Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/yNtguhxLlGFfI9XOFYXxQMQLlUo.roa
File: yNtguhxLlGFfI9XOFYXxQMQLlUo.roa (raw, json)
Hash identifier: CRlX9/2P79xJ+8xnxa+t5w4SEHZe79te4oGn3OoZ39E=
Subject key identifier: C8:DB:60:BA:1C:4B:94:61:5F:23:D5:CE:15:85:F1:40:C4:0B:95:4A
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 01942067FDB2D4DA6754C192CBBF53E5D49F
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/yNtguhxLlGFfI9XOFYXxQMQLlUo.roa
Signing time: Wed 01 Jan 2025 05:47:53 +0000
ROA not before: Wed 01 Jan 2025 05:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 89.58.112.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:fd:b2:d4:da:67:54:c1:92:cb:bf:53:e5:d4:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Jan 1 05:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8db60ba1c4b94615f23d5ce1585f140c40b954a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:82:a0:fb:60:21:4d:1e:58:ed:24:e4:4d:29:
64:d4:a9:b5:46:f1:f4:33:fb:e4:ca:da:58:4d:30:
87:b6:65:b4:c0:fd:92:e0:0b:00:a9:58:e3:c3:9c:
e4:19:83:3f:f7:30:2b:08:55:66:f6:ed:17:ee:cb:
c2:1c:f1:b8:b9:82:9d:ab:ff:07:6a:c0:f7:5b:bf:
db:3a:30:5f:a3:25:81:15:50:59:38:6d:08:76:b0:
d7:b3:0e:30:b3:92:ee:43:39:0e:1e:fe:69:f8:9a:
b9:a4:39:a7:e7:d9:5e:68:2b:d8:58:84:98:22:1a:
d6:c3:78:ff:a1:95:eb:01:ee:c1:d7:20:69:6c:e4:
5a:47:df:34:0b:5d:2c:da:67:43:96:ec:5e:cc:6a:
a7:ba:ee:f8:57:5e:62:1b:34:8e:e8:70:f3:96:5e:
80:0c:df:34:52:17:5f:e4:f5:5d:1b:b8:53:f7:38:
8f:c4:55:37:1e:6b:80:7c:98:56:3f:c4:4e:47:25:
66:66:7e:bc:2f:8e:04:0f:f8:89:62:f6:f9:a2:41:
78:97:53:a9:a7:1d:ac:bc:08:16:29:25:7f:3e:97:
81:8e:9d:87:17:2f:f2:8c:24:b5:3a:26:d4:14:c5:
7a:10:c2:9f:58:a0:fd:eb:90:95:11:db:50:bb:bd:
fb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DB:60:BA:1C:4B:94:61:5F:23:D5:CE:15:85:F1:40:C4:0B:95:4A
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/yNtguhxLlGFfI9XOFYXxQMQLlUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.58.112.0/21
Signature Algorithm: sha256WithRSAEncryption
a7:73:a2:d3:a1:e3:f8:b5:5c:5a:d7:31:6f:0e:e1:4b:ec:d5:
4a:46:9b:a2:b4:f0:32:7b:77:ab:fa:a3:cb:b4:a4:22:cd:6f:
43:29:f1:41:3c:7a:b8:7c:46:ea:1f:fb:42:4f:44:8b:84:04:
ce:be:81:3c:88:2b:40:c5:ca:bf:e8:ea:1f:02:9c:70:ad:74:
dd:0b:48:03:e1:42:58:30:3f:4d:36:fb:4e:ae:60:57:de:9e:
2e:13:9f:d6:bd:bf:f6:a9:d9:ee:5d:32:c4:2e:f0:fb:6e:1a:
b6:89:7a:59:34:62:d6:1e:df:75:50:dd:65:f0:15:b4:17:39:
a2:0a:90:83:bc:32:f3:7a:7c:0f:95:dc:ce:d6:12:6e:1c:2b:
fe:55:62:23:45:9b:b8:28:e0:36:63:1e:ea:50:cc:c9:f8:c2:
f2:20:79:ee:70:d5:d1:bf:f9:fa:96:07:4b:a2:6b:a2:43:29:
5b:5d:1c:9b:b5:2d:5d:0b:4a:14:86:6c:69:74:ab:1f:cd:33:
5c:23:1b:30:eb:16:4a:0d:17:4e:cd:5a:9a:2b:81:ff:66:63:
cc:c7:9d:2f:06:44:26:51:18:8d:17:91:e5:a9:3e:b4:97:54:
41:79:4f:11:fd:c3:fd:4b:75:85:c8:9d:08:37:f6:d5:3d:b1:
23:66:e6:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgZ/2y1NpnVMGSy79T5dSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjUwMTAxMDU0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGRiNjBiYTFjNGI5NDYxNWYyM2Q1Y2UxNTg1ZjE0MGM0MGI5NTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA94Kg+2AhTR5Y7STkTSlk1Km1RvH0
M/vkytpYTTCHtmW0wP2S4AsAqVjjw5zkGYM/9zArCFVm9u0X7svCHPG4uYKdq/8H
asD3W7/bOjBfoyWBFVBZOG0IdrDXsw4ws5LuQzkOHv5p+Jq5pDmn59leaCvYWISY
IhrWw3j/oZXrAe7B1yBpbORaR980C10s2mdDluxezGqnuu74V15iGzSO6HDzll6A
DN80Uhdf5PVdG7hT9ziPxFU3HmuAfJhWP8RORyVmZn68L44ED/iJYvb5okF4l1Op
px2svAgWKSV/PpeBjp2HFy/yjCS1OibUFMV6EMKfWKD965CVEdtQu737PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMjbYLocS5RhXyPVzhWF8UDEC5VKMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEveU50Z3VoeExsR0ZmSTlYT0ZZWHhRTVFMbFVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWTpwMA0G
CSqGSIb3DQEBCwUAA4IBAQCnc6LToeP4tVxa1zFvDuFL7NVKRpuitPAye3er+qPL
tKQizW9DKfFBPHq4fEbqH/tCT0SLhATOvoE8iCtAxcq/6OofApxwrXTdC0gD4UJY
MD9NNvtOrmBX3p4uE5/Wvb/2qdnuXTLELvD7bhq2iXpZNGLWHt91UN1l8BW0Fzmi
CpCDvDLzenwPldzO1hJuHCv+VWIjRZu4KOA2Yx7qUMzJ+MLyIHnucNXRv/n6lgdL
omuiQylbXRybtS1dC0oUhmxpdKsfzTNcIxsw6xZKDRdOzVqaK4H/ZmPMx50vBkQm
URiNF5HlqT60l1RBeU8R/cP9S3WFyJ0IN/bVPbEjZuZW
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:46:36 2025 by rpki-client