Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oEp06u7sg-W0Qp0mFu0bU-PM2Z0.roa
File: oEp06u7sg-W0Qp0mFu0bU-PM2Z0.roa (raw, json)
Hash identifier: zfDZBFCERU6DUvJodbvd7uj6h+REo7bGaSGcvyUXo2M=
Subject key identifier: A0:4A:74:EA:EE:EC:83:E5:B4:42:9D:26:16:ED:1B:53:E3:CC:D9:9D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019590AC605091E924B7AE57E5FDDA1F7DAC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oEp06u7sg-W0Qp0mFu0bU-PM2Z0.roa
Signing time: Thu 13 Mar 2025 18:02:50 +0000
ROA not before: Thu 13 Mar 2025 18:02:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197537
IP address blocks: 89.213.206.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:90:ac:60:50:91:e9:24:b7:ae:57:e5:fd:da:1f:7d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 13 18:02:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a04a74eaeeec83e5b4429d2616ed1b53e3ccd99d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:93:1b:c5:e7:7e:ad:8e:50:c0:ab:94:e1:29:
39:7b:72:df:20:c2:b0:23:b1:f6:e7:c7:a8:5e:6d:
f7:7e:d4:53:7f:15:a4:f4:b7:81:dc:e0:5a:83:3a:
b6:50:0b:d9:08:57:b7:6e:f8:19:80:f1:2f:e1:63:
40:8a:69:f5:2f:df:fc:9e:5c:94:89:a5:fe:b1:9e:
60:a0:a6:63:2d:1e:ba:d5:be:ad:1d:3d:98:98:2f:
79:d6:60:05:39:20:6d:da:c7:24:eb:15:f3:68:a7:
0c:84:7e:cb:7a:a3:9b:62:5f:c7:e2:e5:2d:8a:59:
e3:1a:a9:f3:4a:48:65:0c:14:84:54:0e:32:d8:92:
fd:a8:72:94:8b:88:b8:9e:bb:b5:c7:50:95:21:19:
3e:9f:63:bb:09:0b:76:2b:55:7a:50:4e:c5:5e:1c:
69:48:ed:e5:5a:e3:c3:86:01:42:37:bd:49:68:70:
fc:1d:e5:4a:d4:1b:0e:ee:20:ea:0c:08:98:4a:75:
df:d1:91:3f:4d:9d:db:b0:1b:af:ce:c9:c1:6f:28:
f7:00:27:29:8b:f9:f8:2e:d8:3f:de:ad:e1:fe:91:
93:22:b0:44:df:c1:60:e9:7b:18:eb:c9:ec:e9:e7:
0a:cb:7a:a1:a6:06:e9:4f:6c:4b:98:9a:2b:6e:88:
ea:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4A:74:EA:EE:EC:83:E5:B4:42:9D:26:16:ED:1B:53:E3:CC:D9:9D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oEp06u7sg-W0Qp0mFu0bU-PM2Z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.206.0/23
Signature Algorithm: sha256WithRSAEncryption
49:d3:2f:f5:22:9d:74:85:eb:e9:52:a2:07:2f:25:15:c1:da:
48:b2:91:c1:8c:85:e1:98:ce:83:71:ab:f0:8a:2f:2d:2d:57:
15:dc:de:a2:68:6c:03:99:c1:51:6b:8c:f8:fc:b6:ab:28:70:
77:81:a3:21:e8:50:e6:75:20:49:76:37:85:a0:c7:68:1e:ec:
c1:86:96:51:b4:49:96:55:07:8c:d6:aa:d4:8a:2a:da:6f:4e:
4b:e8:a1:38:ef:0d:61:47:4a:e5:d2:da:f8:42:89:07:fd:01:
86:5c:3b:3c:15:4d:ab:d6:d7:77:17:eb:c7:14:8c:60:89:14:
01:4e:e9:36:9b:d2:48:4c:22:21:d3:20:83:33:fe:4c:00:f5:
23:95:59:2c:54:9e:5b:53:ad:10:77:9a:13:79:1f:aa:cc:90:
57:45:80:e6:29:32:89:d4:fc:6a:de:65:3f:f6:21:e7:e4:49:
65:77:c2:e9:92:02:c2:c8:4c:c0:2a:69:ce:16:63:b1:58:40:
85:63:0a:d6:0f:b9:f5:bb:79:b7:b5:b4:4c:9b:fb:61:85:6e:
aa:40:98:e3:aa:60:4b:37:b0:59:89:96:9d:bb:ed:cd:48:fb:
13:2a:e9:95:e7:12:3d:7f:fa:c7:c6:7e:6b:63:77:be:23:d0:
2e:ad:0a:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWQrGBQkekkt65X5f3aH32sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMzEzMTgwMjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDRhNzRlYWVlZWM4M2U1YjQ0MjlkMjYxNmVkMWI1M2UzY2NkOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJMbxed+rY5QwKuU4Sk5e3LfIMKw
I7H258eoXm33ftRTfxWk9LeB3OBagzq2UAvZCFe3bvgZgPEv4WNAimn1L9/8nlyU
iaX+sZ5goKZjLR661b6tHT2YmC951mAFOSBt2sck6xXzaKcMhH7LeqObYl/H4uUt
ilnjGqnzSkhlDBSEVA4y2JL9qHKUi4i4nru1x1CVIRk+n2O7CQt2K1V6UE7FXhxp
SO3lWuPDhgFCN71JaHD8HeVK1BsO7iDqDAiYSnXf0ZE/TZ3bsBuvzsnBbyj3ACcp
i/n4Ltg/3q3h/pGTIrBE38Fg6XsY68ns6ecKy3qhpgbpT2xLmJorbojq/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBKdOru7IPltEKdJhbtG1PjzNmdMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb0VwMDZ1N3NnLVcwUXAwbUZ1MGJVLVBNMlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWdXOMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ0y/1Ip10hevpUqIHLyUVwdpIspHBjIXhmM6Dcavw
ii8tLVcV3N6iaGwDmcFRa4z4/LarKHB3gaMh6FDmdSBJdjeFoMdoHuzBhpZRtEmW
VQeM1qrUiirab05L6KE47w1hR0rl0tr4QokH/QGGXDs8FU2r1td3F+vHFIxgiRQB
Tuk2m9JITCIh0yCDM/5MAPUjlVksVJ5bU60Qd5oTeR+qzJBXRYDmKTKJ1Pxq3mU/
9iHn5Elld8LpkgLCyEzAKmnOFmOxWECFYwrWD7n1u3m3tbRMm/thhW6qQJjjqmBL
N7BZiZadu+3NSPsTKumV5xI9f/rHxn5rY3e+I9AurQrD
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:03:45 2025 by rpki-client