Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U0vDLCDVd4st8TFoWl0uFdoxos8.roa
File: U0vDLCDVd4st8TFoWl0uFdoxos8.roa (raw, json)
Hash identifier: dLgXsqCnkrrPq2oDZxrgqssLzLXSeqEKcso/lL+XtH4=
Subject key identifier: 53:4B:C3:2C:20:D5:77:8B:2D:F1:31:68:5A:5D:2E:15:DA:31:A2:CF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01954D0E0915C06DAD99594DABD719A36D2F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U0vDLCDVd4st8TFoWl0uFdoxos8.roa
Signing time: Fri 28 Feb 2025 14:55:20 +0000
ROA not before: Fri 28 Feb 2025 14:55:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 89.213.217.0/24 maxlen: 24
89.213.220.0/24 maxlen: 24
89.213.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:0e:09:15:c0:6d:ad:99:59:4d:ab:d7:19:a3:6d:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 28 14:55:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=534bc32c20d5778b2df131685a5d2e15da31a2cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:43:b3:2e:c4:57:e5:6d:4a:6a:b0:1a:05:9f:
23:5e:fe:c3:2b:1b:f4:80:f7:97:26:c5:c2:58:b0:
9b:c8:be:d4:69:ed:a6:29:f9:80:23:6b:3e:6a:49:
9c:22:2c:a3:6e:a0:7d:2e:e1:7e:e8:f0:fc:5f:56:
58:36:2c:56:f5:96:80:ae:5f:62:12:b5:3b:88:39:
38:7c:7d:89:dc:3f:c6:5c:36:70:e4:e3:8c:c2:55:
0c:44:79:39:a9:b0:6d:28:46:06:0b:f1:e2:a1:41:
ce:73:21:e6:be:77:31:81:e3:4e:cf:4d:b8:f7:93:
82:fc:17:42:b6:5f:75:f7:b8:d8:30:67:f7:48:28:
88:57:bc:89:05:b2:93:d0:5d:06:56:91:d2:4b:74:
02:63:0d:b8:5f:32:7b:ec:8a:d2:d3:8e:ed:94:71:
98:64:82:61:dd:e9:33:50:68:1e:e3:d1:0f:c9:28:
f8:a8:41:39:3c:64:f0:fd:70:a7:ac:5d:55:7e:f4:
ad:51:0b:44:2d:33:7c:e0:b6:4e:44:51:c5:69:2c:
c3:7b:8e:07:dd:62:79:c4:39:55:a0:a8:81:0f:9f:
1b:74:b7:9e:85:d0:ea:0a:6a:73:d2:38:5d:4c:99:
42:4c:21:7e:98:60:68:f4:59:bd:12:e6:47:5f:5a:
8f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4B:C3:2C:20:D5:77:8B:2D:F1:31:68:5A:5D:2E:15:DA:31:A2:CF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U0vDLCDVd4st8TFoWl0uFdoxos8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.217.0/24
89.213.220.0/24
89.213.222.0/24
Signature Algorithm: sha256WithRSAEncryption
97:7d:18:f4:ed:5d:ec:c8:11:bb:78:a7:d5:3c:92:37:ac:61:
4a:78:8b:b0:89:30:22:f2:aa:61:26:ab:91:19:3d:42:90:1b:
0c:f6:e7:48:84:8d:26:a6:f7:9c:2c:82:60:5a:1b:34:cd:c7:
91:48:aa:ea:6a:0d:e4:96:16:cb:45:ce:83:58:b8:9e:06:a4:
29:fc:4b:de:70:7f:93:ee:f6:19:1f:89:c0:33:b3:46:55:fc:
df:d9:7d:94:59:69:5d:38:54:53:98:21:e4:8b:b0:a0:4a:b0:
64:bc:13:f7:19:72:4a:01:35:02:9e:1d:d0:4d:28:b5:c7:b7:
17:ce:b9:1d:07:5f:30:72:91:98:e2:c8:17:59:d5:a6:fe:62:
69:e9:d8:dc:79:dc:8e:fa:1b:78:52:88:69:49:7f:11:8a:e5:
8c:b6:5e:6a:14:94:a5:1f:9d:13:c9:8c:a2:10:17:af:82:29:
1e:4e:1c:3b:1f:b7:1a:2d:a9:d3:8e:40:60:f4:b4:53:29:74:
13:39:31:0d:d7:53:79:0d:51:f7:68:4e:4d:c9:30:42:82:ee:
76:fb:eb:79:14:43:7d:75:d8:e8:16:32:73:bc:fe:26:a4:32:
db:44:43:14:87:d3:a0:8f:17:14:0b:83:d2:9e:59:8f:55:a8:
5d:b2:3e:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVNDgkVwG2tmVlNq9cZo20vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjI4MTQ1NTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzRiYzMyYzIwZDU3NzhiMmRmMTMxNjg1YTVkMmUxNWRhMzFhMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8UOzLsRX5W1KarAaBZ8jXv7DKxv0
gPeXJsXCWLCbyL7Uae2mKfmAI2s+akmcIiyjbqB9LuF+6PD8X1ZYNixW9ZaArl9i
ErU7iDk4fH2J3D/GXDZw5OOMwlUMRHk5qbBtKEYGC/HioUHOcyHmvncxgeNOz024
95OC/BdCtl9197jYMGf3SCiIV7yJBbKT0F0GVpHSS3QCYw24XzJ77IrS047tlHGY
ZIJh3ekzUGge49EPySj4qEE5PGTw/XCnrF1VfvStUQtELTN84LZORFHFaSzDe44H
3WJ5xDlVoKiBD58bdLeehdDqCmpz0jhdTJlCTCF+mGBo9Fm9EuZHX1qPGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFNLwywg1XeLLfExaFpdLhXaMaLPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVTB2RExDRFZkNHN0OFRGb1dsMHVGZG94b3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdXZAwQA
WdXcAwQAWdXeMA0GCSqGSIb3DQEBCwUAA4IBAQCXfRj07V3syBG7eKfVPJI3rGFK
eIuwiTAi8qphJquRGT1CkBsM9udIhI0mpvecLIJgWhs0zceRSKrqag3klhbLRc6D
WLieBqQp/EvecH+T7vYZH4nAM7NGVfzf2X2UWWldOFRTmCHki7CgSrBkvBP3GXJK
ATUCnh3QTSi1x7cXzrkdB18wcpGY4sgXWdWm/mJp6djcedyO+ht4UohpSX8RiuWM
tl5qFJSlH50TyYyiEBevgikeThw7H7caLanTjkBg9LRTKXQTOTEN11N5DVH3aE5N
yTBCgu52++t5FEN9ddjoFjJzvP4mpDLbREMUh9OgjxcUC4PSnlmPVahdsj4Q
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:24:18 2025 by rpki-client