Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/LT7os0hZfqf3BLiE_8C5t_hMdvI.roa
File: LT7os0hZfqf3BLiE_8C5t_hMdvI.roa (raw, json)
Hash identifier: JUmf8dzKd/CSCdlFLTsvfflUYs+p8v3G04Vc+ARCnJc=
Subject key identifier: 2D:3E:E8:B3:48:59:7E:A7:F7:04:B8:84:FF:C0:B9:B7:F8:4C:76:F2
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0194DEAB29DEEBCAA1A4630DDED211C880B4
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/LT7os0hZfqf3BLiE_8C5t_hMdvI.roa
Signing time: Fri 07 Feb 2025 04:29:06 +0000
ROA not before: Fri 07 Feb 2025 04:29:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56694
IP address blocks: 89.23.96.0/22 maxlen: 22
89.23.100.0/24 maxlen: 24
89.23.101.0/24 maxlen: 24
89.23.102.0/24 maxlen: 24
212.67.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:de:ab:29:de:eb:ca:a1:a4:63:0d:de:d2:11:c8:80:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 7 04:29:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d3ee8b348597ea7f704b884ffc0b9b7f84c76f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5a:cd:9f:1d:83:0d:96:bf:67:13:37:dd:3e:
67:90:f8:8e:8f:04:b0:2e:18:12:cf:28:59:af:22:
c3:6a:ae:79:4f:8e:6c:34:f1:15:0f:b5:8f:cb:c2:
da:30:15:a5:0f:7b:6d:1b:d3:35:32:8f:ac:72:53:
ad:ef:e6:82:c6:4c:03:6c:b4:41:03:23:2c:c2:5c:
f1:96:f0:ce:a2:45:ee:e0:74:ee:9c:9d:ff:04:a8:
ee:df:5b:87:3d:ac:13:49:30:cc:9b:e7:75:83:61:
ec:89:f2:cd:f4:3e:ce:b0:25:63:07:cb:f3:91:88:
c8:00:73:de:65:95:ca:4d:fd:a0:59:e1:00:09:b3:
8f:f7:dd:26:eb:b8:88:c5:2c:f9:1d:d7:3b:02:e7:
b8:80:c9:bb:1b:f3:b7:2e:ef:90:d8:94:d8:9f:18:
61:09:1b:02:34:07:26:13:0a:f8:e8:e1:82:da:4e:
0e:8a:f0:4f:c1:43:16:ff:04:75:2f:a0:0c:26:dc:
46:7e:68:3c:c5:6f:7a:2c:dc:96:28:5c:45:95:06:
15:ee:4c:46:ad:d6:57:6a:9a:23:a3:e9:ea:89:c6:
a9:e0:5f:8a:03:ef:9b:7b:c7:ee:33:37:65:af:4a:
8b:fc:49:f8:50:08:10:2c:3b:5e:76:bc:cb:f3:cf:
cb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3E:E8:B3:48:59:7E:A7:F7:04:B8:84:FF:C0:B9:B7:F8:4C:76:F2
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/LT7os0hZfqf3BLiE_8C5t_hMdvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.96.0-89.23.102.255
212.67.17.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:d8:df:00:84:77:0d:b8:de:a8:9b:ad:9b:d0:a6:ee:28:7a:
4d:74:a3:d0:1b:b5:94:b6:b4:eb:60:2a:45:38:05:5c:5b:78:
3d:92:97:b5:e8:b0:a6:9d:7a:06:b0:f7:8a:7f:af:a9:5e:56:
a0:66:df:03:83:bd:79:29:44:c6:31:21:d3:a4:d7:e1:ba:41:
9a:2a:28:78:c8:b9:9f:c7:cd:31:0b:7a:14:66:82:ce:b9:a0:
95:35:8a:4a:29:a9:b2:6e:e6:f0:2d:00:9e:13:87:a1:d7:1f:
cc:40:ea:38:c6:82:85:f8:2f:f6:84:b6:b2:a8:6e:2c:5a:14:
51:be:81:b0:b2:f4:32:78:0a:e2:ff:a1:10:77:8d:44:d7:d8:
1f:32:04:18:93:a2:5b:d0:96:c9:8e:e4:05:c7:ff:c8:19:cc:
67:88:c4:53:1e:6c:80:4c:be:9b:e8:ac:29:c0:67:70:1e:d1:
9a:c1:a9:8e:45:7d:b5:01:c8:d0:e1:17:2d:7f:65:d8:41:78:
af:9d:f3:03:7d:d4:f1:f8:df:5c:46:8d:02:35:bb:a6:bb:60:
dd:79:3e:2d:8c:5c:91:ef:f0:b5:43:f0:c4:80:7f:1f:35:40:
5b:ad:e9:37:a8:77:8d:3e:61:12:e5:b3:29:eb:bd:68:6a:60:
a3:b1:b0:66
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZTeqyne68qhpGMN3tIRyIC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMjA3MDQyOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDNlZThiMzQ4NTk3ZWE3ZjcwNGI4ODRmZmMwYjliN2Y4NGM3NmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVrNnx2DDZa/ZxM33T5nkPiOjwSw
LhgSzyhZryLDaq55T45sNPEVD7WPy8LaMBWlD3ttG9M1Mo+sclOt7+aCxkwDbLRB
AyMswlzxlvDOokXu4HTunJ3/BKju31uHPawTSTDMm+d1g2HsifLN9D7OsCVjB8vz
kYjIAHPeZZXKTf2gWeEACbOP990m67iIxSz5Hdc7Aue4gMm7G/O3Lu+Q2JTYnxhh
CRsCNAcmEwr46OGC2k4OivBPwUMW/wR1L6AMJtxGfmg8xW96LNyWKFxFlQYV7kxG
rdZXapojo+nqicap4F+KA++be8fuMzdlr0qL/En4UAgQLDtedrzL88/L2QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFC0+6LNIWX6n9wS4hP/Aubf4THbyMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvTFQ3b3MwaFpmcWYzQkxpRV84QzV0X2hNZHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVZF2AD
BABZF2YDBADUQxEwDQYJKoZIhvcNAQELBQADggEBANTY3wCEdw243qibrZvQpu4o
ek10o9AbtZS2tOtgKkU4BVxbeD2Sl7XosKadegaw94p/r6leVqBm3wODvXkpRMYx
IdOk1+G6QZoqKHjIuZ/HzTELehRmgs65oJU1ikopqbJu5vAtAJ4Th6HXH8xA6jjG
goX4L/aEtrKobixaFFG+gbCy9DJ4CuL/oRB3jUTX2B8yBBiTolvQlsmO5AXH/8gZ
zGeIxFMebIBMvpvorCnAZ3Ae0ZrBqY5FfbUByNDhFy1/ZdhBeK+d8wN91PH431xG
jQI1u6a7YN15Pi2MXJHv8LVD8MSAfx81QFut6Teod40+YRLlsynrvWhqYKOxsGY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:55 2025 by rpki-client