Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/091473-4d8b-4bc9-a912-812248b65370/1/9xKnDYTGsncir9pGK8UvDoqBIrQ.roa
File: 9xKnDYTGsncir9pGK8UvDoqBIrQ.roa (raw, json)
Hash identifier: ruj+NSfqLyzPa16DtiDqJuwEcOM3gn9igG3unI9kKcI=
Subject key identifier: F7:12:A7:0D:84:C6:B2:77:22:AF:DA:46:2B:C5:2F:0E:8A:81:22:B4
Certificate issuer: /CN=1083c436279537d4f726d2310cef14a42f1b2b8a
Certificate serial: 019425FC1F26DC1AF59941875DA26C4B7D76
Authority key identifier: 10:83:C4:36:27:95:37:D4:F7:26:D2:31:0C:EF:14:A4:2F:1B:2B:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EIPENieVN9T3JtIxDO8UpC8bK4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/091473-4d8b-4bc9-a912-812248b65370/1/9xKnDYTGsncir9pGK8UvDoqBIrQ.roa
Signing time: Thu 02 Jan 2025 07:47:47 +0000
ROA not before: Thu 02 Jan 2025 07:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39375
IP address blocks: 89.161.0.0/22 maxlen: 22
89.161.4.0/22 maxlen: 22
89.161.8.0/22 maxlen: 22
89.161.12.0/22 maxlen: 22
89.161.16.0/22 maxlen: 22
89.161.20.0/22 maxlen: 22
89.161.24.0/24 maxlen: 24
89.161.25.0/24 maxlen: 24
89.161.26.0/24 maxlen: 24
89.161.27.0/24 maxlen: 24
89.161.28.0/24 maxlen: 24
89.161.29.0/24 maxlen: 24
89.161.30.0/24 maxlen: 24
89.161.31.0/24 maxlen: 24
89.161.32.0/22 maxlen: 22
89.161.36.0/22 maxlen: 22
89.161.40.0/22 maxlen: 22
89.161.44.0/22 maxlen: 22
89.161.48.0/22 maxlen: 22
89.161.52.0/22 maxlen: 22
89.161.56.0/24 maxlen: 24
89.161.57.0/24 maxlen: 24
89.161.58.0/24 maxlen: 24
89.161.59.0/24 maxlen: 24
89.161.60.0/23 maxlen: 23
89.161.62.0/24 maxlen: 24
89.161.63.0/24 maxlen: 24
89.161.64.0/20 maxlen: 20
89.161.64.0/24 maxlen: 24
89.161.65.0/24 maxlen: 24
89.161.66.0/24 maxlen: 24
89.161.67.0/24 maxlen: 24
89.161.68.0/24 maxlen: 24
89.161.69.0/24 maxlen: 24
89.161.70.0/24 maxlen: 24
89.161.71.0/24 maxlen: 24
89.161.72.0/24 maxlen: 24
89.161.73.0/24 maxlen: 24
89.161.74.0/23 maxlen: 23
89.161.76.0/22 maxlen: 22
89.161.80.0/22 maxlen: 22
89.161.84.0/22 maxlen: 22
89.161.88.0/24 maxlen: 24
89.161.89.0/24 maxlen: 24
89.161.90.0/24 maxlen: 24
89.161.91.0/24 maxlen: 24
89.161.92.0/22 maxlen: 22
89.161.96.0/24 maxlen: 24
89.161.97.0/24 maxlen: 24
89.161.98.0/24 maxlen: 24
89.161.99.0/24 maxlen: 24
89.161.100.0/24 maxlen: 24
89.161.101.0/24 maxlen: 24
89.161.102.0/23 maxlen: 23
89.161.104.0/23 maxlen: 23
89.161.106.0/23 maxlen: 23
89.161.108.0/23 maxlen: 23
185.212.40.0/24 maxlen: 24
185.212.41.0/24 maxlen: 24
185.212.42.0/24 maxlen: 24
185.212.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:1f:26:dc:1a:f5:99:41:87:5d:a2:6c:4b:7d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1083c436279537d4f726d2310cef14a42f1b2b8a
Validity
Not Before: Jan 2 07:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f712a70d84c6b27722afda462bc52f0e8a8122b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b9:f3:51:05:31:26:02:56:e0:20:02:55:7b:
ec:2f:17:38:8f:ca:15:66:37:d8:5b:cf:35:a7:81:
48:7f:1a:48:a0:6c:7e:92:8f:b7:f6:87:30:30:0a:
24:b7:4b:bb:cf:16:9e:46:2c:3f:93:a5:53:e5:7d:
80:3c:cb:39:ee:88:42:5b:5c:17:75:13:a0:25:53:
81:11:2c:f1:40:7e:9b:67:6d:2a:82:50:98:4c:2e:
0b:33:6b:04:2e:53:5f:ef:62:b1:88:53:c4:0d:52:
83:2a:d5:cc:9f:2f:ff:b7:da:ba:a3:14:f4:d1:df:
f1:59:15:d2:05:02:4c:6a:d7:ea:44:f4:45:b5:33:
f2:38:90:92:29:60:b4:fc:0c:31:31:c6:b9:41:0d:
b6:9b:bd:20:c7:c7:66:cd:c7:fd:ff:06:1b:02:04:
d3:e8:44:16:ac:bc:97:f4:9e:4a:bd:21:b3:be:cf:
3c:2e:fd:76:2f:ca:86:57:70:5b:35:5f:47:f5:4f:
48:04:48:06:a8:76:42:f8:d1:99:91:5f:0e:05:22:
58:5d:3c:2e:8a:cd:de:d1:b0:e4:1f:d1:79:5d:79:
61:52:98:77:a5:f5:ed:29:80:e9:dc:ee:b1:5c:8c:
92:3f:ee:53:f6:ea:9f:f6:bf:d7:af:64:86:a6:fd:
1b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:12:A7:0D:84:C6:B2:77:22:AF:DA:46:2B:C5:2F:0E:8A:81:22:B4
X509v3 Authority Key Identifier:
keyid:10:83:C4:36:27:95:37:D4:F7:26:D2:31:0C:EF:14:A4:2F:1B:2B:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EIPENieVN9T3JtIxDO8UpC8bK4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/091473-4d8b-4bc9-a912-812248b65370/1/9xKnDYTGsncir9pGK8UvDoqBIrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/091473-4d8b-4bc9-a912-812248b65370/1/EIPENieVN9T3JtIxDO8UpC8bK4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.161.0.0-89.161.109.255
185.212.40.0/22
Signature Algorithm: sha256WithRSAEncryption
42:16:b9:49:f9:66:bb:fa:e6:ba:82:3c:e9:bf:5a:d4:a6:fd:
68:80:fb:99:c0:29:36:96:56:94:f6:74:06:1c:a6:80:c5:76:
e7:d7:30:00:92:5c:bf:93:f3:11:f8:34:69:98:dc:b0:06:bc:
ea:98:7b:c7:a9:2a:43:da:73:67:13:0a:b2:a4:c8:6f:87:46:
e6:45:75:43:01:ea:cc:d7:91:8d:69:f1:bf:5f:f8:67:be:a7:
1c:ff:74:04:90:b1:48:8b:ba:f6:d8:fb:17:65:a3:38:0c:74:
a5:6a:13:32:73:8e:07:19:96:a8:5a:1f:a6:62:48:b1:e1:f7:
69:1f:9e:c7:73:41:ed:ae:41:63:7f:d7:18:31:9e:25:a2:3c:
44:41:91:78:83:68:ea:3a:9a:cc:1c:d4:75:d8:ee:4e:61:3d:
e7:30:f3:07:bd:33:fe:7f:ac:e6:54:31:ff:f0:ec:da:f4:8c:
8e:30:1b:85:6c:5f:82:fd:4b:a1:b1:96:4e:ce:50:4c:e0:41:
4b:1a:a1:ee:82:94:dc:48:ce:06:cc:06:77:97:9a:eb:f9:a1:
d2:ee:f8:97:70:16:da:97:22:83:86:fa:c5:d3:03:2f:e7:a0:
41:d7:4c:5c:4e:3e:94:ab:8c:1e:7e:9d:55:e0:0d:fb:da:92:
68:b4:b5:0f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQl/B8m3Br1mUGHXaJsS312MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwODNjNDM2Mjc5NTM3ZDRmNzI2ZDIzMTBjZWYxNGE0MmYx
YjJiOGEwHhcNMjUwMTAyMDc0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzEyYTcwZDg0YzZiMjc3MjJhZmRhNDYyYmM1MmYwZThhODEyMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbnzUQUxJgJW4CACVXvsLxc4j8oV
ZjfYW881p4FIfxpIoGx+ko+39ocwMAokt0u7zxaeRiw/k6VT5X2APMs57ohCW1wX
dROgJVOBESzxQH6bZ20qglCYTC4LM2sELlNf72KxiFPEDVKDKtXMny//t9q6oxT0
0d/xWRXSBQJMatfqRPRFtTPyOJCSKWC0/AwxMca5QQ22m70gx8dmzcf9/wYbAgTT
6EQWrLyX9J5KvSGzvs88Lv12L8qGV3BbNV9H9U9IBEgGqHZC+NGZkV8OBSJYXTwu
is3e0bDkH9F5XXlhUph3pfXtKYDp3O6xXIySP+5T9uqf9r/Xr2SGpv0bFwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPcSpw2ExrJ3Iq/aRivFLw6KgSK0MB8GA1UdIwQY
MBaAFBCDxDYnlTfU9ybSMQzvFKQvGyuKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUlQRU5pZVZOOVQzSnRJeERPOFVwQzhiSzRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8wOTE0NzMtNGQ4Yi00YmM5LWE5MTIt
ODEyMjQ4YjY1MzcwLzEvOXhLbkRZVEdzbmNpcjlwR0s4VXZEb3FCSXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8wOTE0NzMtNGQ4Yi00YmM5LWE5MTItODEyMjQ4YjY1Mzcw
LzEvRUlQRU5pZVZOOVQzSnRJeERPOFVwQzhiSzRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwBZoQME
AVmhbAMEArnUKDANBgkqhkiG9w0BAQsFAAOCAQEAQha5Sflmu/rmuoI86b9a1Kb9
aID7mcApNpZWlPZ0BhymgMV259cwAJJcv5PzEfg0aZjcsAa86ph7x6kqQ9pzZxMK
sqTIb4dG5kV1QwHqzNeRjWnxv1/4Z76nHP90BJCxSIu69tj7F2WjOAx0pWoTMnOO
BxmWqFofpmJIseH3aR+ex3NB7a5BY3/XGDGeJaI8REGReINo6jqazBzUddjuTmE9
5zDzB70z/n+s5lQx//Ds2vSMjjAbhWxfgv1LobGWTs5QTOBBSxqh7oKU3EjOBswG
d5ea6/mh0u74l3AW2pcig4b6xdMDL+egQddMXE4+lKuMHn6dVeAN+9qSaLS1Dw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:33:09 2025 by rpki-client