Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3xK86EuR6MOiOdnd8Ox1rUit7wE.roa
File: 3xK86EuR6MOiOdnd8Ox1rUit7wE.roa (raw, json)
Hash identifier: tETjXIuQCvdWRuyPqSxKmEX3Y8HsRoE2t1/rzGYjjTc=
Subject key identifier: DF:12:BC:E8:4B:91:E8:C3:A2:39:D9:DD:F0:EC:75:AD:48:AD:EF:01
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01942369A12FCE255BEF855B51FE43905117
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3xK86EuR6MOiOdnd8Ox1rUit7wE.roa
Signing time: Wed 01 Jan 2025 19:48:32 +0000
ROA not before: Wed 01 Jan 2025 19:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51626
IP address blocks: 89.40.100.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:a1:2f:ce:25:5b:ef:85:5b:51:fe:43:90:51:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df12bce84b91e8c3a239d9ddf0ec75ad48adef01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3c:35:37:a2:a5:86:64:96:7e:4f:37:8b:31:
43:07:aa:66:a8:fc:72:27:63:b3:2a:16:1b:85:f5:
2c:c8:90:f5:d0:20:79:72:09:9f:15:a5:11:91:97:
45:2e:48:2f:c7:c0:9f:1a:06:38:8e:fa:11:73:da:
bd:17:52:af:54:1d:e5:05:37:13:97:a8:be:4a:fc:
0f:53:8f:e3:23:a4:fd:8a:e5:3c:00:0d:8f:9d:8b:
1c:e3:4f:31:0e:4d:78:1d:3e:a2:54:40:1b:40:97:
c4:bf:54:39:db:b7:c6:d4:20:f8:c2:fd:cb:05:a7:
41:c1:27:f3:cd:dd:a9:39:1c:12:2f:18:c8:05:16:
25:ce:ff:2a:ca:05:63:e2:ef:60:fb:a5:bb:2c:c7:
cf:ff:e6:99:e2:19:73:31:29:9d:b4:9b:2e:11:22:
ae:5e:51:54:b8:82:c8:70:3b:69:9c:67:4f:67:2b:
c7:da:f8:21:4b:33:1b:a2:3d:e6:0c:f3:48:d7:7e:
a6:27:16:41:ed:63:b6:f2:c5:60:17:7f:8a:04:86:
b8:a1:f7:34:c9:41:02:e6:b4:73:60:03:f8:a1:0d:
c0:3a:82:c4:0c:5d:ab:f9:51:bc:11:c9:68:2f:1e:
4e:51:69:ba:3d:d6:a1:dc:f1:bb:18:e7:ea:94:13:
f7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:12:BC:E8:4B:91:E8:C3:A2:39:D9:DD:F0:EC:75:AD:48:AD:EF:01
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3xK86EuR6MOiOdnd8Ox1rUit7wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.100.0/22
Signature Algorithm: sha256WithRSAEncryption
19:6e:f5:f5:de:2e:de:e4:da:de:44:72:53:5a:64:71:1f:95:
2f:92:39:e0:50:44:d9:9b:9c:45:96:0a:4b:10:ed:22:1a:1b:
53:3f:e8:b3:2d:ea:92:d4:a0:ec:b1:40:7e:d9:c7:8c:b5:ab:
71:4d:91:a9:14:c3:81:79:f0:85:29:91:c7:4b:15:37:98:e4:
10:28:8a:8c:03:ac:25:57:06:bc:d0:1e:92:a7:9c:8f:d8:4d:
7d:51:2b:92:74:13:24:b5:1f:da:d8:4d:42:c6:b7:d2:bd:86:
ce:12:12:72:3b:e2:e0:fa:4a:1f:72:94:b3:a8:3f:ec:9c:9c:
bf:9c:30:a2:de:ad:d1:b9:20:94:94:65:6f:03:95:42:77:f9:
87:00:96:ca:6c:c7:27:12:d3:b2:54:38:17:d9:a1:af:2a:97:
d1:68:c8:0b:95:73:51:f3:c1:a0:26:2e:13:6b:19:a7:0e:d5:
ff:55:18:33:72:ca:cb:43:8f:86:7a:75:be:0c:dd:a8:8d:17:
2b:2d:15:6d:d8:2b:51:f0:e4:37:ba:cb:87:a7:31:d6:82:c2:
ae:0a:0d:d9:6a:f2:c7:bd:54:58:05:7d:51:26:7e:65:b8:3c:
1e:5d:93:27:a2:09:d1:94:c2:ff:9e:76:8e:c4:30:d2:67:53:
fe:36:7e:42
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjaaEvziVb74VbUf5DkFEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjEyYmNlODRiOTFlOGMzYTIzOWQ5ZGRmMGVjNzVhZDQ4YWRlZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDw1N6KlhmSWfk83izFDB6pmqPxy
J2OzKhYbhfUsyJD10CB5cgmfFaURkZdFLkgvx8CfGgY4jvoRc9q9F1KvVB3lBTcT
l6i+SvwPU4/jI6T9iuU8AA2PnYsc408xDk14HT6iVEAbQJfEv1Q527fG1CD4wv3L
BadBwSfzzd2pORwSLxjIBRYlzv8qygVj4u9g+6W7LMfP/+aZ4hlzMSmdtJsuESKu
XlFUuILIcDtpnGdPZyvH2vghSzMboj3mDPNI136mJxZB7WO28sVgF3+KBIa4ofc0
yUEC5rRzYAP4oQ3AOoLEDF2r+VG8EcloLx5OUWm6Pdah3PG7GOfqlBP3AwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFN8SvOhLkejDojnZ3fDsda1Ire8BMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzN4Szg2RXVSNk1PaU9kbmQ4T3gxclVpdDd3RS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJZKGQw
DQYJKoZIhvcNAQELBQADggEBABlu9fXeLt7k2t5EclNaZHEflS+SOeBQRNmbnEWW
CksQ7SIaG1M/6LMt6pLUoOyxQH7Zx4y1q3FNkakUw4F58IUpkcdLFTeY5BAoiowD
rCVXBrzQHpKnnI/YTX1RK5J0EyS1H9rYTULGt9K9hs4SEnI74uD6Sh9ylLOoP+yc
nL+cMKLerdG5IJSUZW8DlUJ3+YcAlspsxycS07JUOBfZoa8ql9FoyAuVc1HzwaAm
LhNrGacO1f9VGDNyystDj4Z6db4M3aiNFystFW3YK1Hw5De6y4enMdaCwq4KDdlq
8se9VFgFfVEmfmW4PB5dkyeiCdGUwv+edo7EMNJnU/42fkI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:28 2025 by rpki-client