Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/ryDPDikJ1i_zY_ss9G41qhvN3jc.roa
File: ryDPDikJ1i_zY_ss9G41qhvN3jc.roa (raw, json)
Hash identifier: h94vj7TMlIg5ainHE5mYHmcUUj3Q1WNeWVzGbaI/3Fg=
Subject key identifier: AF:20:CF:0E:29:09:D6:2F:F3:63:FB:2C:F4:6E:35:AA:1B:CD:DE:37
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 019464B5EC6BE1EFE8435E66B2C5FA21933E
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/ryDPDikJ1i_zY_ss9G41qhvN3jc.roa
Signing time: Tue 14 Jan 2025 12:07:11 +0000
ROA not before: Tue 14 Jan 2025 12:07:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12302
IP address blocks: 89.35.0.0/23 maxlen: 24
89.40.42.0/24 maxlen: 24
194.26.128.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:64:b5:ec:6b:e1:ef:e8:43:5e:66:b2:c5:fa:21:93:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Jan 14 12:07:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af20cf0e2909d62ff363fb2cf46e35aa1bcdde37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:db:b1:c5:66:15:aa:8a:a3:12:5a:d3:3b:92:
d1:1d:31:e7:3f:23:b6:5c:0b:94:be:32:05:cf:84:
1f:2c:e7:30:60:c2:cb:c3:60:c6:25:6b:ee:e2:4b:
b8:a1:a7:60:47:37:06:40:2a:cd:e4:fa:90:ad:9c:
00:e5:81:72:a4:37:a5:4a:cd:17:2b:14:b9:2b:84:
99:8c:f8:69:53:b2:0b:79:dd:89:e9:d2:e2:68:bd:
65:2e:7c:a2:03:0e:1c:68:44:12:4c:ac:fc:ef:d6:
c0:02:97:97:73:ef:89:32:f9:49:52:0c:5a:a7:94:
35:13:4b:7d:44:c8:69:fe:f7:49:ad:5d:7f:c1:e7:
b7:4c:33:76:17:e4:10:98:13:44:48:6b:82:45:27:
56:3c:bc:8f:31:97:88:48:2f:68:d2:39:67:19:a3:
f1:27:9c:2c:98:4f:41:33:ee:b2:3d:89:1d:9b:83:
b1:57:4d:67:fc:6d:1c:60:b4:45:f0:66:8f:c1:ea:
e3:94:4e:23:7b:5b:15:2f:8d:0e:56:de:81:c4:f7:
bc:17:13:7c:32:22:77:f0:02:54:9e:35:ae:15:83:
e7:10:6f:05:64:93:5d:98:c7:35:49:f6:be:81:dc:
b6:38:99:d2:e1:f0:a3:60:97:82:60:61:9d:8b:3b:
60:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:20:CF:0E:29:09:D6:2F:F3:63:FB:2C:F4:6E:35:AA:1B:CD:DE:37
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/ryDPDikJ1i_zY_ss9G41qhvN3jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.0.0/23
89.40.42.0/24
194.26.128.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:65:0f:f0:94:c6:db:78:8e:23:bd:aa:fe:c8:5f:94:17:2e:
51:44:ab:c7:df:18:3c:c4:54:52:89:64:2a:88:bd:92:78:e9:
9e:a3:18:c7:4c:ea:b3:ee:64:d2:92:2d:7a:8f:b3:6d:f0:dc:
85:9e:c9:7c:36:35:d8:7b:b7:07:07:6f:62:52:e6:04:ac:5c:
ea:c8:94:92:58:c1:82:93:f4:f2:8a:5b:95:78:70:33:5b:f4:
b5:9b:c8:57:65:1f:e7:fa:55:e0:aa:0b:00:44:e8:01:d4:9c:
86:4b:e1:5e:74:3f:11:45:de:c4:11:50:51:73:90:e4:f0:97:
34:01:ad:e5:30:85:d5:fa:14:dc:42:54:3a:ef:cb:8e:4a:74:
0b:26:ff:98:d1:d4:b8:3b:37:32:9d:51:d5:e1:ea:1e:dd:84:
8e:96:95:62:b2:b3:cd:36:88:0e:7f:55:ea:32:e7:41:a1:0d:
cf:89:3b:6e:db:4a:fc:d2:9f:97:b7:63:48:ba:a6:b4:65:e9:
71:cd:8a:55:43:35:55:b2:56:9c:78:76:dc:c6:c0:5d:87:27:
b3:6f:89:d2:66:be:c5:dd:0d:ad:ea:0d:6b:1e:51:01:9c:69:
cd:15:fa:46:84:9b:bd:4d:02:85:2b:3d:9a:c5:d9:08:33:e6:
86:8d:49:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRktexr4e/oQ15mssX6IZM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjUwMTE0MTIwNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjIwY2YwZTI5MDlkNjJmZjM2M2ZiMmNmNDZlMzVhYTFiY2RkZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNuxxWYVqoqjElrTO5LRHTHnPyO2
XAuUvjIFz4QfLOcwYMLLw2DGJWvu4ku4oadgRzcGQCrN5PqQrZwA5YFypDelSs0X
KxS5K4SZjPhpU7ILed2J6dLiaL1lLnyiAw4caEQSTKz879bAApeXc++JMvlJUgxa
p5Q1E0t9RMhp/vdJrV1/wee3TDN2F+QQmBNESGuCRSdWPLyPMZeISC9o0jlnGaPx
J5wsmE9BM+6yPYkdm4OxV01n/G0cYLRF8GaPwerjlE4je1sVL40OVt6BxPe8FxN8
MiJ38AJUnjWuFYPnEG8FZJNdmMc1Sfa+gdy2OJnS4fCjYJeCYGGdiztgsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK8gzw4pCdYv82P7LPRuNaobzd43MB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvcnlEUERpa0oxaV96WV9zczlHNDFxaHZOM2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWSMAAwQA
WSgqAwQAwhqAMA0GCSqGSIb3DQEBCwUAA4IBAQAbZQ/wlMbbeI4jvar+yF+UFy5R
RKvH3xg8xFRSiWQqiL2SeOmeoxjHTOqz7mTSki16j7Nt8NyFnsl8NjXYe7cHB29i
UuYErFzqyJSSWMGCk/TyiluVeHAzW/S1m8hXZR/n+lXgqgsAROgB1JyGS+FedD8R
Rd7EEVBRc5Dk8Jc0Aa3lMIXV+hTcQlQ678uOSnQLJv+Y0dS4OzcynVHV4eoe3YSO
lpVisrPNNogOf1XqMudBoQ3PiTtu20r80p+Xt2NIuqa0ZelxzYpVQzVVslaceHbc
xsBdhyezb4nSZr7F3Q2t6g1rHlEBnGnNFfpGhJu9TQKFKz2axdkIM+aGjUmA
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:27:35 2025 by rpki-client