Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/9db3e5-1972-4c8d-8c4e-4a8f824972ce/1/_xp45g1-n9w5IeM5yrPXJUbnwR0.roa
File: _xp45g1-n9w5IeM5yrPXJUbnwR0.roa (raw, json)
Hash identifier: qRb04f7j9Nvv+xBiBsq9KjSLPWaBgY5wtjgxgGf2Vy0=
Subject key identifier: FF:1A:78:E6:0D:7E:9F:DC:39:21:E3:39:CA:B3:D7:25:46:E7:C1:1D
Certificate issuer: /CN=ea2af6cf2260ee19b7a02a39223fc4e22e9a62ae
Certificate serial: 018326EB6C15246F652F54727CE895B2ACB2
Authority key identifier: EA:2A:F6:CF:22:60:EE:19:B7:A0:2A:39:22:3F:C4:E2:2E:9A:62:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ir2zyJg7hm3oCo5Ij_E4i6aYq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/9db3e5-1972-4c8d-8c4e-4a8f824972ce/1/_xp45g1-n9w5IeM5yrPXJUbnwR0.roa
Signing time: Sat 10 Sep 2022 10:21:46 +0000
ROA not before: Sat 10 Sep 2022 10:21:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39855
IP address blocks: 89.106.204.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:26:eb:6c:15:24:6f:65:2f:54:72:7c:e8:95:b2:ac:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea2af6cf2260ee19b7a02a39223fc4e22e9a62ae
Validity
Not Before: Sep 10 10:21:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff1a78e60d7e9fdc3921e339cab3d72546e7c11d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:12:b4:2c:bd:76:8f:2c:be:0d:97:a6:a8:1f:
2e:79:01:ce:9f:19:c9:4c:29:52:48:63:44:8b:5f:
a6:73:42:32:09:79:22:be:ff:a2:45:9e:3d:f9:fa:
e8:9f:f7:48:f7:44:4c:26:fe:c4:ad:ed:75:aa:c0:
1d:33:01:70:93:fb:79:46:04:15:f5:26:47:4f:0e:
42:3e:85:55:14:00:27:eb:0e:66:f8:f7:7b:5c:37:
04:02:5e:aa:d5:51:72:60:7f:bb:96:59:26:e6:f3:
34:03:7f:3d:d4:b0:97:7d:41:bc:5a:d7:a9:49:6f:
e3:f8:c0:b7:ea:3a:91:ce:e9:61:31:07:24:82:b5:
dc:57:03:6d:a7:72:bd:1e:4b:35:98:c4:1b:d2:59:
f5:d3:02:b1:54:e2:81:92:7e:b0:06:4c:4a:6a:f0:
11:20:45:77:5b:04:98:a4:77:cc:94:75:1f:25:31:
81:20:7d:a5:12:ea:25:25:16:e3:89:c7:64:6d:11:
05:35:76:2b:54:2c:28:17:bd:91:05:33:82:67:7e:
81:02:61:ba:d1:7b:ac:80:5b:08:4b:22:bf:03:89:
d7:81:84:2a:db:ba:b0:37:04:73:58:12:b5:20:21:
c2:9e:4e:44:db:22:96:29:fa:79:79:27:56:58:07:
5a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:1A:78:E6:0D:7E:9F:DC:39:21:E3:39:CA:B3:D7:25:46:E7:C1:1D
X509v3 Authority Key Identifier:
keyid:EA:2A:F6:CF:22:60:EE:19:B7:A0:2A:39:22:3F:C4:E2:2E:9A:62:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ir2zyJg7hm3oCo5Ij_E4i6aYq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9db3e5-1972-4c8d-8c4e-4a8f824972ce/1/_xp45g1-n9w5IeM5yrPXJUbnwR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9db3e5-1972-4c8d-8c4e-4a8f824972ce/1/6ir2zyJg7hm3oCo5Ij_E4i6aYq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.204.0/24
Signature Algorithm: sha256WithRSAEncryption
69:44:fd:9e:a7:e8:43:e3:95:f0:ad:70:c2:a0:dc:cd:01:c8:
b5:63:58:1a:f8:50:7a:6f:09:38:da:e0:cf:f0:cd:4b:47:5a:
15:33:9f:4f:33:bc:41:a8:2e:c1:3f:bc:c7:00:d8:a0:70:80:
30:17:a7:d4:03:d3:b6:17:03:39:11:e3:a6:f2:6b:7d:2d:75:
2c:4c:7a:53:9f:db:82:cd:a9:ca:aa:c7:2f:64:c1:17:68:3d:
13:36:ab:fd:93:9f:c6:42:99:c1:18:18:59:37:69:1f:09:5e:
5e:7e:38:ce:9c:99:27:eb:ab:bf:4e:03:01:cc:0f:34:4a:52:
01:bf:ca:32:0a:47:6d:91:22:2e:52:da:7e:02:d7:5b:29:66:
21:8c:9c:09:26:2d:31:46:fc:46:97:bc:42:bb:5d:bc:dc:d6:
7a:b4:03:1e:97:a1:bd:31:c9:89:64:5c:6a:67:17:dc:a5:5a:
9b:c8:2d:0a:cf:7b:46:cf:91:e6:f8:e7:b5:34:6d:06:fd:95:
de:01:f7:5b:52:49:21:82:df:4a:ea:62:42:97:fd:f3:54:34:
c9:88:5a:d1:6d:62:97:e0:54:9e:9d:b7:de:7b:3c:77:cb:7b:
5e:e6:9a:90:45:da:f0:de:54:b1:80:e9:67:83:8f:fa:4f:4b:
a0:bb:91:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMm62wVJG9lL1RyfOiVsqyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMmFmNmNmMjI2MGVlMTliN2EwMmEzOTIyM2ZjNGUyMmU5
YTYyYWUwHhcNMjIwOTEwMTAyMTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjFhNzhlNjBkN2U5ZmRjMzkyMWUzMzljYWIzZDcyNTQ2ZTdjMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBK0LL12jyy+DZemqB8ueQHOnxnJ
TClSSGNEi1+mc0IyCXkivv+iRZ49+fron/dI90RMJv7Ere11qsAdMwFwk/t5RgQV
9SZHTw5CPoVVFAAn6w5m+Pd7XDcEAl6q1VFyYH+7llkm5vM0A3891LCXfUG8Wtep
SW/j+MC36jqRzulhMQckgrXcVwNtp3K9Hks1mMQb0ln10wKxVOKBkn6wBkxKavAR
IEV3WwSYpHfMlHUfJTGBIH2lEuolJRbjicdkbREFNXYrVCwoF72RBTOCZ36BAmG6
0XusgFsISyK/A4nXgYQq27qwNwRzWBK1ICHCnk5E2yKWKfp5eSdWWAdaOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8aeOYNfp/cOSHjOcqz1yVG58EdMB8GA1UdIwQY
MBaAFOoq9s8iYO4Zt6AqOSI/xOIummKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmlyMnp5Smc3aG0zb0NvNUlqX0U0aTZhWXE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi85ZGIzZTUtMTk3Mi00YzhkLThjNGUt
NGE4ZjgyNDk3MmNlLzEvX3hwNDVnMS1uOXc1SWVNNXlyUFhKVWJud1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi85ZGIzZTUtMTk3Mi00YzhkLThjNGUtNGE4ZjgyNDk3MmNl
LzEvNmlyMnp5Smc3aG0zb0NvNUlqX0U0aTZhWXE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWrMMA0G
CSqGSIb3DQEBCwUAA4IBAQBpRP2ep+hD45XwrXDCoNzNAci1Y1ga+FB6bwk42uDP
8M1LR1oVM59PM7xBqC7BP7zHANigcIAwF6fUA9O2FwM5EeOm8mt9LXUsTHpTn9uC
zanKqscvZMEXaD0TNqv9k5/GQpnBGBhZN2kfCV5efjjOnJkn66u/TgMBzA80SlIB
v8oyCkdtkSIuUtp+AtdbKWYhjJwJJi0xRvxGl7xCu1283NZ6tAMel6G9McmJZFxq
ZxfcpVqbyC0Kz3tGz5Hm+Oe1NG0G/ZXeAfdbUkkhgt9K6mJCl/3zVDTJiFrRbWKX
4FSenbfeezx3y3te5pqQRdrw3lSxgOlng4/6T0ugu5Ex
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:11:16 2025 by rpki-client