Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/qdxw7ICFkhNmOD2y920CquCl8Zs.roa
File: qdxw7ICFkhNmOD2y920CquCl8Zs.roa (raw, json)
Hash identifier: 0IGxrItYdslNNm2Z4pvBdqn/xC9v6YAG/wAr3FTvC0g=
Subject key identifier: A9:DC:70:EC:80:85:92:13:66:38:3D:B2:F7:6D:02:AA:E0:A5:F1:9B
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 0194236A2C018ABD8DAB99F83F4DE0671157
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/qdxw7ICFkhNmOD2y920CquCl8Zs.roa
Signing time: Wed 01 Jan 2025 19:49:08 +0000
ROA not before: Wed 01 Jan 2025 19:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61250
IP address blocks: 89.43.14.0/23 maxlen: 23
89.43.14.0/24 maxlen: 24
89.43.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2c:01:8a:bd:8d:ab:99:f8:3f:4d:e0:67:11:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jan 1 19:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9dc70ec8085921366383db2f76d02aae0a5f19b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:af:8c:9d:68:6e:0f:02:15:80:ea:62:96:1d:
e0:4a:bb:19:9d:71:34:07:69:47:b9:3c:b6:54:e7:
77:31:27:95:39:5d:17:9f:6c:6d:e9:c7:91:d8:54:
10:3d:65:2c:90:ae:06:65:5c:6b:8a:28:7e:4c:9d:
1b:34:57:72:ff:b6:62:12:58:7f:68:1e:75:db:cc:
d0:e9:cb:b4:83:50:9b:6a:fc:84:76:99:6b:e8:37:
12:24:da:77:c7:b3:14:68:ef:d6:35:ef:3d:60:f5:
e0:47:f4:e4:3a:1e:35:27:90:a5:1a:b8:2e:6b:09:
49:a3:22:8f:0e:68:bd:f9:5d:eb:ba:61:aa:8d:22:
a0:5c:93:81:a5:66:89:8e:45:59:73:29:2a:3f:4e:
6e:5e:e9:1c:74:2b:3b:c3:24:78:5d:f0:bf:b5:e4:
14:63:15:e4:5e:3b:c4:01:e5:35:37:c8:58:90:35:
3c:a2:aa:ca:2f:26:2c:9f:19:c1:24:fe:63:0a:a6:
e3:01:09:4d:00:45:f9:ac:09:a9:74:e6:c7:d8:c1:
5e:92:d7:90:6a:18:59:d1:d8:3d:34:4c:67:d1:47:
84:93:c4:60:d9:ce:1a:c5:5c:1f:c4:a7:ee:b6:c8:
fa:34:f3:f1:5c:b0:a7:99:ca:25:6a:66:98:4d:4c:
d4:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DC:70:EC:80:85:92:13:66:38:3D:B2:F7:6D:02:AA:E0:A5:F1:9B
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/qdxw7ICFkhNmOD2y920CquCl8Zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.14.0/23
Signature Algorithm: sha256WithRSAEncryption
35:4b:d1:b5:04:87:38:c9:f8:e9:53:80:b8:b4:67:ed:e2:fa:
87:10:11:fa:77:c3:82:a1:0d:2f:4c:05:89:7e:d6:8b:4b:3c:
e3:a5:4b:b3:73:79:d8:e5:fe:a2:b8:19:75:e4:c4:82:d4:81:
d0:31:52:8c:92:d1:66:33:a4:e0:a2:0e:52:bd:e2:2d:7e:76:
9c:a7:e3:c6:40:64:ae:8c:05:2c:d2:51:d0:72:58:d4:25:4e:
e8:b4:a6:83:96:2b:da:1b:93:5d:73:f0:92:2e:c5:4e:72:46:
80:8c:96:bf:e1:5f:36:81:1c:c2:1d:af:da:b4:f3:6c:4e:12:
70:6a:61:ef:8d:a4:85:aa:dc:d6:2f:87:c3:12:e5:02:91:10:
27:04:4c:dd:c7:33:ea:29:6b:34:13:b4:85:9b:d3:19:45:b2:
e1:0d:37:d4:a1:1c:ba:3f:7b:e5:6a:d4:10:f4:07:6d:30:1b:
10:9a:2e:ca:03:5a:21:45:61:3c:81:c5:a5:ea:2b:61:60:82:
ee:06:74:85:91:55:e2:73:12:dd:d4:2f:67:08:b0:57:a6:82:
d5:ce:37:ed:a6:22:65:0c:24:9b:2f:58:56:ba:2e:eb:fa:29:
3c:52:38:51:41:bb:9b:66:3a:72:66:4c:df:25:ad:60:2b:9c:
78:40:cb:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaiwBir2Nq5n4P03gZxFXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjUwMTAxMTk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWRjNzBlYzgwODU5MjEzNjYzODNkYjJmNzZkMDJhYWUwYTVmMTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6+MnWhuDwIVgOpilh3gSrsZnXE0
B2lHuTy2VOd3MSeVOV0Xn2xt6ceR2FQQPWUskK4GZVxriih+TJ0bNFdy/7ZiElh/
aB5128zQ6cu0g1CbavyEdplr6DcSJNp3x7MUaO/WNe89YPXgR/TkOh41J5ClGrgu
awlJoyKPDmi9+V3rumGqjSKgXJOBpWaJjkVZcykqP05uXukcdCs7wyR4XfC/teQU
YxXkXjvEAeU1N8hYkDU8oqrKLyYsnxnBJP5jCqbjAQlNAEX5rAmpdObH2MFekteQ
ahhZ0dg9NExn0UeEk8Rg2c4axVwfxKfutsj6NPPxXLCnmcolamaYTUzUxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnccOyAhZITZjg9svdtAqrgpfGbMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvcWR4dzdJQ0ZraE5tT0QyeTkyMENxdUNsOFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSsOMA0G
CSqGSIb3DQEBCwUAA4IBAQA1S9G1BIc4yfjpU4C4tGft4vqHEBH6d8OCoQ0vTAWJ
ftaLSzzjpUuzc3nY5f6iuBl15MSC1IHQMVKMktFmM6Tgog5SveItfnacp+PGQGSu
jAUs0lHQcljUJU7otKaDlivaG5Ndc/CSLsVOckaAjJa/4V82gRzCHa/atPNsThJw
amHvjaSFqtzWL4fDEuUCkRAnBEzdxzPqKWs0E7SFm9MZRbLhDTfUoRy6P3vlatQQ
9AdtMBsQmi7KA1ohRWE8gcWl6ithYILuBnSFkVXicxLd1C9nCLBXpoLVzjftpiJl
DCSbL1hWui7r+ik8UjhRQbubZjpyZkzfJa1gK5x4QMtB
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:17:16 2025 by rpki-client