Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/A2kOd83XlurKeug3oOCuPMQWoqM.roa
File: A2kOd83XlurKeug3oOCuPMQWoqM.roa (raw, json)
Hash identifier: TkzZouTi2vryIZ7xJqjRBCl1ZZQ9vf4xqv971+/fZVo=
Subject key identifier: 03:69:0E:77:CD:D7:96:EA:CA:7A:E8:37:A0:E0:AE:3C:C4:16:A2:A3
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B570F60AAB1DED8D2FD36A1DA9AB0D
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/A2kOd83XlurKeug3oOCuPMQWoqM.roa
Signing time: Thu 02 Jan 2025 15:49:49 +0000
ROA not before: Thu 02 Jan 2025 15:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 89.23.103.0/24 maxlen: 24
2a11:fc80::/30 maxlen: 30
2a11:fc84::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:70:f6:0a:ab:1d:ed:8d:2f:d3:6a:1d:a9:ab:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03690e77cdd796eaca7ae837a0e0ae3cc416a2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:63:8f:64:23:c7:bc:70:1f:f2:d2:78:d7:aa:
ca:6f:63:7f:64:25:22:5d:5a:29:10:b2:0b:2b:46:
b2:b6:42:f4:bf:46:1d:11:14:55:42:14:a6:d8:45:
2f:ee:98:9c:ab:d5:b9:59:e4:8a:3e:34:9f:b6:cb:
00:6d:ac:2b:e0:29:f3:f5:f9:75:81:66:f0:ad:26:
25:2b:59:5f:3d:42:b7:ff:ef:4e:a8:37:de:15:24:
8a:34:2e:ff:56:86:08:d8:c5:a2:fd:77:84:e7:6d:
4f:7a:6f:d4:2a:12:af:30:12:3e:e5:f0:7c:d0:d3:
41:ec:47:df:2f:65:93:e8:3c:ad:b4:89:a2:05:dc:
68:d0:17:c5:5f:ce:13:3d:0c:26:6f:05:85:fa:97:
8b:bd:a5:fb:f4:3a:81:e5:9b:e2:ea:89:6a:87:ec:
ae:54:fb:a1:55:cc:f4:7e:9f:10:45:df:da:ab:9d:
1e:31:77:b6:c8:8f:7d:54:6b:6a:ab:1a:76:05:dd:
77:67:41:f5:e5:b8:45:58:b5:d6:93:7d:0a:02:dd:
19:59:29:a4:b5:b8:91:3b:1f:da:64:d1:b0:b2:42:
04:b1:f2:23:14:e3:d9:b0:9d:c9:ba:87:4d:fc:64:
90:88:f0:f3:81:9a:20:6a:40:9d:5a:ac:b5:9a:22:
61:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:69:0E:77:CD:D7:96:EA:CA:7A:E8:37:A0:E0:AE:3C:C4:16:A2:A3
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/A2kOd83XlurKeug3oOCuPMQWoqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.103.0/24
IPv6:
2a11:fc80::/29
Signature Algorithm: sha256WithRSAEncryption
6a:9c:75:27:78:bd:41:43:ca:cb:fc:94:42:ca:74:83:02:f6:
ba:c0:e6:ae:86:03:8c:42:ce:bd:7f:ff:a5:7d:23:18:a1:6b:
01:88:a5:5a:ff:f5:10:95:bb:8b:e8:46:02:10:3f:f1:c2:7b:
43:27:b6:3f:6c:64:b5:e1:90:73:67:47:79:48:9d:0a:dc:c6:
7a:7a:f8:bb:b0:eb:1d:49:8d:1c:ea:cf:50:b4:fe:da:63:52:
27:a5:42:82:8b:a7:1f:47:e9:67:9e:41:4c:52:f2:cc:78:9f:
77:48:8a:f9:3d:70:34:a7:12:85:4e:bf:fb:25:fe:d3:6f:81:
e7:9e:77:06:77:a6:09:6d:cd:03:56:c4:2a:1a:b6:bf:a7:51:
36:d1:13:30:1f:2f:c8:5e:ea:90:73:32:f7:5f:3d:bb:28:bd:
75:e3:9b:e8:85:4f:33:df:5c:a4:11:dd:de:bf:ae:84:12:bd:
70:e4:ab:15:ca:8e:01:0e:de:fa:90:e2:20:f3:b4:1c:5d:7a:
57:cb:3b:10:0b:77:ed:42:55:f9:d0:2b:b3:db:cd:5e:f3:59:
7c:61:a2:86:b2:3c:24:e4:61:a4:d9:f0:80:fa:ee:6e:c2:62:
0d:16:86:49:32:0a:de:f5:51:6c:1d:63:77:10:27:e2:16:d9:
a9:26:96:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntXD2Cqsd7Y0v02odqasNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzY5MGU3N2NkZDc5NmVhY2E3YWU4MzdhMGUwYWUzY2M0MTZhMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2OPZCPHvHAf8tJ416rKb2N/ZCUi
XVopELILK0aytkL0v0YdERRVQhSm2EUv7picq9W5WeSKPjSftssAbawr4Cnz9fl1
gWbwrSYlK1lfPUK3/+9OqDfeFSSKNC7/VoYI2MWi/XeE521Pem/UKhKvMBI+5fB8
0NNB7EffL2WT6DyttImiBdxo0BfFX84TPQwmbwWF+peLvaX79DqB5Zvi6olqh+yu
VPuhVcz0fp8QRd/aq50eMXe2yI99VGtqqxp2Bd13Z0H15bhFWLXWk30KAt0ZWSmk
tbiROx/aZNGwskIEsfIjFOPZsJ3JuodN/GSQiPDzgZogakCdWqy1miJh4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFANpDnfN15bqynroN6DgrjzEFqKjMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvQTJrT2Q4M1hsdXJLZXVnM29PQ3VQTVFXb3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAWRdnMA0E
AgACMAcDBQMqEfyAMA0GCSqGSIb3DQEBCwUAA4IBAQBqnHUneL1BQ8rL/JRCynSD
Ava6wOauhgOMQs69f/+lfSMYoWsBiKVa//UQlbuL6EYCED/xwntDJ7Y/bGS14ZBz
Z0d5SJ0K3MZ6evi7sOsdSY0c6s9QtP7aY1InpUKCi6cfR+lnnkFMUvLMeJ93SIr5
PXA0pxKFTr/7Jf7Tb4HnnncGd6YJbc0DVsQqGra/p1E20RMwHy/IXuqQczL3Xz27
KL1145vohU8z31ykEd3ev66EEr1w5KsVyo4BDt76kOIg87QcXXpXyzsQC3ftQlX5
0Cuz281e81l8YaKGsjwk5GGk2fCA+u5uwmINFoZJMgre9VFsHWN3ECfiFtmpJpaW
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:41 2025 by rpki-client