Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/OrF2xG8avuxGrpmOXZN3cT6uOd4.roa
File: OrF2xG8avuxGrpmOXZN3cT6uOd4.roa (raw, json)
Hash identifier: 6sBq02Bpl0iKdz4R0G8yzMetYTxfTK9ZttAM0+HPHcY=
Subject key identifier: 3A:B1:76:C4:6F:1A:BE:EC:46:AE:99:8E:5D:93:77:71:3E:AE:39:DE
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 019427477F24170653CC02E7225D30C5B09A
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/OrF2xG8avuxGrpmOXZN3cT6uOd4.roa
Signing time: Thu 02 Jan 2025 13:49:44 +0000
ROA not before: Thu 02 Jan 2025 13:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60893
IP address blocks: 89.18.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:7f:24:17:06:53:cc:02:e7:22:5d:30:c5:b0:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Jan 2 13:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ab176c46f1abeec46ae998e5d9377713eae39de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3d:90:0d:34:37:d0:05:91:92:5b:c0:c3:b3:
af:03:c5:ec:7f:05:ed:4e:6d:31:fd:c2:55:28:d7:
aa:c9:d1:c6:1a:b8:e0:4b:a4:7b:63:90:c3:7b:21:
71:a4:d8:c2:c3:9c:e0:51:8c:7a:72:f3:5c:48:d9:
b8:04:ce:3b:7e:b7:bc:08:29:26:65:59:9c:0c:57:
03:85:4f:8a:9f:0f:db:28:f4:a3:01:5f:a9:54:20:
a5:33:f0:53:e9:b5:32:59:03:9b:57:ea:3a:31:7e:
73:8d:eb:e0:2b:f7:45:ad:a4:80:8f:fc:0a:48:97:
f0:fd:19:3d:6f:88:22:6b:e2:8c:d6:5d:b7:8f:34:
d1:ed:fa:24:94:77:c7:6d:bd:b9:9e:57:ec:ba:75:
d1:1d:54:1c:33:70:4a:24:eb:1e:e1:25:43:a9:e7:
85:30:72:38:9a:ec:be:66:e2:7b:77:2f:7b:c4:55:
fd:46:2e:0b:bc:b2:6d:d0:3a:98:31:35:15:54:91:
f4:ae:e7:21:a9:05:a6:96:85:d3:1d:d8:ff:11:73:
da:56:91:c9:51:3a:34:8c:b5:7c:7e:81:cf:8e:51:
9e:f8:65:92:f0:9c:a1:fd:12:da:15:2d:f9:6c:47:
49:c9:09:6e:96:83:dd:9a:5c:2e:b0:b0:7d:a0:1a:
b0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B1:76:C4:6F:1A:BE:EC:46:AE:99:8E:5D:93:77:71:3E:AE:39:DE
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/OrF2xG8avuxGrpmOXZN3cT6uOd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.18.175.0/24
Signature Algorithm: sha256WithRSAEncryption
74:36:87:ee:aa:f8:f3:b0:65:4b:08:26:4a:98:03:03:5a:38:
fb:d4:60:cf:c8:66:01:6e:18:1e:d6:c6:e5:d3:ac:3b:46:9b:
e1:55:26:2d:80:8c:1f:61:52:a7:0d:d6:e5:22:97:b4:01:de:
6e:c5:89:d2:7f:40:5f:6d:cd:97:52:cd:e3:c0:5d:f2:fa:bf:
85:f8:b4:f6:06:11:22:bb:1a:8c:de:d7:e9:15:c0:92:33:89:
8d:76:5a:82:e4:61:28:af:2d:e3:a7:ae:5f:0a:18:77:1c:c2:
c9:70:21:74:5e:ca:ad:19:7e:9b:0e:06:51:92:bb:94:46:43:
34:2a:c1:1e:f1:38:50:07:48:4c:74:8a:01:23:44:44:c5:86:
e2:fb:f5:aa:7c:88:97:d7:9b:21:21:e3:8f:2f:51:48:96:58:
12:ec:04:79:33:36:c8:67:14:a3:a7:bb:6f:ac:f7:9c:ec:bb:
cf:2c:c3:cb:c2:f0:1a:6e:2f:f2:12:6a:87:c0:43:de:5c:a2:
cc:f8:4b:e8:08:00:d5:60:78:98:aa:11:2e:e1:67:56:9f:c8:
8e:f1:dd:82:87:94:fc:10:24:33:75:75:39:ff:43:8e:59:78:
05:91:e9:63:13:82:ca:64:3e:41:63:af:70:9c:0a:a6:7c:7c:
36:f9:01:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR38kFwZTzALnIl0wxbCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjUwMTAyMTM0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWIxNzZjNDZmMWFiZWVjNDZhZTk5OGU1ZDkzNzc3MTNlYWUzOWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz2QDTQ30AWRklvAw7OvA8XsfwXt
Tm0x/cJVKNeqydHGGrjgS6R7Y5DDeyFxpNjCw5zgUYx6cvNcSNm4BM47fre8CCkm
ZVmcDFcDhU+Knw/bKPSjAV+pVCClM/BT6bUyWQObV+o6MX5zjevgK/dFraSAj/wK
SJfw/Rk9b4gia+KM1l23jzTR7foklHfHbb25nlfsunXRHVQcM3BKJOse4SVDqeeF
MHI4muy+ZuJ7dy97xFX9Ri4LvLJt0DqYMTUVVJH0ruchqQWmloXTHdj/EXPaVpHJ
UTo0jLV8foHPjlGe+GWS8Jyh/RLaFS35bEdJyQluloPdmlwusLB9oBqwGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqxdsRvGr7sRq6Zjl2Td3E+rjneMB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvT3JGMnhHOGF2dXhHcnBtT1haTjNjVDZ1T2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRKvMA0G
CSqGSIb3DQEBCwUAA4IBAQB0NofuqvjzsGVLCCZKmAMDWjj71GDPyGYBbhge1sbl
06w7RpvhVSYtgIwfYVKnDdblIpe0Ad5uxYnSf0Bfbc2XUs3jwF3y+r+F+LT2BhEi
uxqM3tfpFcCSM4mNdlqC5GEory3jp65fChh3HMLJcCF0XsqtGX6bDgZRkruURkM0
KsEe8ThQB0hMdIoBI0RExYbi+/WqfIiX15shIeOPL1FIllgS7AR5MzbIZxSjp7tv
rPec7LvPLMPLwvAabi/yEmqHwEPeXKLM+EvoCADVYHiYqhEu4WdWn8iO8d2Ch5T8
ECQzdXU5/0OOWXgFkeljE4LKZD5BY69wnAqmfHw2+QEn
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:47 2025 by rpki-client