Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/f0f2d0-2738-4ed4-8ad9-05b6c9c16441/1/89L3qYgunLwQpom3bGdwccQduKU.roa
File: 89L3qYgunLwQpom3bGdwccQduKU.roa (raw, json)
Hash identifier: Wmvi3Nv4a5j2YSCNbxxtOShkpYW766qjpODSUqcoafA=
Subject key identifier: F3:D2:F7:A9:88:2E:9C:BC:10:A6:89:B7:6C:67:70:71:C4:1D:B8:A5
Certificate issuer: /CN=2433a86bbc5c2bab452ff03f45a9eaf0a610c40c
Certificate serial: 019424B3C2375305DCA99845EE564DEA7A7B
Authority key identifier: 24:33:A8:6B:BC:5C:2B:AB:45:2F:F0:3F:45:A9:EA:F0:A6:10:C4:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JDOoa7xcK6tFL_A_Ranq8KYQxAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/f0f2d0-2738-4ed4-8ad9-05b6c9c16441/1/89L3qYgunLwQpom3bGdwccQduKU.roa
Signing time: Thu 02 Jan 2025 01:49:07 +0000
ROA not before: Thu 02 Jan 2025 01:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210909
IP address blocks: 185.205.69.0/24 maxlen: 24
2a10:e000:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:c2:37:53:05:dc:a9:98:45:ee:56:4d:ea:7a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2433a86bbc5c2bab452ff03f45a9eaf0a610c40c
Validity
Not Before: Jan 2 01:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3d2f7a9882e9cbc10a689b76c677071c41db8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:14:37:3c:b7:6f:81:a7:fb:94:a1:85:3e:1e:
da:e6:6e:24:05:a7:30:d9:b8:11:15:f2:9e:96:6d:
c4:8e:df:b5:3d:25:d4:f2:aa:e9:ec:da:e2:fa:66:
fa:8c:ca:f3:75:f1:68:0c:75:c8:3a:cb:6b:45:fc:
04:d0:19:07:cb:a6:56:33:d0:38:9d:f0:01:cd:1b:
bd:56:44:2c:66:6d:db:28:f5:6d:2d:69:a4:17:c1:
67:7a:5c:ce:d6:0c:f2:e4:eb:b6:09:04:21:18:de:
48:30:48:e6:33:ee:18:06:92:8b:fd:24:1f:8b:a9:
e6:2e:1f:5a:74:6c:68:6e:d3:69:39:21:0f:ea:f2:
f6:ce:5c:3e:88:19:56:10:59:a1:29:9a:89:29:fd:
49:2b:c0:bd:0e:c5:4b:33:4e:57:f1:4b:c4:04:1b:
be:56:df:ca:95:85:e9:67:a3:0a:5e:ea:b5:5b:da:
27:a3:61:7e:b6:d2:81:29:ec:00:ad:ea:73:14:59:
15:5f:16:f9:e2:1b:f9:55:f3:34:e6:f6:3b:a3:1e:
30:59:96:d8:3e:b9:d7:3e:97:10:6a:b5:67:ed:1e:
9a:78:55:90:d3:a4:23:1e:28:40:00:3f:e6:52:44:
e9:8c:f4:8b:7b:b7:29:e8:b9:0a:df:14:e7:b4:20:
20:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D2:F7:A9:88:2E:9C:BC:10:A6:89:B7:6C:67:70:71:C4:1D:B8:A5
X509v3 Authority Key Identifier:
keyid:24:33:A8:6B:BC:5C:2B:AB:45:2F:F0:3F:45:A9:EA:F0:A6:10:C4:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JDOoa7xcK6tFL_A_Ranq8KYQxAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f0f2d0-2738-4ed4-8ad9-05b6c9c16441/1/89L3qYgunLwQpom3bGdwccQduKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/f0f2d0-2738-4ed4-8ad9-05b6c9c16441/1/JDOoa7xcK6tFL_A_Ranq8KYQxAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.69.0/24
IPv6:
2a10:e000:1::/48
Signature Algorithm: sha256WithRSAEncryption
26:39:ec:12:8d:36:35:c3:71:f8:40:c6:a5:29:35:9e:46:3d:
b2:31:a1:be:04:c0:03:44:2a:d7:ce:dd:6c:de:39:e8:20:99:
67:5b:b5:bd:a5:14:9d:91:3c:d0:fe:8d:ff:ab:ad:bb:a6:d7:
ba:43:41:ed:e9:cb:9c:bd:00:11:ff:73:93:d3:77:e1:2b:a4:
1d:9c:d0:b2:15:30:e5:a7:6a:b6:9a:b6:08:da:04:d3:57:ff:
80:fb:41:b0:c6:40:c5:b2:ba:26:bc:2c:ed:ab:a5:db:0b:d8:
0e:99:70:87:1b:72:7b:a9:0c:46:6d:33:bc:e9:9e:3e:e2:0b:
c1:b0:02:20:24:6f:16:a8:63:61:ab:38:9f:fc:63:93:fa:e8:
5f:36:01:9e:58:55:5c:28:5f:37:c6:2d:9d:b6:8b:fb:c4:88:
af:30:96:d8:e7:30:8e:70:87:2b:c5:9a:07:7f:37:70:74:0d:
c2:6c:51:fe:c2:a4:8e:dc:d5:0e:fd:7e:ae:6e:fe:1b:aa:f0:
f7:4c:b4:0d:8f:4d:a7:7f:c5:57:d4:c1:1f:8c:74:c0:c8:82:
b6:c2:f8:ac:29:82:78:c1:6b:d8:55:61:9b:4c:c2:6c:48:b8:
7e:44:c7:88:72:68:2f:bb:e7:47:5a:8b:de:57:6c:bd:ba:ae:
6c:58:cd:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQks8I3UwXcqZhF7lZN6np7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MzNhODZiYmM1YzJiYWI0NTJmZjAzZjQ1YTllYWYwYTYx
MGM0MGMwHhcNMjUwMTAyMDE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2QyZjdhOTg4MmU5Y2JjMTBhNjg5Yjc2YzY3NzA3MWM0MWRiOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xQ3PLdvgaf7lKGFPh7a5m4kBacw
2bgRFfKelm3Ejt+1PSXU8qrp7Nri+mb6jMrzdfFoDHXIOstrRfwE0BkHy6ZWM9A4
nfABzRu9VkQsZm3bKPVtLWmkF8FnelzO1gzy5Ou2CQQhGN5IMEjmM+4YBpKL/SQf
i6nmLh9adGxobtNpOSEP6vL2zlw+iBlWEFmhKZqJKf1JK8C9DsVLM05X8UvEBBu+
Vt/KlYXpZ6MKXuq1W9ono2F+ttKBKewArepzFFkVXxb54hv5VfM05vY7ox4wWZbY
PrnXPpcQarVn7R6aeFWQ06QjHihAAD/mUkTpjPSLe7cp6LkK3xTntCAgFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPPS96mILpy8EKaJt2xncHHEHbilMB8GA1UdIwQY
MBaAFCQzqGu8XCurRS/wP0Wp6vCmEMQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkRPb2E3eGNLNnRGTF9BX1JhbnE4S1lReEF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9mMGYyZDAtMjczOC00ZWQ0LThhZDkt
MDViNmM5YzE2NDQxLzEvODlMM3FZZ3VuTHdRcG9tM2JHZHdjY1FkdUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9mMGYyZDAtMjczOC00ZWQ0LThhZDktMDViNmM5YzE2NDQx
LzEvSkRPb2E3eGNLNnRGTF9BX1JhbnE4S1lReEF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuc1FMA8E
AgACMAkDBwAqEOAAAAEwDQYJKoZIhvcNAQELBQADggEBACY57BKNNjXDcfhAxqUp
NZ5GPbIxob4EwANEKtfO3WzeOeggmWdbtb2lFJ2RPND+jf+rrbum17pDQe3py5y9
ABH/c5PTd+ErpB2c0LIVMOWnaraatgjaBNNX/4D7QbDGQMWyuia8LO2rpdsL2A6Z
cIcbcnupDEZtM7zpnj7iC8GwAiAkbxaoY2GrOJ/8Y5P66F82AZ5YVVwoXzfGLZ22
i/vEiK8wltjnMI5whyvFmgd/N3B0DcJsUf7CpI7c1Q79fq5u/huq8PdMtA2PTad/
xVfUwR+MdMDIgrbC+KwpgnjBa9hVYZtMwmxIuH5Ex4hyaC+750dai95XbL26rmxY
zUY=
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:41:31 2025 by rpki-client