Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-kzgdQylSAqiCVniPfgi1LD3IBk.roa
File: 1-kzgdQylSAqiCVniPfgi1LD3IBk.roa (raw, json)
Hash identifier: a7xsKp6Ep90KbvDu3eBTsXgDU6wBllTZhZmO/mCyozI=
Subject key identifier: FA:4C:E0:75:0C:A5:48:0A:A2:09:59:E2:3D:F8:22:D4:B0:F7:20:19
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6B5FDD310B8F6D7093BD725DA2154
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-kzgdQylSAqiCVniPfgi1LD3IBk.roa
Signing time: Wed 01 Jan 2025 21:47:41 +0000
ROA not before: Wed 01 Jan 2025 21:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 89.43.141.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b5:fd:d3:10:b8:f6:d7:09:3b:d7:25:da:21:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa4ce0750ca5480aa20959e23df822d4b0f72019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7c:36:9f:4f:cb:4e:27:a5:91:b9:cc:f8:ed:
1e:35:23:cb:7d:52:ea:2f:99:fd:3e:98:bc:3a:b0:
59:9b:20:9a:1b:ff:d7:cd:a8:29:c9:3e:53:11:e9:
33:80:ad:94:9f:66:33:09:90:a4:c2:1a:db:99:4d:
30:3a:8c:b8:0a:1b:31:13:16:12:65:5e:b4:2b:62:
9f:3a:23:3b:74:36:d8:15:34:1b:58:eb:fb:08:db:
fb:7b:18:f4:5b:f5:82:b2:90:b1:e4:cb:40:51:3c:
9c:49:08:60:0d:26:c4:70:e5:98:ea:5d:66:df:d2:
f5:34:2d:9c:ff:ad:0b:74:4f:02:83:2b:a7:89:19:
72:84:ea:c3:a4:89:ea:d2:a5:7b:a7:ed:6f:48:33:
df:ab:34:c1:fc:d5:15:c5:cb:71:48:ca:bf:d4:b3:
8a:a7:11:8c:b1:7f:dc:69:dc:64:73:c8:be:b6:8d:
d3:3f:4a:e5:8f:9d:3b:3a:57:76:7c:dd:85:1b:ae:
39:31:1d:b6:6d:b3:96:b1:7a:b7:8f:46:ca:a2:32:
c3:af:73:02:f5:45:64:12:a2:92:1b:30:41:88:ce:
f0:9f:89:a3:10:59:a2:c5:4a:b1:34:d7:bf:f8:8b:
f6:cd:d3:65:e5:64:bc:db:08:44:0f:66:8b:69:14:
ff:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4C:E0:75:0C:A5:48:0A:A2:09:59:E2:3D:F8:22:D4:B0:F7:20:19
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-kzgdQylSAqiCVniPfgi1LD3IBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.141.0/24
Signature Algorithm: sha256WithRSAEncryption
47:d4:77:09:bf:41:ba:62:81:5f:a1:69:b4:34:e7:1c:82:07:
72:26:5a:3f:f7:d0:99:73:0b:1e:fb:16:c8:83:92:ae:93:b9:
43:a8:0a:67:09:28:6c:39:50:85:b2:fe:c9:f1:bf:f4:85:62:
50:be:13:4d:0e:98:e0:be:49:c1:de:f3:b3:ab:f6:14:49:74:
29:fa:c6:14:3c:60:d0:0f:bb:62:32:fc:13:18:b3:d3:fb:26:
d2:65:5b:07:59:ec:32:fd:69:b3:3b:61:f4:03:d2:b7:bc:85:
e8:ca:b9:74:65:1a:df:82:ee:e4:df:3b:07:9a:93:7a:b1:56:
6c:5c:aa:c0:e1:3e:a6:42:c1:27:9e:33:cd:11:3f:43:fc:88:
40:50:1b:be:8e:2b:15:a6:48:a1:21:cc:0b:ac:c8:2d:e6:c9:
05:67:0c:fe:d8:be:6d:2f:4c:87:0f:8e:23:dc:1f:9e:30:b6:
82:a3:d5:a0:6d:35:3b:8f:b6:ea:c2:47:c1:8c:40:0d:5b:df:
f3:de:0d:89:17:14:a3:4c:2b:86:26:fc:81:fe:ee:38:da:a7:
ed:e8:fe:71:7d:b6:0a:82:a1:ea:2a:5e:a7:c5:f4:a8:ca:9c:
6e:7a:b3:9d:e8:77:83:0e:be:16:3e:b9:a7:93:dd:d4:99:76:
11:bf:6e:6a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQj1rX90xC49tcJO9cl2iFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRjZTA3NTBjYTU0ODBhYTIwOTU5ZTIzZGY4MjJkNGIwZjcyMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3w2n0/LTielkbnM+O0eNSPLfVLq
L5n9Ppi8OrBZmyCaG//XzagpyT5TEekzgK2Un2YzCZCkwhrbmU0wOoy4ChsxExYS
ZV60K2KfOiM7dDbYFTQbWOv7CNv7exj0W/WCspCx5MtAUTycSQhgDSbEcOWY6l1m
39L1NC2c/60LdE8CgyuniRlyhOrDpInq0qV7p+1vSDPfqzTB/NUVxctxSMq/1LOK
pxGMsX/cadxkc8i+to3TP0rlj507Old2fN2FG645MR22bbOWsXq3j0bKojLDr3MC
9UVkEqKSGzBBiM7wn4mjEFmixUqxNNe/+Iv2zdNl5WS82whED2aLaRT/MQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpM4HUMpUgKoglZ4j34ItSw9yAZMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMS1remdkUXlsU0FxaUNWbmlQZmdpMUxEM0lCay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4Mjhj
My8xLzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkrjTAN
BgkqhkiG9w0BAQsFAAOCAQEAR9R3Cb9BumKBX6FptDTnHIIHciZaP/fQmXMLHvsW
yIOSrpO5Q6gKZwkobDlQhbL+yfG/9IViUL4TTQ6Y4L5Jwd7zs6v2FEl0KfrGFDxg
0A+7YjL8Exiz0/sm0mVbB1nsMv1pszth9APSt7yF6Mq5dGUa34Lu5N87B5qTerFW
bFyqwOE+pkLBJ54zzRE/Q/yIQFAbvo4rFaZIoSHMC6zILebJBWcM/ti+bS9Mhw+O
I9wfnjC2gqPVoG01O4+26sJHwYxADVvf894NiRcUo0wrhib8gf7uONqn7ej+cX22
CoKh6ipep8X0qMqcbnqzneh3gw6+Fj65p5Pd1Jl2Eb9uag==
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:38:44 2025 by rpki-client