Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/r7OXyZNM0kix8CN9A1LZgjq0P-w.roa
File: r7OXyZNM0kix8CN9A1LZgjq0P-w.roa (raw, json)
Hash identifier: fCJATW3/flXuVBz3TDMt4ztI3LjsJZmH0dCCJ+VtyR0=
Subject key identifier: AF:B3:97:C9:93:4C:D2:48:B1:F0:23:7D:03:52:D9:82:3A:B4:3F:EC
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6C17F6330FB53DE20C4F44AB1001A
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/r7OXyZNM0kix8CN9A1LZgjq0P-w.roa
Signing time: Wed 01 Jan 2025 21:47:44 +0000
ROA not before: Wed 01 Jan 2025 21:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58022
IP address blocks: 89.37.112.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:c1:7f:63:30:fb:53:de:20:c4:f4:4a:b1:00:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afb397c9934cd248b1f0237d0352d9823ab43fec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ff:ef:8e:64:5f:58:d9:ac:13:26:4e:1d:2c:
b4:e4:0c:2c:29:8b:f0:46:63:89:59:25:b5:a6:0d:
f0:a5:7d:3b:0e:ef:47:6a:29:7e:e9:af:92:69:bc:
cf:73:07:f9:84:3e:f9:f5:85:6d:18:11:d7:e2:90:
01:60:29:0d:85:5f:64:70:bd:d7:d6:9c:66:ac:95:
ca:36:fb:e9:8a:34:26:94:ea:03:02:90:e1:a8:a9:
6e:2e:24:92:f0:2f:62:5a:4a:d8:cc:a1:71:7f:4a:
73:a3:6d:8e:87:58:84:2c:7e:68:1a:73:b6:54:f9:
53:40:b7:13:f4:41:e2:f8:08:88:ba:f8:e9:22:f1:
e8:be:52:e8:5b:9c:d4:b8:51:22:52:1e:53:fd:19:
69:19:19:ea:31:a4:1d:52:a2:0e:74:9e:42:98:2f:
39:9e:1c:49:53:33:e4:38:13:ec:98:b4:e6:b0:95:
ae:8f:7c:5b:0b:88:13:81:17:e6:91:7a:b3:65:3b:
e8:4d:f3:36:57:57:f4:c9:ec:10:9d:69:d9:00:0b:
88:7a:ff:b0:39:cc:81:c6:bc:ed:06:6a:ba:70:2a:
96:f3:63:1b:b3:b3:7d:0c:21:81:3e:ef:d2:7e:74:
c3:10:98:72:ab:93:4b:1c:aa:7c:b1:8b:7f:21:42:
dd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B3:97:C9:93:4C:D2:48:B1:F0:23:7D:03:52:D9:82:3A:B4:3F:EC
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/r7OXyZNM0kix8CN9A1LZgjq0P-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.112.0/22
Signature Algorithm: sha256WithRSAEncryption
64:60:a1:8c:fb:b9:0d:d8:bc:d8:2c:99:5b:a2:6e:2b:a9:d8:
5c:b5:1c:aa:f1:6f:7b:2c:c2:7c:d9:8a:97:8b:d8:e4:9d:ae:
01:8b:1a:34:3c:b3:a6:6e:31:27:8b:ef:fe:38:02:06:2e:0b:
e2:c6:1e:85:7a:b5:49:a3:9d:f7:27:17:5f:16:41:dd:b7:11:
3d:3c:87:65:b1:08:c5:99:64:9e:6b:fe:13:f4:43:f8:6e:6e:
d1:f3:25:d9:34:89:ad:f2:12:f4:6b:14:ed:0b:f4:e5:39:c4:
d8:ec:b4:12:79:33:0a:b2:cf:08:3b:9c:05:59:69:31:3c:1c:
39:c1:3f:a2:c3:d2:01:0d:5a:8b:b1:cc:9d:b4:a3:e1:7b:12:
6f:e0:74:23:7d:7b:b9:6c:9e:6d:03:95:ad:61:18:91:1a:3c:
16:62:15:db:8a:3e:90:30:6e:33:e6:44:d4:24:a3:24:05:ad:
d5:d3:90:a4:d9:49:b5:77:a0:d7:ae:28:f9:07:b8:5a:16:87:
8e:db:2a:f3:e0:58:5f:72:af:0d:dc:56:ac:e8:15:fc:70:58:
8f:34:1a:82:78:9b:99:14:8d:cb:97:de:ea:fe:63:7c:fb:af:
02:85:25:50:27:06:b9:83:7f:28:96:d7:a1:e2:93:f3:6b:4b:
9e:18:a2:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1sF/YzD7U94gxPRKsQAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmIzOTdjOTkzNGNkMjQ4YjFmMDIzN2QwMzUyZDk4MjNhYjQzZmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3f/vjmRfWNmsEyZOHSy05AwsKYvw
RmOJWSW1pg3wpX07Du9Hail+6a+SabzPcwf5hD759YVtGBHX4pABYCkNhV9kcL3X
1pxmrJXKNvvpijQmlOoDApDhqKluLiSS8C9iWkrYzKFxf0pzo22Oh1iELH5oGnO2
VPlTQLcT9EHi+AiIuvjpIvHovlLoW5zUuFEiUh5T/RlpGRnqMaQdUqIOdJ5CmC85
nhxJUzPkOBPsmLTmsJWuj3xbC4gTgRfmkXqzZTvoTfM2V1f0yewQnWnZAAuIev+w
OcyBxrztBmq6cCqW82Mbs7N9DCGBPu/SfnTDEJhyq5NLHKp8sYt/IULdJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK+zl8mTTNJIsfAjfQNS2YI6tD/sMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcjdPWHlaTk0wa2l4OENOOUExTFpnanEwUC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSVwMA0G
CSqGSIb3DQEBCwUAA4IBAQBkYKGM+7kN2LzYLJlbom4rqdhctRyq8W97LMJ82YqX
i9jkna4Bixo0PLOmbjEni+/+OAIGLgvixh6FerVJo533JxdfFkHdtxE9PIdlsQjF
mWSea/4T9EP4bm7R8yXZNImt8hL0axTtC/TlOcTY7LQSeTMKss8IO5wFWWkxPBw5
wT+iw9IBDVqLscydtKPhexJv4HQjfXu5bJ5tA5WtYRiRGjwWYhXbij6QMG4z5kTU
JKMkBa3V05Ck2Um1d6DXrij5B7haFoeO2yrz4Fhfcq8N3Fas6BX8cFiPNBqCeJuZ
FI3Ll97q/mN8+68ChSVQJwa5g38olteh4pPza0ueGKKF
-----END CERTIFICATE-----
Generated at Thu Apr 10 07:00:07 2025 by rpki-client