Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Q_DYkoAB8Tw3k0qMD14I43aW_Sk.roa
File: Q_DYkoAB8Tw3k0qMD14I43aW_Sk.roa (raw, json)
Hash identifier: FsHTp8Ag2/dLBUBs8F01SYiqx9HIBl3Dr3VEvYmRIRU=
Subject key identifier: 43:F0:D8:92:80:01:F1:3C:37:93:4A:8C:0F:5E:08:E3:76:96:FD:29
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01864EBC55EB337A5F8C166C3BC6FF24E01E
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Q_DYkoAB8Tw3k0qMD14I43aW_Sk.roa
Signing time: Tue 14 Feb 2023 07:03:30 +0000
ROA not before: Tue 14 Feb 2023 07:03:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 89.40.176.0/22 maxlen: 24
89.36.236.0/22 maxlen: 24
89.36.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4e:bc:55:eb:33:7a:5f:8c:16:6c:3b:c6:ff:24:e0:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 14 07:03:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43f0d8928001f13c37934a8c0f5e08e37696fd29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:58:93:eb:52:98:f3:cf:80:09:52:47:8d:61:
4f:81:60:e0:54:84:04:b2:13:4d:fd:e1:9b:93:4d:
e5:ea:ee:2e:a0:60:b8:37:b8:e0:70:1f:17:4e:98:
90:b7:1a:ca:b8:c5:38:6e:ba:bf:6b:2c:cb:46:31:
b0:8a:c5:93:03:03:aa:2b:7b:67:1f:dc:78:d9:9c:
14:d0:86:ee:72:68:0e:9b:a7:bb:37:ff:38:db:e6:
51:38:23:7d:0b:0e:74:e4:ea:fb:c3:8a:54:ff:26:
a6:b9:1e:69:f5:a0:50:2f:07:7b:da:29:6e:0a:82:
44:a8:2b:d0:e6:f8:3a:87:ec:3c:08:81:af:40:44:
f9:3d:1c:03:97:7b:2c:11:9e:7f:ff:f5:50:ef:d2:
f7:e7:05:7a:45:fb:a3:ac:1b:6c:9f:a1:61:41:25:
53:95:90:9f:93:dd:6e:26:90:ec:01:57:2b:57:62:
a3:31:2c:09:12:b8:2c:54:77:7a:76:cd:b3:5d:2a:
d9:22:37:32:a4:88:c0:2b:29:18:e4:5f:a6:f7:7f:
03:e1:29:4d:10:55:ca:07:c4:bb:a4:58:f4:fb:92:
19:c4:c6:12:95:3e:6b:fc:57:58:ab:75:27:7e:ef:
18:e4:f1:ce:1d:21:a0:1c:77:9e:5a:86:c8:46:b1:
7c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F0:D8:92:80:01:F1:3C:37:93:4A:8C:0F:5E:08:E3:76:96:FD:29
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/Q_DYkoAB8Tw3k0qMD14I43aW_Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.32.0/22
89.36.236.0/22
89.40.176.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:48:6c:ae:1f:1b:ac:f2:5c:54:bb:07:bf:cc:ce:f9:b2:9d:
0b:59:09:f9:ba:c3:30:30:3c:19:24:57:67:8d:3e:e3:8a:22:
6c:70:61:15:d7:96:93:af:96:a7:9c:f6:ee:8b:68:5a:fb:2d:
32:57:d7:d8:14:c2:c9:e9:54:ba:84:44:13:13:93:05:9d:c0:
9c:e4:ec:0f:e2:13:b7:f5:74:6a:b0:86:15:f1:58:fe:9c:21:
bc:7f:25:5b:f8:41:b6:79:e0:5e:2b:82:6c:f7:31:12:1c:d7:
cc:00:b6:d6:64:fe:da:8c:d5:e3:6f:34:b2:f6:3e:72:06:6d:
75:0b:f1:81:2e:fd:cc:4c:27:c0:28:cb:96:10:2c:90:e7:6f:
44:8e:c1:68:a7:12:47:e2:64:b5:00:35:14:f7:41:55:df:20:
d8:86:95:40:40:d3:6e:63:e9:a0:61:8e:be:ce:85:43:41:c7:
3e:85:df:f2:52:71:70:4f:1c:fd:78:82:c6:df:50:d4:2b:42:
d2:fe:de:19:5a:d3:e0:95:4e:43:72:ee:40:73:46:26:3f:a9:
3e:c8:58:f5:52:8e:b0:05:b4:a4:6a:a2:be:45:d4:be:e2:f4:
26:c8:84:5a:90:ef:d0:dc:4b:89:0f:5d:23:34:a1:14:42:ee:
1e:50:2a:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZOvFXrM3pfjBZsO8b/JOAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMjE0MDcwMzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2YwZDg5MjgwMDFmMTNjMzc5MzRhOGMwZjVlMDhlMzc2OTZmZDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFiT61KY88+ACVJHjWFPgWDgVIQE
shNN/eGbk03l6u4uoGC4N7jgcB8XTpiQtxrKuMU4brq/ayzLRjGwisWTAwOqK3tn
H9x42ZwU0IbucmgOm6e7N/842+ZROCN9Cw505Or7w4pU/yamuR5p9aBQLwd72ilu
CoJEqCvQ5vg6h+w8CIGvQET5PRwDl3ssEZ5///VQ79L35wV6RfujrBtsn6FhQSVT
lZCfk91uJpDsAVcrV2KjMSwJErgsVHd6ds2zXSrZIjcypIjAKykY5F+m938D4SlN
EFXKB8S7pFj0+5IZxMYSlT5r/FdYq3Unfu8Y5PHOHSGgHHeeWobIRrF8oQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEPw2JKAAfE8N5NKjA9eCON2lv0pMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvUV9EWWtvQUI4VHczazBxTUQxNEk0M2FXX1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWSQgAwQC
WSTsAwQCWSiwMA0GCSqGSIb3DQEBCwUAA4IBAQAPSGyuHxus8lxUuwe/zM75sp0L
WQn5usMwMDwZJFdnjT7jiiJscGEV15aTr5annPbui2ha+y0yV9fYFMLJ6VS6hEQT
E5MFncCc5OwP4hO39XRqsIYV8Vj+nCG8fyVb+EG2eeBeK4Js9zESHNfMALbWZP7a
jNXjbzSy9j5yBm11C/GBLv3MTCfAKMuWECyQ529EjsFopxJH4mS1ADUU90FV3yDY
hpVAQNNuY+mgYY6+zoVDQcc+hd/yUnFwTxz9eILG31DUK0LS/t4ZWtPglU5Dcu5A
c0YmP6k+yFj1Uo6wBbSkaqK+RdS+4vQmyIRakO/Q3EuJD10jNKEUQu4eUCpi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:47 2025 by rpki-client