Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/urzNFgi_gE8fSu_5YoQ_GQRDVw0.roa
File: urzNFgi_gE8fSu_5YoQ_GQRDVw0.roa (raw, json)
Hash identifier: T8tIXkvw/aUJVTl8RyXo5fkRTTwdXnzNgefZluAgHWc=
Subject key identifier: BA:BC:CD:16:08:BF:80:4F:1F:4A:EF:F9:62:84:3F:19:04:43:57:0D
Certificate issuer: /CN=9ae7d661afca3d3370b8e634494d5246b83d585f
Certificate serial: 019427481E03F4286FA861061C51F4F01763
Authority key identifier: 9A:E7:D6:61:AF:CA:3D:33:70:B8:E6:34:49:4D:52:46:B8:3D:58:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mufWYa_KPTNwuOY0SU1SRrg9WF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/urzNFgi_gE8fSu_5YoQ_GQRDVw0.roa
Signing time: Thu 02 Jan 2025 13:50:25 +0000
ROA not before: Thu 02 Jan 2025 13:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62320
IP address blocks: 89.45.84.0/22 maxlen: 24
185.39.228.0/22 maxlen: 24
2a01:4aa0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1e:03:f4:28:6f:a8:61:06:1c:51:f4:f0:17:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ae7d661afca3d3370b8e634494d5246b83d585f
Validity
Not Before: Jan 2 13:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=babccd1608bf804f1f4aeff962843f190443570d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7c:d8:3f:80:75:52:6f:2b:eb:86:08:a3:b1:
99:1d:c4:7f:aa:c2:22:4f:3e:46:1f:3d:e0:d5:a4:
39:1b:91:ec:05:65:f7:b9:4a:d3:47:29:a1:1f:e9:
a2:92:f5:73:8c:1a:95:b6:b3:7b:07:2f:65:f6:4c:
a2:1c:f7:a4:a0:6c:98:24:a7:81:cb:a2:85:7f:24:
ea:c8:bc:ec:b4:5b:f7:49:57:af:2e:03:56:b5:8c:
e7:27:c2:9e:7c:5d:e5:28:ec:fc:1c:6e:b0:41:27:
04:4c:fa:d7:7a:4b:76:7c:e3:5b:37:ba:2b:24:f3:
1b:5d:28:f4:56:0f:e0:80:d1:ef:9c:32:78:2c:38:
bc:86:6e:a2:05:d0:19:bb:85:98:75:0d:9b:30:4a:
f2:0b:8c:9a:97:cb:56:c5:4f:35:05:9f:d9:7b:2f:
0e:af:59:f7:e1:cd:13:b4:33:c2:db:17:34:ac:62:
5a:23:da:64:c7:41:91:15:a4:fd:30:e3:d9:51:15:
b7:18:59:b1:c6:cd:1c:a9:bf:b3:bb:75:e0:34:a0:
58:2a:21:11:9d:af:4c:7b:ab:3b:e6:97:af:63:6f:
de:ff:a2:6d:92:56:3c:de:1e:8f:b9:07:4d:50:30:
39:d3:f4:78:3f:33:c6:01:df:25:35:09:77:4f:84:
72:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BC:CD:16:08:BF:80:4F:1F:4A:EF:F9:62:84:3F:19:04:43:57:0D
X509v3 Authority Key Identifier:
keyid:9A:E7:D6:61:AF:CA:3D:33:70:B8:E6:34:49:4D:52:46:B8:3D:58:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mufWYa_KPTNwuOY0SU1SRrg9WF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/urzNFgi_gE8fSu_5YoQ_GQRDVw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/mufWYa_KPTNwuOY0SU1SRrg9WF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.84.0/22
185.39.228.0/22
IPv6:
2a01:4aa0::/32
Signature Algorithm: sha256WithRSAEncryption
1b:fd:da:44:94:0f:b2:b0:59:56:17:a0:46:00:97:99:e6:d4:
b3:80:cb:6f:a2:dc:92:35:03:c9:49:1e:bc:e1:29:6d:70:0a:
8e:dd:73:85:75:aa:b4:cd:b5:d7:98:bd:55:90:c2:d5:02:14:
05:73:62:da:02:b2:f1:b3:24:ac:82:05:be:0a:34:82:1a:bf:
b5:3f:45:6f:5f:44:b1:ef:24:ba:70:80:2d:64:f4:6a:14:d6:
a9:7b:67:b6:4e:0e:4c:30:ed:55:47:e3:51:64:2c:5b:88:6d:
5f:28:95:d3:12:82:29:b7:87:a8:9d:fd:48:03:9c:e0:d5:01:
d0:ee:6a:05:6c:8f:ca:08:eb:7d:5d:e9:16:ba:f9:e4:12:78:
3e:60:b9:21:52:ab:5e:86:71:63:33:e2:92:98:f5:c8:c8:64:
da:5c:09:38:33:d1:fd:3d:5f:da:8c:5e:d8:8b:da:03:e6:21:
24:10:cb:c9:42:03:fe:dc:1c:2c:fa:fa:17:09:6b:9e:a8:a7:
97:4f:0d:f3:d6:21:bc:63:da:53:04:34:10:1c:ae:b2:27:5a:
61:af:b5:b6:87:0c:5c:42:a3:4d:03:2a:31:04:13:ee:5b:39:
35:e9:84:1c:ef:76:63:55:9d:0e:b7:ad:6e:00:89:49:22:ca:
80:5b:11:02
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQnSB4D9ChvqGEGHFH08BdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZTdkNjYxYWZjYTNkMzM3MGI4ZTYzNDQ5NGQ1MjQ2Yjgz
ZDU4NWYwHhcNMjUwMTAyMTM1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWJjY2QxNjA4YmY4MDRmMWY0YWVmZjk2Mjg0M2YxOTA0NDM1NzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnzYP4B1Um8r64YIo7GZHcR/qsIi
Tz5GHz3g1aQ5G5HsBWX3uUrTRymhH+mikvVzjBqVtrN7By9l9kyiHPekoGyYJKeB
y6KFfyTqyLzstFv3SVevLgNWtYznJ8KefF3lKOz8HG6wQScETPrXekt2fONbN7or
JPMbXSj0Vg/ggNHvnDJ4LDi8hm6iBdAZu4WYdQ2bMEryC4yal8tWxU81BZ/Zey8O
r1n34c0TtDPC2xc0rGJaI9pkx0GRFaT9MOPZURW3GFmxxs0cqb+zu3XgNKBYKiER
na9Me6s75pevY2/e/6JtklY83h6PuQdNUDA50/R4PzPGAd8lNQl3T4RycwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLq8zRYIv4BPH0rv+WKEPxkEQ1cNMB8GA1UdIwQY
MBaAFJrn1mGvyj0zcLjmNElNUka4PVhfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXVmV1lhX0tQVE53dU9ZMFNVMVNScmc5V0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lNDcwNWMtZTZkYS00MjJlLTg1OWMt
M2I2OGE0OWRjMDQyLzEvdXJ6TkZnaV9nRThmU3VfNVlvUV9HUVJEVncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lNDcwNWMtZTZkYS00MjJlLTg1OWMtM2I2OGE0OWRjMDQy
LzEvbXVmV1lhX0tQVE53dU9ZMFNVMVNScmc5V0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWS1UAwQC
uSfkMA0EAgACMAcDBQAqAUqgMA0GCSqGSIb3DQEBCwUAA4IBAQAb/dpElA+ysFlW
F6BGAJeZ5tSzgMtvotySNQPJSR684SltcAqO3XOFdaq0zbXXmL1VkMLVAhQFc2La
ArLxsySsggW+CjSCGr+1P0VvX0Sx7yS6cIAtZPRqFNape2e2Tg5MMO1VR+NRZCxb
iG1fKJXTEoIpt4eonf1IA5zg1QHQ7moFbI/KCOt9XekWuvnkEng+YLkhUqtehnFj
M+KSmPXIyGTaXAk4M9H9PV/ajF7Yi9oD5iEkEMvJQgP+3Bws+voXCWueqKeXTw3z
1iG8Y9pTBDQQHK6yJ1phr7W2hwxcQqNNAyoxBBPuWzk16YQc73ZjVZ0Ot61uAIlJ
IsqAWxEC
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:13 2025 by rpki-client