Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OZ3D5oU2-9bXSHB5tzAccgpTO7Y.roa
File: OZ3D5oU2-9bXSHB5tzAccgpTO7Y.roa (raw, json)
Hash identifier: ey78U+EIyITO51B4AiGBdHhGDZtc5V4JsDIGBdtokSE=
Subject key identifier: 39:9D:C3:E6:85:36:FB:D6:D7:48:70:79:B7:30:1C:72:0A:53:3B:B6
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6CAD83FD675EB98B65B0C239FBC7C
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OZ3D5oU2-9bXSHB5tzAccgpTO7Y.roa
Signing time: Wed 01 Jan 2025 21:47:46 +0000
ROA not before: Wed 01 Jan 2025 21:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210538
IP address blocks: 89.47.113.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ca:d8:3f:d6:75:eb:98:b6:5b:0c:23:9f:bc:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=399dc3e68536fbd6d7487079b7301c720a533bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:54:eb:66:3c:e9:90:73:11:f9:5c:0c:c9:91:
5a:30:9f:eb:5e:b9:df:e1:f4:1c:fb:a9:46:8f:45:
64:79:5d:01:f5:17:f7:55:dd:7f:54:7c:18:4e:59:
a6:7b:a1:2b:67:c9:8e:41:47:5b:a1:bc:6b:cb:fa:
41:ee:0f:be:ac:18:f7:94:a4:04:5f:56:c0:40:bc:
37:6b:80:c9:49:f9:1e:36:7e:46:42:64:ce:57:92:
c8:d3:57:33:4c:bd:96:49:22:50:ed:24:c1:95:0a:
21:22:a7:49:67:28:05:4d:8c:1a:99:b3:bf:ad:c0:
7d:78:ff:c4:c9:4e:39:9d:1a:41:8a:7b:1d:d0:be:
19:39:44:a6:10:18:d0:e1:57:bd:cf:1b:d9:97:a6:
a5:bf:0f:98:45:4f:d7:e3:62:ef:0d:ed:42:45:b6:
01:fc:3d:fa:92:bd:bb:23:f0:e8:db:1b:d9:97:f2:
d9:db:e2:29:7f:07:bd:2d:78:b3:38:3c:e5:54:01:
a3:da:12:d6:c5:60:71:c3:68:18:e1:26:98:6c:bd:
fe:d7:97:52:e8:39:5a:6d:be:cf:d9:0c:89:ac:43:
97:5e:5d:23:fc:d5:81:6a:3a:9e:60:52:0b:07:8a:
fd:eb:cd:0d:06:2f:0d:08:3a:d6:1c:d0:a3:ea:63:
b5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9D:C3:E6:85:36:FB:D6:D7:48:70:79:B7:30:1C:72:0A:53:3B:B6
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OZ3D5oU2-9bXSHB5tzAccgpTO7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.113.0/24
Signature Algorithm: sha256WithRSAEncryption
18:59:6b:08:14:45:a1:b6:05:9b:6d:5b:d5:d5:6a:4b:b3:71:
9c:d6:43:13:60:ce:b4:1a:75:04:86:50:66:d2:4c:32:61:ff:
39:8a:37:17:9d:8b:67:3a:f4:79:13:55:77:ff:d7:1b:03:57:
36:c0:84:d6:9c:93:2e:5d:73:ab:90:13:d7:9d:8c:96:6b:80:
15:60:07:85:18:41:76:45:df:68:5f:69:a0:d2:c5:e3:c0:b2:
82:7c:1a:11:21:7f:6c:53:9e:d0:fd:2b:84:95:84:d0:7b:40:
ea:a7:72:29:7b:eb:bb:41:f3:14:ea:e4:72:4f:1d:aa:bf:d6:
76:6e:45:7f:53:9e:67:27:f0:43:2f:36:f8:f8:16:a2:9d:d1:
7e:11:c7:c0:c0:95:47:cb:eb:08:ed:97:fc:62:d2:e6:d5:9b:
75:d4:f3:c8:af:bb:0f:61:ef:5d:70:31:7b:45:17:a7:ad:e7:
1c:33:10:d5:7b:4e:80:3c:c8:52:c2:67:9f:52:b3:00:cc:09:
c1:7a:67:7c:98:2f:5b:14:38:3a:20:ea:ae:06:fd:00:02:8f:
a0:e4:c6:b4:a5:ad:1c:9b:c8:85:49:6e:0d:9e:dc:79:8e:a2:
07:a6:34:91:71:6e:9f:80:3a:db:b8:73:01:de:09:33:58:66:
d0:f2:c2:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1srYP9Z165i2Wwwjn7x8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTlkYzNlNjg1MzZmYmQ2ZDc0ODcwNzliNzMwMWM3MjBhNTMzYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFTrZjzpkHMR+VwMyZFaMJ/rXrnf
4fQc+6lGj0VkeV0B9Rf3Vd1/VHwYTlmme6ErZ8mOQUdbobxry/pB7g++rBj3lKQE
X1bAQLw3a4DJSfkeNn5GQmTOV5LI01czTL2WSSJQ7STBlQohIqdJZygFTYwambO/
rcB9eP/EyU45nRpBinsd0L4ZOUSmEBjQ4Ve9zxvZl6alvw+YRU/X42LvDe1CRbYB
/D36kr27I/Do2xvZl/LZ2+Ipfwe9LXizODzlVAGj2hLWxWBxw2gY4SaYbL3+15dS
6Dlabb7P2QyJrEOXXl0j/NWBajqeYFILB4r9680NBi8NCDrWHNCj6mO1uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmdw+aFNvvW10hwebcwHHIKUzu2MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvT1ozRDVvVTItOWJYU0hCNXR6QWNjZ3BUTzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS9xMA0G
CSqGSIb3DQEBCwUAA4IBAQAYWWsIFEWhtgWbbVvV1WpLs3Gc1kMTYM60GnUEhlBm
0kwyYf85ijcXnYtnOvR5E1V3/9cbA1c2wITWnJMuXXOrkBPXnYyWa4AVYAeFGEF2
Rd9oX2mg0sXjwLKCfBoRIX9sU57Q/SuElYTQe0Dqp3Ipe+u7QfMU6uRyTx2qv9Z2
bkV/U55nJ/BDLzb4+BaindF+EcfAwJVHy+sI7Zf8YtLm1Zt11PPIr7sPYe9dcDF7
RRenreccMxDVe06APMhSwmefUrMAzAnBemd8mC9bFDg6IOquBv0AAo+g5Ma0pa0c
m8iFSW4Nntx5jqIHpjSRcW6fgDrbuHMB3gkzWGbQ8sIK
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:44:35 2025 by rpki-client