Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1fe4dd-91b0-42b8-b5d6-1637c7681720/1/3j3xxGLb6PIviXeX0LunhtrjyfE.roa
File: 3j3xxGLb6PIviXeX0LunhtrjyfE.roa (raw, json)
Hash identifier: iS6KO2OO+OzoYsaELIdSpk2XyIUYG4i7/Ktnjl5eAYk=
Subject key identifier: DE:3D:F1:C4:62:DB:E8:F2:2F:89:77:97:D0:BB:A7:86:DA:E3:C9:F1
Certificate issuer: /CN=bb09489b611085b902f15b78e597ba914337acf5
Certificate serial: 0187B7333DDA45B27C29BEA9351B90F328B2
Authority key identifier: BB:09:48:9B:61:10:85:B9:02:F1:5B:78:E5:97:BA:91:43:37:AC:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uwlIm2EQhbkC8Vt45Ze6kUM3rPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1fe4dd-91b0-42b8-b5d6-1637c7681720/1/3j3xxGLb6PIviXeX0LunhtrjyfE.roa
Signing time: Tue 25 Apr 2023 06:56:41 +0000
ROA not before: Tue 25 Apr 2023 06:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44286
IP address blocks: 89.207.144.0/22 maxlen: 24
89.207.144.0/21 maxlen: 24
2a02:2410::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:33:3d:da:45:b2:7c:29:be:a9:35:1b:90:f3:28:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb09489b611085b902f15b78e597ba914337acf5
Validity
Not Before: Apr 25 06:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de3df1c462dbe8f22f897797d0bba786dae3c9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:51:78:fb:8d:90:2e:d7:87:cf:11:a6:51:4f:
b0:67:f0:c1:4d:17:9d:aa:56:6b:c5:e6:f8:8b:1a:
c6:1b:cb:80:2b:12:ea:54:83:53:1b:b5:b9:0d:7a:
92:77:34:71:9c:7c:f8:2c:94:a3:00:a3:1e:4f:2a:
ea:e6:11:0f:ce:98:59:e4:1d:0c:0d:ef:5f:76:60:
c6:c1:16:45:ee:73:8f:0f:e4:46:69:91:63:57:e8:
00:d9:6a:57:81:0b:4b:3a:be:54:9d:24:2b:ce:7d:
b5:ca:dd:de:52:08:5b:c3:67:57:1a:1f:2b:54:d0:
44:14:78:a7:b9:c0:33:40:42:84:5a:78:78:d7:c1:
a9:2e:1c:dc:65:63:fc:60:cb:7a:aa:67:21:8b:8f:
65:9d:ce:5c:ee:68:b3:8c:05:f2:58:1b:08:e3:20:
85:5d:89:fc:84:45:ea:34:7b:5c:35:dd:d5:57:fe:
d9:78:4d:81:21:a1:de:24:e7:b4:46:ef:c5:51:d3:
d6:ea:3a:67:cc:71:4f:0a:7a:b7:4b:5f:30:55:06:
4a:d0:a2:9e:b0:85:5f:95:13:43:ca:50:58:4b:69:
75:3d:85:2e:b4:fc:eb:ab:25:b8:54:04:39:57:18:
91:ee:91:fc:89:71:7f:98:29:09:f9:a1:0d:04:71:
12:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:3D:F1:C4:62:DB:E8:F2:2F:89:77:97:D0:BB:A7:86:DA:E3:C9:F1
X509v3 Authority Key Identifier:
keyid:BB:09:48:9B:61:10:85:B9:02:F1:5B:78:E5:97:BA:91:43:37:AC:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uwlIm2EQhbkC8Vt45Ze6kUM3rPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1fe4dd-91b0-42b8-b5d6-1637c7681720/1/3j3xxGLb6PIviXeX0LunhtrjyfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1fe4dd-91b0-42b8-b5d6-1637c7681720/1/uwlIm2EQhbkC8Vt45Ze6kUM3rPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.144.0/21
IPv6:
2a02:2410::/32
Signature Algorithm: sha256WithRSAEncryption
5e:76:9d:71:6b:3f:9a:75:3c:e4:a6:7d:df:21:3c:90:ea:87:
3d:78:88:c5:3b:09:b8:38:39:a5:0d:ca:54:b3:8e:8c:e3:ef:
e5:f8:d7:91:0f:3c:6f:d0:2d:83:35:32:e7:9c:c8:11:a3:05:
68:02:c9:58:3e:fe:2c:b3:b3:e8:5d:98:56:c0:b7:cb:fb:bf:
2f:cf:2a:96:70:3a:05:91:1c:e7:0c:7c:83:d2:11:06:91:4b:
58:f2:99:23:79:45:48:04:02:06:e6:a5:58:0e:f4:04:5c:1e:
6f:e6:79:61:31:4a:33:79:dc:98:8f:33:b8:a7:9d:9b:df:50:
16:4d:12:06:5e:01:2e:a0:65:5d:3a:44:f6:29:9c:0e:cd:8f:
e1:6c:e8:b5:fd:88:1d:d7:e2:ec:b8:95:8c:4d:76:e6:f5:d1:
72:a6:33:2b:76:8c:cc:ef:42:3b:6d:65:2c:cb:e5:8f:e4:42:
3c:40:30:cd:df:b2:ea:3c:1b:64:a6:e8:0c:07:c5:ad:85:a3:
c6:ab:b3:56:aa:0c:22:66:a0:ec:2f:8e:99:76:a1:9b:38:6f:
cd:04:41:20:33:5a:8a:f6:ed:57:06:9c:12:35:61:87:7f:72:
16:07:dd:3e:fe:61:db:84:10:4c:1c:cf:2a:3c:13:b7:af:1b:
ad:da:68:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYe3Mz3aRbJ8Kb6pNRuQ8yiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMDk0ODliNjExMDg1YjkwMmYxNWI3OGU1OTdiYTkxNDMz
N2FjZjUwHhcNMjMwNDI1MDY1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTNkZjFjNDYyZGJlOGYyMmY4OTc3OTdkMGJiYTc4NmRhZTNjOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolF4+42QLteHzxGmUU+wZ/DBTRed
qlZrxeb4ixrGG8uAKxLqVINTG7W5DXqSdzRxnHz4LJSjAKMeTyrq5hEPzphZ5B0M
De9fdmDGwRZF7nOPD+RGaZFjV+gA2WpXgQtLOr5UnSQrzn21yt3eUghbw2dXGh8r
VNBEFHinucAzQEKEWnh418GpLhzcZWP8YMt6qmchi49lnc5c7mizjAXyWBsI4yCF
XYn8hEXqNHtcNd3VV/7ZeE2BIaHeJOe0Ru/FUdPW6jpnzHFPCnq3S18wVQZK0KKe
sIVflRNDylBYS2l1PYUutPzrqyW4VAQ5VxiR7pH8iXF/mCkJ+aENBHESEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN498cRi2+jyL4l3l9C7p4ba48nxMB8GA1UdIwQY
MBaAFLsJSJthEIW5AvFbeOWXupFDN6z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXdsSW0yRVFoYmtDOFZ0NDVaZTZrVU0zclBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xZmU0ZGQtOTFiMC00MmI4LWI1ZDYt
MTYzN2M3NjgxNzIwLzEvM2ozeHhHTGI2UEl2aVhlWDBMdW5odHJqeWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xZmU0ZGQtOTFiMC00MmI4LWI1ZDYtMTYzN2M3NjgxNzIw
LzEvdXdsSW0yRVFoYmtDOFZ0NDVaZTZrVU0zclBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWc+QMA0E
AgACMAcDBQAqAiQQMA0GCSqGSIb3DQEBCwUAA4IBAQBedp1xaz+adTzkpn3fITyQ
6oc9eIjFOwm4ODmlDcpUs46M4+/l+NeRDzxv0C2DNTLnnMgRowVoAslYPv4ss7Po
XZhWwLfL+78vzyqWcDoFkRznDHyD0hEGkUtY8pkjeUVIBAIG5qVYDvQEXB5v5nlh
MUozedyYjzO4p52b31AWTRIGXgEuoGVdOkT2KZwOzY/hbOi1/Ygd1+LsuJWMTXbm
9dFypjMrdozM70I7bWUsy+WP5EI8QDDN37LqPBtkpugMB8WthaPGq7NWqgwiZqDs
L46ZdqGbOG/NBEEgM1qK9u1XBpwSNWGHf3IWB90+/mHbhBBMHM8qPBO3rxut2mgo
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:34:07 2025 by rpki-client