Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/Fw_kxU9y2ZFFUFhTyjj3cOM8HE0.roa
File: Fw_kxU9y2ZFFUFhTyjj3cOM8HE0.roa (raw, json)
Hash identifier: RbilBDizHS14qZ4Da7c1uCTbplJrxj3lujK+7Ie1xww=
Subject key identifier: 17:0F:E4:C5:4F:72:D9:91:45:50:58:53:CA:38:F7:70:E3:3C:1C:4D
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 01942444C19FF51677D0FB66EDB405FE3BA5
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/Fw_kxU9y2ZFFUFhTyjj3cOM8HE0.roa
Signing time: Wed 01 Jan 2025 23:47:53 +0000
ROA not before: Wed 01 Jan 2025 23:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134926
IP address blocks: 89.47.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:c1:9f:f5:16:77:d0:fb:66:ed:b4:05:fe:3b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Jan 1 23:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=170fe4c54f72d99145505853ca38f770e33c1c4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ad:4d:29:b8:55:02:6a:8d:75:e6:21:a4:a7:
6d:3a:27:3a:d0:ee:8c:29:c1:6b:a1:08:40:59:f0:
31:28:00:14:51:98:2e:4f:9f:9d:9a:a7:6b:32:a3:
5c:2d:7f:7e:29:5a:4f:3e:a7:6c:e5:cd:68:14:5b:
5d:9a:59:19:51:59:81:12:bd:00:a9:9c:6e:22:ad:
8b:b4:7d:fe:f2:35:d9:e7:43:87:ad:26:6d:9e:3e:
73:ad:79:cd:31:82:9b:b0:25:c0:a1:cf:ca:97:02:
54:e5:94:7a:96:27:12:90:e6:36:d0:0f:6b:e1:06:
61:6a:a8:d9:ee:ad:96:25:12:de:be:f8:22:ee:0a:
f4:fb:19:58:2d:15:61:5b:51:4f:a6:b0:33:10:54:
e2:b7:38:a5:8f:c7:24:06:6f:d3:51:b5:5b:ec:28:
8a:50:b6:d7:8c:53:5c:72:35:d7:c0:5e:82:71:78:
e1:97:b3:61:bf:90:dd:61:fc:be:34:63:3c:5d:0b:
8b:09:4d:27:b5:b8:7f:5d:7b:31:18:16:11:39:5e:
28:31:c5:c4:92:b9:3e:67:17:69:c5:76:4e:5f:5b:
3a:42:15:40:01:e9:eb:bc:b4:d9:58:39:a2:79:5c:
cc:33:bd:9f:cb:2c:65:4c:c1:36:3e:4a:a5:ac:89:
ec:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:0F:E4:C5:4F:72:D9:91:45:50:58:53:CA:38:F7:70:E3:3C:1C:4D
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/Fw_kxU9y2ZFFUFhTyjj3cOM8HE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:5d:cf:7e:6f:96:56:04:1e:97:a0:d4:54:b7:35:79:88:45:
7c:c5:27:78:6e:97:e4:59:83:6b:1e:7b:08:97:11:32:b1:f0:
1b:00:7f:89:16:12:35:0c:6b:db:85:7e:37:fd:8f:ac:dd:48:
a9:fe:2b:b0:56:c8:3d:6e:5c:b0:47:1a:4a:31:f0:52:2b:c2:
68:f0:17:55:6a:55:ea:06:8c:2e:b9:8f:63:bb:95:44:f6:1d:
ca:57:8f:9d:36:85:7f:44:fb:d5:dc:83:f8:86:bd:ab:0f:a8:
e6:51:93:4e:d0:9c:22:07:0d:ad:36:4c:78:cc:1e:a3:d2:fa:
3f:40:43:a8:8d:4d:1d:9a:ac:d7:b6:3b:49:a9:59:7c:c6:28:
f4:f8:99:df:73:ec:e7:4d:b4:8c:b2:01:61:bf:6d:b5:5c:97:
e2:96:f2:72:8d:0a:72:2d:90:dd:5d:b9:ea:e5:1e:98:02:7b:
23:3c:e8:31:c2:df:27:4b:12:44:95:67:e5:f5:01:c9:57:e9:
47:0e:7a:af:4c:98:ed:53:ff:81:81:38:c4:e8:98:eb:bd:40:
89:07:76:73:fb:55:16:75:1d:8c:08:52:fb:99:5c:05:f3:81:
85:6a:a7:00:6c:f7:8c:9f:e9:d9:5c:7d:7f:82:06:e3:77:af:
77:f6:c6:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRMGf9RZ30Ptm7bQF/julMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjUwMTAxMjM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzBmZTRjNTRmNzJkOTkxNDU1MDU4NTNjYTM4Zjc3MGUzM2MxYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu61NKbhVAmqNdeYhpKdtOic60O6M
KcFroQhAWfAxKAAUUZguT5+dmqdrMqNcLX9+KVpPPqds5c1oFFtdmlkZUVmBEr0A
qZxuIq2LtH3+8jXZ50OHrSZtnj5zrXnNMYKbsCXAoc/KlwJU5ZR6licSkOY20A9r
4QZhaqjZ7q2WJRLevvgi7gr0+xlYLRVhW1FPprAzEFTitzilj8ckBm/TUbVb7CiK
ULbXjFNccjXXwF6CcXjhl7Nhv5DdYfy+NGM8XQuLCU0ntbh/XXsxGBYROV4oMcXE
krk+ZxdpxXZOX1s6QhVAAenrvLTZWDmieVzMM72fyyxlTME2PkqlrInsrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBcP5MVPctmRRVBYU8o493DjPBxNMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvRndfa3hVOXkyWkZGVUZoVHlqajNjT004SEUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS87MA0G
CSqGSIb3DQEBCwUAA4IBAQAOXc9+b5ZWBB6XoNRUtzV5iEV8xSd4bpfkWYNrHnsI
lxEysfAbAH+JFhI1DGvbhX43/Y+s3Uip/iuwVsg9blywRxpKMfBSK8Jo8BdValXq
BowuuY9ju5VE9h3KV4+dNoV/RPvV3IP4hr2rD6jmUZNO0JwiBw2tNkx4zB6j0vo/
QEOojU0dmqzXtjtJqVl8xij0+Jnfc+znTbSMsgFhv221XJfilvJyjQpyLZDdXbnq
5R6YAnsjPOgxwt8nSxJElWfl9QHJV+lHDnqvTJjtU/+BgTjE6JjrvUCJB3Zz+1UW
dR2MCFL7mVwF84GFaqcAbPeMn+nZXH1/ggbjd6939sY1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:04 2025 by rpki-client