Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/cBFi45ZytFKgnNo2imsLe1_V7q8.roa
File: cBFi45ZytFKgnNo2imsLe1_V7q8.roa (raw, json)
Hash identifier: r9FtBlSO2l8QxP7DU1HrwjHWsN6WkSKa/BKGiXhnmRk=
Subject key identifier: 70:11:62:E3:96:72:B4:52:A0:9C:DA:36:8A:6B:0B:7B:5F:D5:EE:AF
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 019427B5CD3DA886AAA69E2B3F917E6C8314
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/cBFi45ZytFKgnNo2imsLe1_V7q8.roa
Signing time: Thu 02 Jan 2025 15:50:13 +0000
ROA not before: Thu 02 Jan 2025 15:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214036
IP address blocks: 89.187.25.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:cd:3d:a8:86:aa:a6:9e:2b:3f:91:7e:6c:83:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Jan 2 15:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=701162e39672b452a09cda368a6b0b7b5fd5eeaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8d:6d:af:32:3a:37:db:dd:e6:c3:9d:ec:9b:
4d:fa:bd:db:e4:c7:c0:95:30:92:23:16:3c:04:71:
c7:cb:98:34:fc:5d:fa:68:90:b4:16:6f:1c:90:54:
1c:b6:33:66:4b:c7:63:af:fd:0e:82:0c:7d:6f:c5:
90:84:42:12:41:25:c3:46:0f:d9:b8:3a:ef:32:1a:
f4:db:54:43:db:dc:fc:98:f2:82:2f:52:b5:63:70:
b5:7f:1d:c2:ea:84:ab:7e:89:e8:02:0a:48:84:6d:
6b:54:13:3e:aa:fe:52:82:ef:ce:4c:f9:7b:44:ed:
ad:91:7c:16:31:b3:a9:39:90:fa:81:4e:fa:a9:1b:
52:4b:95:37:21:e9:12:cd:2f:9b:10:87:6a:e9:ba:
6c:bd:aa:b1:1b:6b:fc:95:66:34:40:20:ab:96:e8:
f9:b4:fa:e1:bb:e8:74:41:aa:90:77:83:09:9d:0b:
07:39:ca:c2:fe:58:f8:9b:5a:30:1f:14:49:e2:91:
c8:5d:5c:a3:db:e7:d1:19:ca:8a:c3:b8:d4:b5:d9:
61:4c:90:f2:8d:ac:91:2e:48:92:3b:d1:30:4e:a2:
2b:8f:a2:ef:29:ed:d0:72:77:8f:86:c8:c8:12:1e:
37:5a:1b:62:dc:95:fe:81:09:ab:74:2b:cf:ee:06:
c4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:11:62:E3:96:72:B4:52:A0:9C:DA:36:8A:6B:0B:7B:5F:D5:EE:AF
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/cBFi45ZytFKgnNo2imsLe1_V7q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.25.0/24
Signature Algorithm: sha256WithRSAEncryption
88:d7:ca:30:64:fd:d9:31:e9:8b:d5:11:07:d8:8a:0e:91:46:
e6:3b:33:f8:07:a0:fb:2c:28:c2:ee:15:2c:f9:36:88:7b:10:
27:0c:51:86:5b:7f:39:c1:ee:a8:01:fb:a5:1e:41:5b:2a:23:
31:b2:02:dc:cc:18:32:5e:41:a7:63:8f:ea:45:3f:ab:7f:d5:
dd:27:60:f9:4e:2d:2c:55:23:d9:c0:e7:99:43:23:2d:8b:98:
95:a1:29:04:26:68:1f:40:fd:9e:9f:40:62:8f:ac:59:88:89:
70:5f:15:ef:37:c7:be:a4:42:43:40:14:98:a4:bc:3a:15:6f:
f8:f7:39:2c:10:97:3d:e5:22:8c:cc:bb:47:aa:dd:6f:80:2b:
7d:28:6f:86:58:e0:96:34:04:83:c9:cb:6e:26:25:ce:5c:82:
90:6f:f6:55:5a:5b:2e:cd:b7:8b:cc:57:7f:1d:1e:17:37:3d:
0f:4c:f9:3e:73:cb:79:ac:80:9a:92:d4:10:05:51:81:db:da:
80:6b:e3:6d:6a:a9:1b:b9:23:33:43:07:75:63:67:04:77:00:
77:cd:bf:65:4b:96:55:ae:d8:a5:3d:56:86:ae:09:d4:7f:77:
99:6d:f8:4d:69:a5:55:29:bf:9a:67:cf:c9:24:06:57:fa:4f:
ec:0c:61:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntc09qIaqpp4rP5F+bIMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjUwMTAyMTU1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDExNjJlMzk2NzJiNDUyYTA5Y2RhMzY4YTZiMGI3YjVmZDVlZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA141trzI6N9vd5sOd7JtN+r3b5MfA
lTCSIxY8BHHHy5g0/F36aJC0Fm8ckFQctjNmS8djr/0Oggx9b8WQhEISQSXDRg/Z
uDrvMhr021RD29z8mPKCL1K1Y3C1fx3C6oSrfonoAgpIhG1rVBM+qv5Sgu/OTPl7
RO2tkXwWMbOpOZD6gU76qRtSS5U3IekSzS+bEIdq6bpsvaqxG2v8lWY0QCCrluj5
tPrhu+h0QaqQd4MJnQsHOcrC/lj4m1owHxRJ4pHIXVyj2+fRGcqKw7jUtdlhTJDy
jayRLkiSO9EwTqIrj6LvKe3QcnePhsjIEh43Whti3JX+gQmrdCvP7gbEKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHARYuOWcrRSoJzaNoprC3tf1e6vMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvY0JGaTQ1Wnl0Rktnbk5vMmltc0xlMV9WN3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbsZMA0G
CSqGSIb3DQEBCwUAA4IBAQCI18owZP3ZMemL1REH2IoOkUbmOzP4B6D7LCjC7hUs
+TaIexAnDFGGW385we6oAfulHkFbKiMxsgLczBgyXkGnY4/qRT+rf9XdJ2D5Ti0s
VSPZwOeZQyMti5iVoSkEJmgfQP2en0Bij6xZiIlwXxXvN8e+pEJDQBSYpLw6FW/4
9zksEJc95SKMzLtHqt1vgCt9KG+GWOCWNASDyctuJiXOXIKQb/ZVWlsuzbeLzFd/
HR4XNz0PTPk+c8t5rICaktQQBVGB29qAa+NtaqkbuSMzQwd1Y2cEdwB3zb9lS5ZV
rtilPVaGrgnUf3eZbfhNaaVVKb+aZ8/JJAZX+k/sDGHC
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:57:37 2025 by rpki-client