Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/SD_VRQTvMC7vuyqV_wFD-fKVUsY.roa
File: SD_VRQTvMC7vuyqV_wFD-fKVUsY.roa (raw, json)
Hash identifier: mBhitXOwr6QfmoyB84HxFE/38Mo9fz7gg9e1zxivAvQ=
Subject key identifier: 48:3F:D5:45:04:EF:30:2E:EF:BB:2A:95:FF:01:43:F9:F2:95:52:C6
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 019426D9B1894307E9FB21782BE156AB8D04
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/SD_VRQTvMC7vuyqV_wFD-fKVUsY.roa
Signing time: Thu 02 Jan 2025 11:49:48 +0000
ROA not before: Thu 02 Jan 2025 11:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34508
IP address blocks: 89.175.44.0/23 maxlen: 23
89.175.58.0/23 maxlen: 23
89.175.88.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b1:89:43:07:e9:fb:21:78:2b:e1:56:ab:8d:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 2 11:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=483fd54504ef302eefbb2a95ff0143f9f29552c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6b:7d:0c:ac:6c:bc:7c:d4:20:1c:c2:f1:18:
ef:2f:ef:de:b6:80:ee:db:51:8d:46:2b:d3:b7:76:
be:10:5b:06:a9:ed:ee:61:03:60:8b:17:e5:7d:c2:
4d:4f:ca:02:da:fb:48:49:8d:e8:2e:3e:56:ef:fd:
1b:b2:ee:52:94:25:b4:55:ed:ab:d0:ae:fd:e7:86:
4a:f5:fa:7b:c1:f4:ed:48:1f:77:a0:64:d6:e9:5c:
40:f9:8b:56:7b:f1:77:16:a7:bd:84:12:5d:d1:79:
84:28:ec:8b:f9:1e:ca:18:5c:9a:7d:cc:ec:c3:7b:
d4:f9:3d:6a:bf:5b:a7:ab:bc:5c:79:98:ad:7a:f0:
b7:9c:46:e7:bb:0a:dd:f4:d9:e8:b1:d5:9c:c8:c0:
1f:6d:ab:eb:3f:4f:4d:d9:fa:d0:ef:da:2d:67:e7:
22:53:d1:75:c0:e8:cb:3b:c7:e1:e0:d2:22:98:61:
2d:e2:0f:0e:14:ca:ce:e2:4a:18:ef:dd:56:60:98:
f0:02:c3:4f:c9:4f:7f:04:e7:ef:4f:cb:2a:e3:a7:
09:4a:3e:7b:f2:b7:bd:ac:00:d3:10:cc:5d:ae:88:
18:56:ee:da:b9:dc:9a:18:90:27:39:23:fb:01:9d:
ce:a1:c7:69:04:5d:01:bc:84:22:1c:35:4c:fa:ba:
da:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:3F:D5:45:04:EF:30:2E:EF:BB:2A:95:FF:01:43:F9:F2:95:52:C6
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/SD_VRQTvMC7vuyqV_wFD-fKVUsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.175.44.0/23
89.175.58.0/23
89.175.88.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:14:19:b6:23:e1:64:61:6d:2a:39:27:e9:50:a8:46:4e:b1:
ae:c5:4f:16:22:e6:04:64:f8:f5:2b:c8:2f:18:df:f6:30:e0:
e0:ac:0c:ac:7a:78:61:a3:29:5d:1c:67:ef:45:2e:18:00:1d:
02:62:61:0a:01:29:91:2f:b8:9b:44:3b:e2:2c:06:d0:14:a4:
d2:33:5d:7f:bd:48:2c:56:85:d5:bc:b0:97:92:31:bc:c0:eb:
d1:79:88:69:76:8f:4a:a4:47:8a:0b:60:5e:a8:2e:18:b3:ec:
d2:86:5b:c4:e2:e2:1b:07:97:67:19:c4:b3:8f:03:58:e4:73:
50:2c:3e:48:60:b4:4f:62:88:b1:52:ba:46:3f:d3:3b:31:1e:
17:d4:10:db:cd:47:dd:79:96:22:3a:c0:50:48:93:04:6a:4b:
be:14:32:21:e5:f5:57:83:62:34:70:26:9b:f4:b8:7c:bc:cd:
72:58:55:94:cf:ce:6e:61:9a:ab:32:a9:b1:90:7f:57:3e:e6:
b9:62:9a:8a:39:bd:ec:f9:66:a8:27:5f:0a:2a:ac:a1:7f:0f:
c9:65:4b:eb:b3:43:0d:dc:98:90:99:54:9e:40:c1:e0:76:fe:
b2:2f:c4:40:a9:04:4b:82:4e:5b:da:81:3a:7c:ca:ce:d2:7a:
df:a7:28:7e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQm2bGJQwfp+yF4K+FWq40EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwMTAyMTE0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODNmZDU0NTA0ZWYzMDJlZWZiYjJhOTVmZjAxNDNmOWYyOTU1MmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2t9DKxsvHzUIBzC8RjvL+/etoDu
21GNRivTt3a+EFsGqe3uYQNgixflfcJNT8oC2vtISY3oLj5W7/0bsu5SlCW0Ve2r
0K7954ZK9fp7wfTtSB93oGTW6VxA+YtWe/F3Fqe9hBJd0XmEKOyL+R7KGFyafczs
w3vU+T1qv1unq7xceZitevC3nEbnuwrd9NnosdWcyMAfbavrP09N2frQ79otZ+ci
U9F1wOjLO8fh4NIimGEt4g8OFMrO4koY791WYJjwAsNPyU9/BOfvT8sq46cJSj57
8re9rADTEMxdrogYVu7audyaGJAnOSP7AZ3OocdpBF0BvIQiHDVM+rraVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEg/1UUE7zAu77sqlf8BQ/nylVLGMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvU0RfVlJRVHZNQzd2dXlxVl93RkQtZktWVXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWa8sAwQB
Wa86AwQBWa9YMA0GCSqGSIb3DQEBCwUAA4IBAQBaFBm2I+FkYW0qOSfpUKhGTrGu
xU8WIuYEZPj1K8gvGN/2MODgrAysenhhoyldHGfvRS4YAB0CYmEKASmRL7ibRDvi
LAbQFKTSM11/vUgsVoXVvLCXkjG8wOvReYhpdo9KpEeKC2BeqC4Ys+zShlvE4uIb
B5dnGcSzjwNY5HNQLD5IYLRPYoixUrpGP9M7MR4X1BDbzUfdeZYiOsBQSJMEaku+
FDIh5fVXg2I0cCab9Lh8vM1yWFWUz85uYZqrMqmxkH9XPua5YpqKOb3s+WaoJ18K
Kqyhfw/JZUvrs0MN3JiQmVSeQMHgdv6yL8RAqQRLgk5b2oE6fMrO0nrfpyh+
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:55:42 2025 by rpki-client