Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/D2CqNe4wdUYkKhJZV8hIQhcrDr4.roa
File: D2CqNe4wdUYkKhJZV8hIQhcrDr4.roa (raw, json)
Hash identifier: Ok9RqnYWa0WiQfFSWfj2N2Qdoz7oysp69x7QbrIKe+A=
Subject key identifier: 0F:60:AA:35:EE:30:75:46:24:2A:12:59:57:C8:48:42:17:2B:0E:BE
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B560827CABA31BD9D8EDA4E726D97A
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/D2CqNe4wdUYkKhJZV8hIQhcrDr4.roa
Signing time: Thu 02 Jan 2025 15:49:45 +0000
ROA not before: Thu 02 Jan 2025 15:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43581
IP address blocks: 89.23.105.0/24 maxlen: 24
89.23.106.0/24 maxlen: 24
89.23.110.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:60:82:7c:ab:a3:1b:d9:d8:ed:a4:e7:26:d9:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f60aa35ee307546242a125957c84842172b0ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:01:00:1c:eb:da:66:90:f6:07:ee:6d:c6:34:
27:93:88:c0:f5:cd:ac:97:b4:60:2f:03:f1:68:84:
5b:08:91:84:e7:74:ad:a5:08:14:52:73:28:10:a2:
8f:df:dd:0e:16:3a:00:43:b3:a7:b5:1d:cd:6d:ba:
f4:79:fa:48:ac:9d:9d:97:1f:e2:0e:56:80:0f:6e:
22:dc:37:66:5b:a9:5d:96:72:73:f2:97:2b:76:62:
cf:63:a8:97:b5:78:d7:10:c5:27:ef:1a:4f:34:47:
7c:38:b4:ec:b0:cd:c6:a7:f2:64:27:84:19:14:91:
2d:0c:3d:31:0e:18:b6:70:e1:20:bc:6f:b4:6d:7f:
71:ee:99:42:aa:bb:87:58:27:fc:94:29:83:02:82:
93:b8:1a:ae:fa:57:74:14:c7:ee:aa:e4:d8:d7:2d:
1e:52:06:80:cd:bb:71:c3:8c:42:56:0c:a9:ee:80:
45:9b:b2:03:6e:9c:4c:59:c6:38:6d:18:ab:70:f8:
6b:cf:48:42:e4:95:49:f2:c2:7f:81:bb:f8:08:b7:
2e:48:e4:68:01:91:6d:2a:70:ca:31:e7:fe:df:47:
ee:ae:8e:7f:08:52:64:94:bb:c8:1a:2c:4b:8a:86:
c0:41:f1:c1:f3:65:c2:23:8d:14:bc:a0:d0:f6:ed:
36:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:60:AA:35:EE:30:75:46:24:2A:12:59:57:C8:48:42:17:2B:0E:BE
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/D2CqNe4wdUYkKhJZV8hIQhcrDr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.105.0-89.23.106.255
89.23.110.0/24
Signature Algorithm: sha256WithRSAEncryption
59:2d:fc:e4:04:7d:f6:e1:90:ac:12:fd:ee:92:f0:d8:7e:f4:
5b:1d:44:94:8f:35:c3:68:a1:f7:bf:b9:b7:69:27:cb:50:b9:
a3:4e:6e:1e:8b:d5:64:fd:f3:19:7e:0d:25:2f:f9:87:ff:72:
ee:3a:3a:82:61:fc:d7:c9:fb:76:ec:69:32:94:72:57:9d:0d:
29:66:c4:e4:74:58:69:de:6c:06:8a:50:d5:90:24:62:57:a6:
f0:57:c1:c4:02:78:e6:f5:fc:7b:d9:a1:28:88:f6:b0:71:77:
d2:c7:b2:1f:e3:9b:c8:d5:97:8e:43:06:bc:8c:38:37:3d:20:
b0:b2:77:7d:44:cf:11:d4:41:9a:6c:3d:3f:56:45:84:af:bb:
49:92:d9:ee:d7:de:bb:f0:ea:24:dc:ec:af:bb:4a:c8:12:f8:
17:b5:22:91:7e:18:36:fe:7b:81:c0:cf:40:d1:c3:0e:16:ff:
50:e4:53:53:01:53:3d:a8:d1:7d:5a:05:34:49:f1:27:29:46:
f0:a5:6f:48:ed:09:ce:c5:46:db:64:46:b7:10:7f:3d:cd:08:
f0:38:13:ef:c4:ab:5b:ee:b5:f5:ea:56:ed:a6:13:4f:64:fe:
e1:6b:c1:b1:ae:55:c6:3a:76:56:a3:d4:5f:23:b5:e7:c6:d1:
77:b7:17:4f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQntWCCfKujG9nY7aTnJtl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjYwYWEzNWVlMzA3NTQ2MjQyYTEyNTk1N2M4NDg0MjE3MmIwZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgEAHOvaZpD2B+5txjQnk4jA9c2s
l7RgLwPxaIRbCJGE53StpQgUUnMoEKKP390OFjoAQ7OntR3Nbbr0efpIrJ2dlx/i
DlaAD24i3DdmW6ldlnJz8pcrdmLPY6iXtXjXEMUn7xpPNEd8OLTssM3Gp/JkJ4QZ
FJEtDD0xDhi2cOEgvG+0bX9x7plCqruHWCf8lCmDAoKTuBqu+ld0FMfuquTY1y0e
UgaAzbtxw4xCVgyp7oBFm7IDbpxMWcY4bRircPhrz0hC5JVJ8sJ/gbv4CLcuSORo
AZFtKnDKMef+30furo5/CFJklLvIGixLiobAQfHB82XCI40UvKDQ9u02HwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA9gqjXuMHVGJCoSWVfISEIXKw6+MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvRDJDcU5lNHdkVVlrS2hKWlY4aElRaGNyRHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZF2kD
BABZF2oDBABZF24wDQYJKoZIhvcNAQELBQADggEBAFkt/OQEffbhkKwS/e6S8Nh+
9FsdRJSPNcNoofe/ubdpJ8tQuaNObh6L1WT98xl+DSUv+Yf/cu46OoJh/NfJ+3bs
aTKUcledDSlmxOR0WGnebAaKUNWQJGJXpvBXwcQCeOb1/HvZoSiI9rBxd9LHsh/j
m8jVl45DBryMODc9ILCyd31EzxHUQZpsPT9WRYSvu0mS2e7X3rvw6iTc7K+7SsgS
+Be1IpF+GDb+e4HAz0DRww4W/1DkU1MBUz2o0X1aBTRJ8ScpRvClb0jtCc7FRttk
RrcQfz3NCPA4E+/Eq1vutfXqVu2mE09k/uFrwbGuVcY6dlaj1F8jtefG0Xe3F08=
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:37:24 2025 by rpki-client