Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YAqFCnmqzYtlKl-WnUuVNyBRMjo.roa
File: YAqFCnmqzYtlKl-WnUuVNyBRMjo.roa (raw, json)
Hash identifier: WByx741W0JuOzTQ8zBEeSswHryHhKGxEDvv3Yt+LKvg=
Subject key identifier: 60:0A:85:0A:79:AA:CD:8B:65:2A:5F:96:9D:4B:95:37:20:51:32:3A
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6B308E03287972AA89E90226B1A6E
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YAqFCnmqzYtlKl-WnUuVNyBRMjo.roa
Signing time: Wed 01 Jan 2025 21:47:40 +0000
ROA not before: Wed 01 Jan 2025 21:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 996
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.224.0/24 maxlen: 24
89.34.225.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.40.82.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.117.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b3:08:e0:32:87:97:2a:a8:9e:90:22:6b:1a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=600a850a79aacd8b652a5f969d4b95372051323a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f1:7b:fb:bc:22:11:5d:b9:e3:04:94:cc:46:
5c:9b:76:55:7d:f7:3a:3a:ef:a6:78:cd:4d:69:8b:
7f:2b:02:ee:28:08:82:81:8f:5b:38:fb:4f:77:89:
d8:f5:6c:7e:49:46:66:46:54:1d:7c:b4:34:98:02:
a5:83:30:86:d0:e4:70:a1:32:cd:c7:24:5a:87:43:
a9:5e:4c:98:b7:07:78:83:53:85:10:95:08:c1:5d:
a5:ad:64:d3:19:e5:21:15:a2:b8:74:9c:24:53:14:
d5:02:20:6d:d8:5b:a5:e3:0e:b3:77:6e:db:1f:19:
90:ec:5f:6d:41:d0:8c:ce:d9:7e:8c:ec:2f:a9:aa:
77:0e:22:7c:f5:c2:e1:0b:38:b8:2f:d1:07:f9:69:
76:9c:50:88:d6:7b:5e:b7:11:dd:5c:ba:95:cb:e3:
ce:2d:99:01:1a:f2:85:c3:58:30:df:25:8d:08:10:
2f:7c:f4:5b:ce:91:89:75:2a:e5:29:32:c0:ce:3c:
d1:9c:92:af:42:58:6a:62:8c:d9:5d:d1:a0:5b:12:
1d:0a:7b:bd:61:7b:4f:26:ca:e1:6b:0d:d0:ba:6a:
4a:1a:91:43:d7:a3:3f:35:8d:4b:88:71:2a:10:54:
99:be:92:34:d2:00:79:f5:f7:e2:4a:8b:b3:90:45:
27:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0A:85:0A:79:AA:CD:8B:65:2A:5F:96:9D:4B:95:37:20:51:32:3A
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/YAqFCnmqzYtlKl-WnUuVNyBRMjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.231.0/24
89.40.82.0/24
89.47.99.0/24
89.47.117.0/24
89.47.125.0/24
Signature Algorithm: sha256WithRSAEncryption
65:ea:6b:f6:95:a0:aa:ae:7d:16:df:e6:1b:4d:72:10:7f:fb:
37:ae:49:3e:e2:f8:74:5a:fa:cd:8e:4f:26:ec:3a:ed:6c:f1:
de:d6:0f:8b:de:e1:ef:f6:4d:2d:ab:ef:83:75:22:98:4f:39:
b9:4e:52:94:7d:ca:56:c8:a5:80:f9:0b:55:14:74:51:65:a4:
32:76:ed:5c:35:f8:07:c7:c7:39:e5:47:b3:5f:93:44:29:77:
e8:6c:6d:4e:80:a5:7a:9f:56:ba:62:25:5f:56:e0:66:88:4b:
10:cb:8e:63:b7:a1:e5:b3:4e:13:96:32:9d:02:03:0d:b3:d9:
42:77:6e:0a:ec:d2:d9:56:f8:11:9a:6b:0b:60:e0:2b:25:e7:
6c:0d:1e:26:37:89:86:e7:c8:b4:3e:31:e2:9e:63:86:8a:fc:
d7:02:b5:bc:64:f4:2b:f1:a5:36:4d:fd:fa:c7:10:d7:ed:80:
c7:1b:99:f6:14:c5:d4:e3:a8:3f:f6:9b:f3:f8:02:d6:88:45:
3b:be:5f:4b:b0:e9:78:98:4c:43:06:8b:54:e3:9c:67:86:4b:
65:91:83:5a:bb:74:0a:b1:74:de:32:e2:d8:2a:8b:3d:07:ce:
22:0c:c7:e2:6e:ae:5f:52:2d:64:fc:ca:63:7f:a4:67:83:b0:
e9:4b:4a:25
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQj1rMI4DKHlyqonpAiaxpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDBhODUwYTc5YWFjZDhiNjUyYTVmOTY5ZDRiOTUzNzIwNTEzMjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifF7+7wiEV254wSUzEZcm3ZVffc6
Ou+meM1NaYt/KwLuKAiCgY9bOPtPd4nY9Wx+SUZmRlQdfLQ0mAKlgzCG0ORwoTLN
xyRah0OpXkyYtwd4g1OFEJUIwV2lrWTTGeUhFaK4dJwkUxTVAiBt2Ful4w6zd27b
HxmQ7F9tQdCMztl+jOwvqap3DiJ89cLhCzi4L9EH+Wl2nFCI1ntetxHdXLqVy+PO
LZkBGvKFw1gw3yWNCBAvfPRbzpGJdSrlKTLAzjzRnJKvQlhqYozZXdGgWxIdCnu9
YXtPJsrhaw3QumpKGpFD16M/NY1LiHEqEFSZvpI00gB59ffiSouzkEUnPQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGAKhQp5qs2LZSpflp1LlTcgUTI6MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWUFxRkNubXF6WXRsS2wtV25VdVZOeUJSTWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBWSLgAwQA
WSLnAwQAWShSAwQAWS9jAwQAWS91AwQAWS99MA0GCSqGSIb3DQEBCwUAA4IBAQBl
6mv2laCqrn0W3+YbTXIQf/s3rkk+4vh0WvrNjk8m7DrtbPHe1g+L3uHv9k0tq++D
dSKYTzm5TlKUfcpWyKWA+QtVFHRRZaQydu1cNfgHx8c55UezX5NEKXfobG1OgKV6
n1a6YiVfVuBmiEsQy45jt6Hls04TljKdAgMNs9lCd24K7NLZVvgRmmsLYOArJeds
DR4mN4mG58i0PjHinmOGivzXArW8ZPQr8aU2Tf36xxDX7YDHG5n2FMXU46g/9pvz
+ALWiEU7vl9LsOl4mExDBotU45xnhktlkYNau3QKsXTeMuLYKos9B84iDMfibq5f
Ui1k/Mpjf6Rng7DpS0ol
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:10:47 2025 by rpki-client