Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/sMqFfMp5zpY3CUtYN9I_G8fQL_k.roa
File: sMqFfMp5zpY3CUtYN9I_G8fQL_k.roa (raw, json)
Hash identifier: 5Vzy/MEtaY534v4+SXof8s8c44LJSmPvw3aOjkR7D3I=
Subject key identifier: B0:CA:85:7C:CA:79:CE:96:37:09:4B:58:37:D2:3F:1B:C7:D0:2F:F9
Certificate issuer: /CN=8166038385b343d55e76b728efe23c0731787668
Certificate serial: A2059B
Authority key identifier: 81:66:03:83:85:B3:43:D5:5E:76:B7:28:EF:E2:3C:07:31:78:76:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gWYDg4WzQ9Vedrco7-I8BzF4dmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/sMqFfMp5zpY3CUtYN9I_G8fQL_k.roa
Signing time: Sat 01 Jan 2022 00:58:24 +0000
ROA not before: Sat 01 Jan 2022 00:58:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207473
IP address blocks: 89.17.45.0/24 maxlen: 24
89.17.46.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10618267 (0xa2059b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8166038385b343d55e76b728efe23c0731787668
Validity
Not Before: Jan 1 00:58:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0ca857cca79ce9637094b5837d23f1bc7d02ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d3:55:59:87:b6:0a:f5:4a:64:8a:66:b7:7b:
ed:b6:d3:08:bb:ab:29:21:14:ae:44:28:de:b6:6c:
e7:93:c9:4a:e5:14:87:17:50:76:12:4c:8e:13:c1:
2a:6c:dd:40:32:48:f2:a4:f5:2e:10:84:1e:1e:2f:
b9:57:d2:8c:be:22:29:f2:ef:87:d2:04:48:7a:34:
ea:32:5f:70:76:d2:47:cc:85:5c:89:ff:16:97:0e:
b5:09:6c:e8:e4:b7:a3:19:43:44:09:a6:10:bf:f8:
e6:8d:f9:8d:6f:81:7c:e6:cd:2b:f1:80:a2:80:c7:
57:c7:a6:66:3b:08:86:be:be:52:79:6b:05:c2:c5:
e1:4f:0b:b7:8f:4e:5b:c3:45:0e:35:35:7c:d7:22:
0e:c6:17:83:d4:84:7e:d7:43:36:8d:38:82:99:50:
27:7a:f0:f6:a1:eb:01:23:fc:1f:cc:bb:07:4e:1c:
7c:18:b5:af:ed:11:3d:93:2b:2c:eb:e0:2e:fc:35:
61:28:44:4a:a5:4a:62:7a:fd:60:8d:c7:9d:2d:ef:
19:5c:67:1c:31:ed:5e:12:7f:82:f1:36:0e:78:16:
3f:0a:ae:7e:f0:66:29:86:ff:8e:c5:54:53:4f:61:
0a:98:f9:8b:ae:93:3f:06:48:ec:0a:dd:08:bc:72:
11:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:CA:85:7C:CA:79:CE:96:37:09:4B:58:37:D2:3F:1B:C7:D0:2F:F9
X509v3 Authority Key Identifier:
keyid:81:66:03:83:85:B3:43:D5:5E:76:B7:28:EF:E2:3C:07:31:78:76:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gWYDg4WzQ9Vedrco7-I8BzF4dmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/sMqFfMp5zpY3CUtYN9I_G8fQL_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/gWYDg4WzQ9Vedrco7-I8BzF4dmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.17.45.0-89.17.46.255
Signature Algorithm: sha256WithRSAEncryption
b9:89:9c:8d:4c:8f:f1:3e:23:83:96:30:59:16:10:73:bc:a1:
67:6e:c0:17:14:9a:60:50:12:3b:df:a6:58:8e:bd:7b:b3:91:
d5:fe:9e:60:e9:5b:34:b4:e3:f8:93:d1:4d:4f:be:38:72:72:
45:a6:a7:de:6c:ac:ef:07:1c:ed:45:36:b3:2f:bd:0f:7c:06:
1d:8b:07:4a:73:94:0e:8e:a9:45:6a:fc:25:26:36:b1:1f:5f:
94:e9:52:c0:61:61:00:c7:7f:e7:a8:1d:b5:f1:d4:bc:5b:a1:
db:96:08:81:b1:a1:66:f4:ce:42:d3:bc:a7:29:8e:fc:5d:70:
25:fa:6f:eb:72:fb:df:01:dd:03:8b:b4:dd:a3:01:30:e6:5d:
5b:d0:cc:15:e3:1d:fc:04:a0:82:87:31:60:2a:d8:f3:08:25:
5f:5b:f0:75:e1:aa:2c:f5:00:f9:fb:23:0b:df:10:3c:19:13:
9e:55:61:ca:c4:2e:d1:69:8f:8b:1b:ff:39:9b:36:67:79:a9:
55:44:38:04:39:c9:e1:bf:89:9a:35:86:d0:77:aa:a4:33:b5:
58:ec:47:6a:33:ab:9a:90:47:59:56:99:91:09:8a:c7:2d:2a:
e1:2b:c4:05:91:02:e5:53:e4:e4:d0:9f:b4:2b:33:87:3b:d4:
35:b5:1c:bb
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAKIFmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTY2MDM4Mzg1YjM0M2Q1NWU3NmI3MjhlZmUyM2MwNzMxNzg3NjY4MB4XDTIyMDEw
MTAwNTgyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBjYTg1N2NjYTc5
Y2U5NjM3MDk0YjU4MzdkMjNmMWJjN2QwMmZmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIXTVVmHtgr1SmSKZrd77bbTCLurKSEUrkQo3rZs55PJSuUU
hxdQdhJMjhPBKmzdQDJI8qT1LhCEHh4vuVfSjL4iKfLvh9IESHo06jJfcHbSR8yF
XIn/FpcOtQls6OS3oxlDRAmmEL/45o35jW+BfObNK/GAooDHV8emZjsIhr6+Unlr
BcLF4U8Lt49OW8NFDjU1fNciDsYXg9SEftdDNo04gplQJ3rw9qHrASP8H8y7B04c
fBi1r+0RPZMrLOvgLvw1YShESqVKYnr9YI3HnS3vGVxnHDHtXhJ/gvE2DngWPwqu
fvBmKYb/jsVUU09hCpj5i66TPwZI7ArdCLxyEdcCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSwyoV8ynnOljcJS1g30j8bx9Av+TAfBgNVHSMEGDAWgBSBZgODhbND1V52
tyjv4jwHMXh2aDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dXWURnNFd6UTlWZWRyY283LUk4QnpGNGRtZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvNDhjZmQwLTMyMzgtNGFhZi1iNjYzLTQzNzNiNjU3OTBiOC8x
L3NNcUZmTXA1enBZM0NVdFlOOUlfRzhmUUxfay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjMv
NDhjZmQwLTMyMzgtNGFhZi1iNjYzLTQzNzNiNjU3OTBiOC8xL2dXWURnNFd6UTlW
ZWRyY283LUk4QnpGNGRtZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAWREtAwQAWREuMA0GCSqGSIb3
DQEBCwUAA4IBAQC5iZyNTI/xPiODljBZFhBzvKFnbsAXFJpgUBI736ZYjr17s5HV
/p5g6Vs0tOP4k9FNT744cnJFpqfebKzvBxztRTazL70PfAYdiwdKc5QOjqlFavwl
JjaxH1+U6VLAYWEAx3/nqB218dS8W6HblgiBsaFm9M5C07ynKY78XXAl+m/rcvvf
Ad0Di7TdowEw5l1b0MwV4x38BKCChzFgKtjzCCVfW/B14aos9QD5+yML3xA8GROe
VWHKxC7RaY+LG/85mzZnealVRDgEOcnhv4maNYbQd6qkM7VY7EdqM6uakEdZVpmR
CYrHLSrhK8QFkQLlU+Tk0J+0KzOHO9Q1tRy7
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:33 2025 by rpki-client