Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/27Mes4ZqFmyIEI0z5xJqwUPyBEA.roa
File: 27Mes4ZqFmyIEI0z5xJqwUPyBEA.roa (raw, json)
Hash identifier: 2z9pZ0LhOIKRzfr00sV30BLl8sibkOx2mJHx2e308DI=
Subject key identifier: DB:B3:1E:B3:86:6A:16:6C:88:10:8D:33:E7:12:6A:C1:43:F2:04:40
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01948E59558879A71CDF12460E0EA40FDD5D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/27Mes4ZqFmyIEI0z5xJqwUPyBEA.roa
Signing time: Wed 22 Jan 2025 14:10:06 +0000
ROA not before: Wed 22 Jan 2025 14:10:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8e:59:55:88:79:a7:1c:df:12:46:0e:0e:a4:0f:dd:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 22 14:10:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbb31eb3866a166c88108d33e7126ac143f20440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f5:c9:f3:49:84:99:bc:f9:70:41:c7:92:1d:
10:55:3a:e3:5a:ba:cb:d9:cc:b5:f4:a2:44:98:00:
d5:5a:e7:d5:d2:45:d5:48:53:95:81:36:91:e8:59:
41:69:db:3c:4b:b1:58:1f:b6:7d:08:6c:a6:53:33:
e5:e9:34:93:3e:81:1e:83:94:bb:00:31:9a:55:e2:
d4:6c:f7:8c:17:29:23:5e:23:ba:e7:1a:7f:ba:86:
49:1e:35:a9:75:6a:4c:b3:28:d8:bc:9e:b0:74:39:
8d:e3:c0:a4:42:8a:23:3f:0a:ea:03:4e:bf:f3:b1:
5a:8e:33:04:95:96:82:df:71:62:8e:cf:a9:73:c6:
ae:25:cd:62:df:8f:dc:a2:e7:30:ef:83:fd:d0:a1:
6e:5c:88:89:a2:41:24:13:fa:23:b3:83:54:77:81:
ce:27:e8:63:de:8f:32:9e:de:36:69:a3:94:50:be:
51:28:63:f5:32:06:ab:d4:23:0f:cf:a9:3c:79:42:
56:57:e0:cc:bb:89:b6:86:06:37:11:33:ca:98:d8:
e3:74:be:ad:70:48:46:9c:a3:7d:bb:35:25:51:85:
fb:e8:61:94:91:ae:ea:f2:8d:23:16:e6:3d:29:8c:
5f:7e:cc:05:f8:93:d1:96:f9:36:b7:6b:89:15:0a:
5a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:B3:1E:B3:86:6A:16:6C:88:10:8D:33:E7:12:6A:C1:43:F2:04:40
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/27Mes4ZqFmyIEI0z5xJqwUPyBEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
Signature Algorithm: sha256WithRSAEncryption
4d:fc:ba:40:f9:21:09:27:9e:ef:77:e0:86:f8:46:50:dd:0d:
8e:1a:e1:74:f1:7f:a1:bd:ae:be:be:9f:cd:bc:c0:a6:0d:99:
ba:15:40:0b:91:d5:4d:93:42:d9:8f:18:f8:cf:e1:f1:9d:48:
59:7d:e6:59:49:6f:64:f6:65:b4:ca:c2:40:bf:d3:e7:d4:35:
9d:d4:0f:08:dc:2f:11:23:56:db:bd:82:c5:13:ec:29:da:cc:
ce:38:32:8e:38:79:d4:2f:f1:2b:dc:d6:d7:9b:6b:a7:33:19:
d4:0d:04:68:44:de:e1:f6:88:11:0f:84:c6:2c:04:5c:8c:97:
47:7a:79:e8:33:86:bd:9b:d6:70:f4:02:d4:2f:c2:81:45:a2:
a0:94:78:33:d4:05:66:87:52:3c:71:b4:74:8e:10:95:c2:ba:
1e:7f:29:65:62:f3:c5:c9:fc:25:01:b7:1b:a4:30:dc:de:33:
60:03:bc:6f:02:41:29:84:a8:14:70:bf:ac:26:bf:4f:52:64:
47:08:5c:51:b6:ee:b4:48:b8:aa:26:70:71:de:56:ea:33:4b:
1e:15:16:f8:45:7b:cc:6d:93:a7:a0:b9:18:c2:e3:6e:dc:89:
04:7c:2b:82:10:d6:37:64:2b:70:d6:4d:79:7a:0f:2b:e8:16:
83:aa:5c:fd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZSOWVWIeacc3xJGDg6kD91dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTIyMTQxMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmIzMWViMzg2NmExNjZjODgxMDhkMzNlNzEyNmFjMTQzZjIwNDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/XJ80mEmbz5cEHHkh0QVTrjWrrL
2cy19KJEmADVWufV0kXVSFOVgTaR6FlBads8S7FYH7Z9CGymUzPl6TSTPoEeg5S7
ADGaVeLUbPeMFykjXiO65xp/uoZJHjWpdWpMsyjYvJ6wdDmN48CkQoojPwrqA06/
87FajjMElZaC33Fijs+pc8auJc1i34/coucw74P90KFuXIiJokEkE/ojs4NUd4HO
J+hj3o8ynt42aaOUUL5RKGP1Mgar1CMPz6k8eUJWV+DMu4m2hgY3ETPKmNjjdL6t
cEhGnKN9uzUlUYX76GGUka7q8o0jFuY9KYxffswF+JPRlvk2t2uJFQpaOQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNuzHrOGahZsiBCNM+cSasFD8gRAMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMjdNZXM0WnFGbXlJRUkwejV4SnF3VVB5QkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABZKlED
BAJZKlAwDQYJKoZIhvcNAQELBQADggEBAE38ukD5IQknnu934Ib4RlDdDY4a4XTx
f6G9rr6+n828wKYNmboVQAuR1U2TQtmPGPjP4fGdSFl95llJb2T2ZbTKwkC/0+fU
NZ3UDwjcLxEjVtu9gsUT7CnazM44Mo44edQv8Svc1teba6czGdQNBGhE3uH2iBEP
hMYsBFyMl0d6eegzhr2b1nD0AtQvwoFFoqCUeDPUBWaHUjxxtHSOEJXCuh5/KWVi
88XJ/CUBtxukMNzeM2ADvG8CQSmEqBRwv6wmv09SZEcIXFG27rRIuKomcHHeVuoz
Sx4VFvhFe8xtk6eguRjC427ciQR8K4IQ1jdkK3DWTXl6DyvoFoOqXP0=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:10:37 2025 by rpki-client