Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2xRsZy5phAGsfB9_TbbLtNE_Yv4.roa
File: 2xRsZy5phAGsfB9_TbbLtNE_Yv4.roa (raw, json)
Hash identifier: yf/sa/4h6hm9CqyPy6OtA38ffYjIwyEixhhOyLQsJp8=
Subject key identifier: DB:14:6C:67:2E:69:84:01:AC:7C:1F:7F:4D:B6:CB:B4:D1:3F:62:FE
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6C2F1DC70C0C0A6B75281DE115CCB
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2xRsZy5phAGsfB9_TbbLtNE_Yv4.roa
Signing time: Wed 01 Jan 2025 21:47:44 +0000
ROA not before: Wed 01 Jan 2025 21:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60949
IP address blocks: 89.34.26.0/24 maxlen: 24
89.42.84.0/24 maxlen: 24
89.42.94.0/24 maxlen: 24
89.47.112.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c2:f1:dc:70:c0:c0:a6:b7:52:81:de:11:5c:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db146c672e698401ac7c1f7f4db6cbb4d13f62fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:88:1b:b1:52:ba:d2:4b:e3:5e:97:6c:92:27:
4c:3a:a9:f0:2b:0a:b4:6f:80:d9:64:de:02:b9:55:
35:a7:9f:2c:f7:da:73:1c:7d:19:f9:e3:2c:f8:62:
f3:48:95:43:23:31:7f:14:1e:93:46:cf:89:2d:a0:
6b:48:7f:30:07:f1:e0:e2:8c:a0:c7:8a:41:70:68:
20:43:86:75:03:21:8b:1c:8f:51:28:ed:e6:80:c8:
d7:05:5a:fa:f2:b8:90:da:82:0e:9c:23:42:73:54:
23:c1:3e:c1:3f:52:04:40:57:8f:13:86:29:66:34:
c3:16:0c:f7:33:6a:3e:eb:04:16:f0:91:b8:23:35:
2f:a0:d1:83:be:4f:72:f0:8d:24:e7:bc:89:bd:0a:
ba:a4:80:7c:c2:db:2f:4a:aa:14:b1:97:03:64:fa:
9c:38:09:79:7c:3d:4e:98:76:2a:c9:89:61:b0:21:
f4:b0:88:11:1b:f1:ca:be:33:1e:76:84:e0:36:53:
1e:7a:1b:90:b6:66:ae:57:dc:c8:27:ac:bf:e0:1a:
d1:2f:d6:f6:d5:2e:ba:ed:dc:69:a1:eb:91:13:32:
1d:6c:a1:57:ff:51:86:15:68:71:a4:6a:63:ac:be:
03:75:8e:9d:ac:c6:67:25:d7:80:66:50:3d:e9:56:
72:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:14:6C:67:2E:69:84:01:AC:7C:1F:7F:4D:B6:CB:B4:D1:3F:62:FE
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2xRsZy5phAGsfB9_TbbLtNE_Yv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.26.0/24
89.42.84.0/24
89.42.94.0/24
89.47.112.0/24
Signature Algorithm: sha256WithRSAEncryption
12:7f:e0:7e:20:f8:58:d6:74:19:30:0c:a0:74:17:88:2e:07:
d3:6c:2a:3a:3a:00:89:3c:20:8e:3c:ef:8c:72:1c:8b:2e:94:
a3:bc:09:55:2d:da:39:e8:0f:6c:55:85:cf:f6:ec:4c:cd:87:
46:dc:b8:f2:82:41:21:b6:36:ee:fb:39:9e:66:a0:04:58:d9:
e8:f4:d9:1a:e5:8f:4d:7a:c8:97:88:6d:89:5e:ad:36:d8:3b:
c5:c5:2b:d9:91:b1:93:f7:f6:24:c7:81:68:41:53:36:30:87:
66:b7:53:d6:58:1d:1f:37:11:43:cd:29:32:54:8a:7e:81:cf:
41:2a:28:de:39:15:7a:cd:b8:d8:ea:df:5c:2a:b1:1f:6f:a1:
73:e4:3a:87:34:4e:c5:cc:21:7c:01:e6:d7:10:07:83:ba:6e:
25:73:ab:5b:d4:6a:c7:82:a5:bd:01:67:5e:ef:f3:df:39:4d:
77:4e:c0:b9:ed:04:52:11:5a:3f:a9:a6:74:0f:48:29:36:2a:
53:af:5c:e4:d7:d3:3b:98:5b:90:ac:6d:84:bc:17:26:40:65:
3b:3a:3d:6f:37:0f:49:9e:7d:f9:29:3d:6c:53:94:b5:44:d0:
e9:c3:ab:5a:aa:fa:3f:28:26:b9:41:6e:ac:60:01:46:dd:f3:
1d:b3:64:00
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQj1sLx3HDAwKa3UoHeEVzLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjE0NmM2NzJlNjk4NDAxYWM3YzFmN2Y0ZGI2Y2JiNGQxM2Y2MmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYgbsVK60kvjXpdskidMOqnwKwq0
b4DZZN4CuVU1p58s99pzHH0Z+eMs+GLzSJVDIzF/FB6TRs+JLaBrSH8wB/Hg4oyg
x4pBcGggQ4Z1AyGLHI9RKO3mgMjXBVr68riQ2oIOnCNCc1QjwT7BP1IEQFePE4Yp
ZjTDFgz3M2o+6wQW8JG4IzUvoNGDvk9y8I0k57yJvQq6pIB8wtsvSqoUsZcDZPqc
OAl5fD1OmHYqyYlhsCH0sIgRG/HKvjMedoTgNlMeehuQtmauV9zIJ6y/4BrRL9b2
1S667dxpoeuREzIdbKFX/1GGFWhxpGpjrL4DdY6drMZnJdeAZlA96VZyxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNsUbGcuaYQBrHwff022y7TRP2L+MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMnhSc1p5NXBoQUdzZkI5X1RiYkx0TkVfWXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSIaAwQA
WSpUAwQAWSpeAwQAWS9wMA0GCSqGSIb3DQEBCwUAA4IBAQASf+B+IPhY1nQZMAyg
dBeILgfTbCo6OgCJPCCOPO+MchyLLpSjvAlVLdo56A9sVYXP9uxMzYdG3LjygkEh
tjbu+zmeZqAEWNno9Nka5Y9NesiXiG2JXq022DvFxSvZkbGT9/Ykx4FoQVM2MIdm
t1PWWB0fNxFDzSkyVIp+gc9BKijeORV6zbjY6t9cKrEfb6Fz5DqHNE7FzCF8AebX
EAeDum4lc6tb1GrHgqW9AWde7/PfOU13TsC57QRSEVo/qaZ0D0gpNipTr1zk19M7
mFuQrG2EvBcmQGU7Oj1vNw9Jnn35KT1sU5S1RNDpw6taqvo/KCa5QW6sYAFG3fMd
s2QA
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:31:05 2025 by rpki-client