Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/F2GEYd0tk4EDWEWeiRV8N0OogjY.roa
File: F2GEYd0tk4EDWEWeiRV8N0OogjY.roa (raw, json)
Hash identifier: Puq/vU/JR/SciNF4PvCCKLdcfnvD6OwSy0OmzKLsPgg=
Subject key identifier: 17:61:84:61:DD:2D:93:81:03:58:45:9E:89:15:7C:37:43:A8:82:36
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019599DC5A35BCE86053CCC91C06959C0DEE
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/F2GEYd0tk4EDWEWeiRV8N0OogjY.roa
Signing time: Sat 15 Mar 2025 12:51:49 +0000
ROA not before: Sat 15 Mar 2025 12:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
93.113.183.0/24 maxlen: 24
93.119.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:99:dc:5a:35:bc:e8:60:53:cc:c9:1c:06:95:9c:0d:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Mar 15 12:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17618461dd2d93810358459e89157c3743a88236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:31:d3:cb:16:80:c6:c5:ba:3f:45:6a:83:74:
f1:55:34:02:60:67:58:7a:50:57:86:96:e4:b7:d6:
9d:34:ee:19:44:cc:13:d5:cc:de:6a:90:a1:eb:53:
ab:b6:54:91:bb:63:67:b0:9b:8f:53:e8:76:2e:03:
f1:0d:e7:36:75:58:dc:e6:64:20:9a:95:0d:8f:b2:
2c:08:58:7f:19:b4:6b:77:02:92:5a:9d:c5:d1:f8:
e9:7d:d0:5b:89:36:81:8d:b1:15:bb:1a:4d:e3:87:
2b:11:7d:63:8f:5d:c0:83:ca:5b:b6:c7:e4:14:ec:
d4:af:a0:45:af:2b:59:fc:8a:e5:5b:e9:53:c0:a1:
22:04:0b:36:1e:05:60:34:db:ea:e5:17:9a:9f:67:
3d:bb:d9:ff:00:c1:57:49:96:b6:47:c4:36:10:b8:
0d:61:1e:0b:59:9a:31:a6:31:69:1b:80:41:2b:01:
a6:a4:0a:72:f4:98:41:13:69:f7:93:6e:32:08:12:
1b:a2:5b:6e:8b:56:00:19:0c:a7:f4:34:52:93:0d:
4a:c7:57:27:fe:4d:a5:46:e8:fa:bb:d7:ed:a7:a0:
d6:67:64:fb:1f:d8:63:06:6f:60:52:4a:87:c1:39:
de:c8:f6:3e:6f:11:62:9c:c7:0b:a7:9f:d0:bb:6e:
03:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:61:84:61:DD:2D:93:81:03:58:45:9E:89:15:7C:37:43:A8:82:36
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/F2GEYd0tk4EDWEWeiRV8N0OogjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
93.113.183.0/24
93.119.106.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:91:6a:98:7a:ca:68:67:41:fc:fd:f2:94:5e:d8:7e:f1:d0:
c0:be:c3:82:55:09:c5:08:5f:0b:5d:36:4a:ac:9a:e4:71:91:
73:96:7c:59:ec:c6:7c:26:f2:4f:81:47:9d:64:f7:ac:fc:48:
e5:00:c7:66:96:b9:30:19:d9:30:44:78:38:20:c3:b9:e3:d5:
70:f7:ad:2d:48:22:ba:d5:a6:71:62:1f:a4:c0:65:5f:82:37:
2a:08:5c:4a:8a:97:75:b5:7c:57:b5:d5:f5:3e:38:c7:4f:ec:
62:54:48:60:07:d3:e6:ba:36:4c:04:cf:ab:66:af:ee:72:12:
24:c6:b7:0b:97:8e:96:02:50:0e:67:05:cf:24:cb:68:4c:01:
c6:65:81:d8:c3:ae:b4:37:10:bc:6a:6b:b8:82:3e:2b:a8:fc:
56:30:aa:01:04:ad:ee:3e:15:6d:2c:b7:bd:ff:78:dc:d9:e5:
73:5b:be:a1:46:5e:68:bd:4a:b5:31:c5:68:37:2d:ad:2d:88:
45:8d:49:32:a6:f6:1e:7e:a8:da:7e:77:49:d7:6d:21:6b:90:
ea:c6:08:f1:21:92:1e:c6:29:b6:04:1d:43:24:7a:08:bc:52:
65:ed:de:b3:73:88:14:33:93:bd:b9:24:8d:87:b7:e0:eb:e7:
d6:7e:bb:c4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZWZ3Fo1vOhgU8zJHAaVnA3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMzE1MTI1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzYxODQ2MWRkMmQ5MzgxMDM1ODQ1OWU4OTE1N2MzNzQzYTg4MjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTHTyxaAxsW6P0Vqg3TxVTQCYGdY
elBXhpbkt9adNO4ZRMwT1czeapCh61OrtlSRu2NnsJuPU+h2LgPxDec2dVjc5mQg
mpUNj7IsCFh/GbRrdwKSWp3F0fjpfdBbiTaBjbEVuxpN44crEX1jj13Ag8pbtsfk
FOzUr6BFrytZ/IrlW+lTwKEiBAs2HgVgNNvq5Rean2c9u9n/AMFXSZa2R8Q2ELgN
YR4LWZoxpjFpG4BBKwGmpApy9JhBE2n3k24yCBIboltui1YAGQyn9DRSkw1Kx1cn
/k2lRuj6u9ftp6DWZ2T7H9hjBm9gUkqHwTneyPY+bxFinMcLp5/Qu24D+wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBdhhGHdLZOBA1hFnokVfDdDqII2MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvRjJHRVlkMHRrNEVEV0VXZWlSVjhOME9vZ2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZKlED
BAJZKlADBABdcbcDBABdd2owDQYJKoZIhvcNAQELBQADggEBAHuRaph6ymhnQfz9
8pRe2H7x0MC+w4JVCcUIXwtdNkqsmuRxkXOWfFnsxnwm8k+BR51k96z8SOUAx2aW
uTAZ2TBEeDggw7nj1XD3rS1IIrrVpnFiH6TAZV+CNyoIXEqKl3W1fFe11fU+OMdP
7GJUSGAH0+a6NkwEz6tmr+5yEiTGtwuXjpYCUA5nBc8ky2hMAcZlgdjDrrQ3ELxq
a7iCPiuo/FYwqgEEre4+FW0st73/eNzZ5XNbvqFGXmi9SrUxxWg3La0tiEWNSTKm
9h5+qNp+d0nXbSFrkOrGCPEhkh7GKbYEHUMkegi8UmXt3rNziBQzk725JI2Ht+Dr
59Z+u8Q=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:04:41 2025 by rpki-client