpnOQsZ6f/8InczDfbQzvk1mZc8dNWvur5PQB8M6y9M+K9e2i0GWrl
yOkXzUvSGErkoWVEuOsXr8DYQseJH2kDt54/SC7+wN2nl6Z7wDLDThoqZwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFFy7OZu8haWG0IsZckBD7cVf+5jrMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvWExzNW03eUZwWWJRaXhseVFFUHR4Vl83bU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBABZ
dGUDBAFZdGgwDAMEAFl0bQMEBFl0YAMEAFl0cjAMAwQDWXR4AwQAWXR6MAwDBABZ
dIUDBABZdIYDBABZdIgDBAFZdIoDBABZdJgDBABZdJ0DBABZdJ8DBABZdKcDBABZ
dKowDAMEAFl0uwMEAFl0vDAMAwQAWXS/AwQAWXTAMA0GCSqGSIb3DQEBCwUAA4IB
AQBmGUKk/GaIXDL+VqvS4HN1RcOV74iLtz3DryT3eKyIc1seZV9ZOiXrpAtosGYg
29821O359YN8GRT7t3QZ/Q48LFKaYqmKaEW+kPwAfX27SsL4HqGV7iMugrY+LV1M
g6rCdDXNx/7ob61wEX7oswW6qPge+g1SmDjPLPyN+ShrG+21QVNHJoor1sAPg7ky
OOS0oSc36VTd/EGnUAjRN+nyXXqb6Ei0Y+ZDWvYHJWY5sUOT6hSp54gzR3SzwR06
gR7+6SrEF/02DtQ6TpraZZq9zFBcaMZ6LfP2Som7E/j1G5P5fq8j78CyGxcWGHL0
PYSmhUfDzWLJRw+7cKOdPKyE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:08 2025 by rpki-client