Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/PcEinGOpGykuWaZ-GFM2Ka0slXA.roa
File: PcEinGOpGykuWaZ-GFM2Ka0slXA.roa (raw, json)
Hash identifier: rf4MR8W/0t7Ie6erW268II2+T/VIpYCArEcylPgsAZw=
Subject key identifier: 3D:C1:22:9C:63:A9:1B:29:2E:59:A6:7E:18:53:36:29:AD:2C:95:70
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 019421B24AD0B4A7DF0EF5BBC0A57CA9AB45
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/PcEinGOpGykuWaZ-GFM2Ka0slXA.roa
Signing time: Wed 01 Jan 2025 11:48:40 +0000
ROA not before: Wed 01 Jan 2025 11:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44815
IP address blocks: 89.167.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:4a:d0:b4:a7:df:0e:f5:bb:c0:a5:7c:a9:ab:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jan 1 11:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dc1229c63a91b292e59a67e18533629ad2c9570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:50:01:42:cb:c9:b4:d5:63:c7:d3:71:1d:91:
25:3d:34:d7:b1:a9:c0:89:63:24:64:af:fe:c8:fc:
fc:ef:26:79:00:a4:0a:80:38:c2:ef:c1:aa:16:b5:
8a:37:38:f0:4b:d9:fb:67:f4:87:62:81:44:c9:07:
67:6b:e0:45:9d:d0:5a:ab:28:82:ae:6a:05:31:39:
b5:26:9e:fc:a9:ac:f0:68:2e:d2:21:d5:47:e2:a4:
be:a9:a9:cd:a9:e3:6c:14:48:11:1a:bf:47:dd:fd:
82:02:f8:95:28:f8:59:34:33:b2:b0:ae:35:7e:1e:
ac:fd:ad:8a:26:1c:49:b5:17:8a:9a:d7:93:5c:93:
e8:fd:63:1d:e5:f1:ec:26:eb:2a:d0:53:bc:41:30:
82:82:e1:82:be:34:41:02:2c:a8:12:38:0c:38:fe:
79:c2:28:8b:ef:46:dd:c7:62:e5:f6:15:ee:36:f3:
08:98:cc:6e:c1:a1:4b:69:58:b8:3a:70:63:ba:d1:
4a:52:1e:a4:06:14:d3:56:68:ff:e2:47:2a:c1:be:
9d:c3:fa:c0:02:22:09:c4:4a:93:47:13:3f:83:0e:
ad:64:f0:82:45:18:88:7f:70:9f:6b:1e:52:6e:be:
68:b9:c7:31:aa:c3:7f:6a:fb:0d:86:06:2a:9d:65:
da:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C1:22:9C:63:A9:1B:29:2E:59:A6:7E:18:53:36:29:AD:2C:95:70
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/PcEinGOpGykuWaZ-GFM2Ka0slXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.167.220.0/24
Signature Algorithm: sha256WithRSAEncryption
76:d5:d6:c8:0a:47:33:f3:12:a7:94:d7:ad:1e:0f:5c:4a:ad:
08:ca:8f:fb:81:7e:22:75:db:eb:f1:5c:84:cc:06:1c:4c:8a:
10:3d:bd:39:5d:d8:f7:8c:2b:8d:c9:ab:d0:b7:e3:ef:1e:a0:
1f:1c:ce:27:fc:6b:56:49:64:ca:bf:8f:f6:a6:b1:eb:34:80:
1d:39:79:ab:69:bc:45:36:5c:b9:4d:dc:f1:ae:a4:fe:2e:a2:
b4:54:7a:cd:f2:3d:ff:1b:f2:90:d7:bc:ec:10:29:e3:9a:0e:
ff:96:fe:0c:46:4b:fd:55:20:82:b5:38:ff:10:3e:26:b4:35:
60:86:d2:48:a5:31:a4:e6:af:1a:9a:b3:42:8e:97:b4:bf:87:
00:98:e4:2c:ff:52:56:55:13:28:b7:02:d4:59:65:24:70:d5:
af:d1:09:b1:d8:e4:cb:72:08:fb:68:4b:7a:1b:2e:46:5a:07:
63:94:0d:59:c8:fa:05:4a:4a:bd:ef:c5:e6:3c:4e:6e:07:71:
78:3b:81:cd:45:25:9e:86:69:56:dd:fc:87:71:02:90:1b:32:
cf:26:1d:9b:a0:7a:98:a4:06:4a:a2:20:7a:10:5a:5d:fa:76:
38:ca:ef:28:62:4c:08:eb:e9:01:e9:ca:d0:14:80:6e:b5:7d:
92:15:45:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhskrQtKffDvW7wKV8qatFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjUwMTAxMTE0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGMxMjI5YzYzYTkxYjI5MmU1OWE2N2UxODUzMzYyOWFkMmM5NTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31ABQsvJtNVjx9NxHZElPTTXsanA
iWMkZK/+yPz87yZ5AKQKgDjC78GqFrWKNzjwS9n7Z/SHYoFEyQdna+BFndBaqyiC
rmoFMTm1Jp78qazwaC7SIdVH4qS+qanNqeNsFEgRGr9H3f2CAviVKPhZNDOysK41
fh6s/a2KJhxJtReKmteTXJPo/WMd5fHsJusq0FO8QTCCguGCvjRBAiyoEjgMOP55
wiiL70bdx2Ll9hXuNvMImMxuwaFLaVi4OnBjutFKUh6kBhTTVmj/4kcqwb6dw/rA
AiIJxEqTRxM/gw6tZPCCRRiIf3Cfax5Sbr5ouccxqsN/avsNhgYqnWXaHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3BIpxjqRspLlmmfhhTNimtLJVwMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvUGNFaW5HT3BHeWt1V2FaLUdGTTJLYTBzbFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWafcMA0G
CSqGSIb3DQEBCwUAA4IBAQB21dbICkcz8xKnlNetHg9cSq0Iyo/7gX4iddvr8VyE
zAYcTIoQPb05Xdj3jCuNyavQt+PvHqAfHM4n/GtWSWTKv4/2prHrNIAdOXmrabxF
Nly5TdzxrqT+LqK0VHrN8j3/G/KQ17zsECnjmg7/lv4MRkv9VSCCtTj/ED4mtDVg
htJIpTGk5q8amrNCjpe0v4cAmOQs/1JWVRMotwLUWWUkcNWv0Qmx2OTLcgj7aEt6
Gy5GWgdjlA1ZyPoFSkq978XmPE5uB3F4O4HNRSWehmlW3fyHcQKQGzLPJh2boHqY
pAZKoiB6EFpd+nY4yu8oYkwI6+kB6crQFIButX2SFUXB
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:34:54 2025 by rpki-client