Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/SQI4KtAHgiOFQFSSm2UjYeKiC-U.roa
File: SQI4KtAHgiOFQFSSm2UjYeKiC-U.roa (raw, json)
Hash identifier: 1NBCi0GUdni39AzXSo6ODLkruC4cejiHizBCgrQ4i9w=
Subject key identifier: 49:02:38:2A:D0:07:82:23:85:40:54:92:9B:65:23:61:E2:A2:0B:E5
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01942DD286CB3D22FB17B9CAA821158DA9D6
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/SQI4KtAHgiOFQFSSm2UjYeKiC-U.roa
Signing time: Fri 03 Jan 2025 20:19:19 +0000
ROA not before: Fri 03 Jan 2025 20:19:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 996
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.224.0/24 maxlen: 24
89.34.225.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.40.82.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.117.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2d:d2:86:cb:3d:22:fb:17:b9:ca:a8:21:15:8d:a9:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 3 20:19:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4902382ad0078223854054929b652361e2a20be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:ad:f4:51:26:fa:08:d3:9e:fe:8c:b5:a4:82:
55:88:f9:b8:37:9e:99:4c:5d:83:09:41:f9:3c:3f:
66:d7:b7:e9:ca:5a:0f:4f:e4:18:9d:cc:f3:46:b2:
bd:80:b3:42:c0:21:76:82:f8:8d:85:b9:6e:a9:cc:
47:59:4f:b1:58:0a:62:96:ff:4a:ae:f9:d0:88:05:
2f:41:34:61:31:f3:30:6a:4b:c1:69:75:cb:39:56:
8f:e6:1a:c7:34:d8:1a:e3:e9:e0:5c:c2:f8:b2:52:
00:17:ca:9f:9f:11:65:bd:22:77:25:e9:d7:e0:2a:
49:25:52:d4:b8:50:a9:70:2d:a2:c0:fe:11:d8:89:
be:50:4b:b0:28:ea:d4:f1:13:37:16:ea:0b:7b:e7:
6c:2a:67:03:af:9b:6c:49:7d:ae:5a:c4:7d:47:7d:
f8:3a:da:17:2a:33:86:bc:61:8f:16:21:3b:3f:56:
5f:e8:6a:41:75:93:23:9c:8f:f0:39:5d:18:e0:af:
f8:5d:c9:53:d8:a3:75:fd:1c:b5:7c:35:0a:f4:ae:
c7:2b:43:f3:2e:de:dc:82:92:bf:81:37:16:6b:af:
63:f7:f8:7b:e2:ad:56:22:28:57:f6:49:5b:43:7c:
77:bb:16:e3:0e:9c:e4:25:01:d2:d3:85:cf:fd:c4:
8e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:02:38:2A:D0:07:82:23:85:40:54:92:9B:65:23:61:E2:A2:0B:E5
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/SQI4KtAHgiOFQFSSm2UjYeKiC-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.231.0/24
89.40.82.0/24
89.47.99.0/24
89.47.117.0-89.47.118.255
89.47.125.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:44:66:35:a0:d7:a7:55:b4:29:55:b1:99:86:61:00:56:dc:
99:e9:84:f3:ef:d1:2d:fd:5a:eb:62:cd:72:38:b0:a5:36:f6:
1f:9d:56:f5:2f:4b:15:fb:be:4c:21:0d:aa:cb:9e:e6:14:24:
5e:ff:77:38:79:6b:50:77:88:9b:cf:d9:bd:89:4a:9f:e4:2e:
96:86:72:cc:c1:94:0a:66:da:12:3a:61:61:91:ad:56:d8:86:
d8:86:fc:f7:38:ba:5f:06:d4:56:5a:88:38:0e:a9:18:36:6b:
6a:63:8f:dc:67:96:a6:bb:b0:c2:a8:91:8e:85:f7:2e:9c:44:
65:c7:93:b8:b9:49:f8:fc:f6:aa:0c:06:f3:6d:ef:ed:eb:06:
d0:63:24:ff:e7:28:0b:d4:61:fa:6c:f1:74:d2:45:61:1a:e5:
2d:0e:f9:76:83:34:31:32:ed:bf:32:29:8d:76:e0:0d:57:83:
a7:2b:c9:9f:7e:b1:91:21:0a:19:22:78:9a:12:c2:a0:bf:23:
ed:cf:85:e1:8e:98:6a:17:bd:dd:0c:4c:37:c7:4f:3e:57:b9:
bb:24:9d:b4:67:a0:ab:20:18:97:be:2e:ad:56:1e:e5:d3:18:
8c:bb:fd:3a:bc:66:97:a4:ad:e7:73:d3:07:2f:df:4b:6d:fe:
ec:b5:4e:37
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQt0obLPSL7F7nKqCEVjanWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAzMjAxOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTAyMzgyYWQwMDc4MjIzODU0MDU0OTI5YjY1MjM2MWUyYTIwYmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+630USb6CNOe/oy1pIJViPm4N56Z
TF2DCUH5PD9m17fpyloPT+QYnczzRrK9gLNCwCF2gviNhbluqcxHWU+xWApilv9K
rvnQiAUvQTRhMfMwakvBaXXLOVaP5hrHNNga4+ngXML4slIAF8qfnxFlvSJ3JenX
4CpJJVLUuFCpcC2iwP4R2Im+UEuwKOrU8RM3FuoLe+dsKmcDr5tsSX2uWsR9R334
OtoXKjOGvGGPFiE7P1Zf6GpBdZMjnI/wOV0Y4K/4XclT2KN1/Ry1fDUK9K7HK0Pz
Lt7cgpK/gTcWa69j9/h74q1WIihX9klbQ3x3uxbjDpzkJQHS04XP/cSOXwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEkCOCrQB4IjhUBUkptlI2HiogvlMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvU1FJNEt0QUhnaU9GUUZTU20yVWpZZUtpQy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBWSLgAwQA
WSLnAwQAWShSAwQAWS9jMAwDBABZL3UDBABZL3YDBABZL30wDQYJKoZIhvcNAQEL
BQADggEBAA9EZjWg16dVtClVsZmGYQBW3JnphPPv0S39WutizXI4sKU29h+dVvUv
SxX7vkwhDarLnuYUJF7/dzh5a1B3iJvP2b2JSp/kLpaGcszBlApm2hI6YWGRrVbY
htiG/Pc4ul8G1FZaiDgOqRg2a2pjj9xnlqa7sMKokY6F9y6cRGXHk7i5Sfj89qoM
BvNt7+3rBtBjJP/nKAvUYfps8XTSRWEa5S0O+XaDNDEy7b8yKY124A1Xg6cryZ9+
sZEhChkieJoSwqC/I+3PheGOmGoXvd0MTDfHTz5XubsknbRnoKsgGJe+Lq1WHuXT
GIy7/Tq8Zpekredz0wcv30tt/uy1Tjc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:52:34 2025 by rpki-client