Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/f5210d-0590-43a3-9eed-6a83563b655b/1/qrqtK-ZhNnqsmvUdjEvFxU-EYdM.roa
File: qrqtK-ZhNnqsmvUdjEvFxU-EYdM.roa (raw, json)
Hash identifier: w1CKR1mGTdMnfdWKUqyIUV2nyHBupF+j5wpw/8wUJ44=
Subject key identifier: AA:BA:AD:2B:E6:61:36:7A:AC:9A:F5:1D:8C:4B:C5:C5:4F:84:61:D3
Certificate issuer: /CN=b0340251f1826347f4e9645f6824d3b93f47e5de
Certificate serial: 0194221FE19ED3BC81C05FA0E05AD131E625
Authority key identifier: B0:34:02:51:F1:82:63:47:F4:E9:64:5F:68:24:D3:B9:3F:47:E5:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sDQCUfGCY0f06WRfaCTTuT9H5d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/f5210d-0590-43a3-9eed-6a83563b655b/1/qrqtK-ZhNnqsmvUdjEvFxU-EYdM.roa
Signing time: Wed 01 Jan 2025 13:48:22 +0000
ROA not before: Wed 01 Jan 2025 13:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203930
IP address blocks: 89.207.152.0/24 maxlen: 24
2a13:5b00::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e1:9e:d3:bc:81:c0:5f:a0:e0:5a:d1:31:e6:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0340251f1826347f4e9645f6824d3b93f47e5de
Validity
Not Before: Jan 1 13:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aabaad2be661367aac9af51d8c4bc5c54f8461d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6c:03:e2:1f:f9:32:9c:10:91:88:b4:a2:a1:
78:7b:af:69:d1:18:64:37:e8:00:24:6c:9b:24:7b:
1f:32:df:c3:67:45:c8:21:67:d4:59:c8:e7:42:da:
da:44:b1:3f:ed:cb:1f:05:af:f5:86:87:a9:36:51:
d5:5d:28:b7:86:8a:e3:54:15:79:f1:af:c6:67:2a:
fc:6f:31:12:6b:78:2d:f1:c3:69:9b:a9:77:a8:34:
a6:f9:53:ba:bd:f0:32:5b:9d:0b:64:41:bc:6f:39:
69:29:65:03:a8:44:44:22:d9:d1:ed:ae:46:0f:6c:
23:a3:eb:3f:70:b2:37:f6:10:2d:bc:51:d6:67:1c:
2a:12:2f:52:4f:c2:26:83:37:4e:ae:e6:45:fa:0f:
73:f4:d9:67:59:8a:e1:02:75:b6:93:48:8d:6f:ed:
a5:ed:9e:66:43:ca:e2:dc:98:d7:2b:bc:df:3a:bb:
3f:56:35:db:7e:33:ed:17:05:d6:2b:12:7c:cf:56:
ba:e3:6c:b5:64:4f:f2:a9:63:0e:68:70:22:12:20:
99:77:cc:cf:ab:2f:f5:ba:5b:2b:d5:06:d1:44:f3:
5e:0a:d0:52:b6:3d:9b:52:fd:08:72:8f:95:75:1b:
03:a9:6b:f2:c7:18:3c:58:5b:9b:e5:33:8a:cf:1a:
26:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:BA:AD:2B:E6:61:36:7A:AC:9A:F5:1D:8C:4B:C5:C5:4F:84:61:D3
X509v3 Authority Key Identifier:
keyid:B0:34:02:51:F1:82:63:47:F4:E9:64:5F:68:24:D3:B9:3F:47:E5:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDQCUfGCY0f06WRfaCTTuT9H5d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/f5210d-0590-43a3-9eed-6a83563b655b/1/qrqtK-ZhNnqsmvUdjEvFxU-EYdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/f5210d-0590-43a3-9eed-6a83563b655b/1/sDQCUfGCY0f06WRfaCTTuT9H5d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.152.0/24
IPv6:
2a13:5b00::/32
Signature Algorithm: sha256WithRSAEncryption
39:37:2b:66:6c:b8:44:91:6c:63:c0:7d:b6:ff:16:81:70:ba:
51:8e:de:40:ae:8a:cf:35:cd:4f:b0:79:63:76:fd:9d:23:da:
05:55:95:52:56:c2:f1:bc:d5:76:41:8e:59:7d:80:df:f3:cc:
10:55:08:f3:da:46:a7:f9:bc:7e:73:dc:14:c2:75:9b:e3:bf:
aa:c1:64:7c:56:c9:2f:56:8e:9a:e4:3f:8e:28:a3:28:56:1a:
e3:fb:9d:ab:75:61:20:79:ce:9f:09:2c:4f:1b:5d:52:4e:18:
52:46:31:07:37:be:fe:5c:8e:b2:d9:19:aa:9c:a0:7c:e9:3f:
f9:7e:cd:6a:3f:9f:08:c4:cf:77:b6:9d:4d:e2:79:49:2f:61:
f5:fa:98:ff:2b:b1:0d:31:4b:75:e6:c8:8c:b5:c4:96:9d:46:
06:60:52:18:6a:c6:db:e1:29:49:9a:13:76:21:0d:db:65:3c:
4a:8b:c5:0a:03:36:fa:b6:76:17:01:a7:be:ad:05:64:9d:f4:
95:fa:79:34:f7:15:29:ea:9f:8f:a4:cc:ed:d2:35:47:53:b5:
90:e2:d0:71:ce:19:96:81:73:36:0f:67:88:a6:b0:a2:0d:4d:
3c:bb:48:4d:15:f0:9a:59:ba:ff:71:7a:2e:cc:1a:93:b9:79:
bb:00:ff:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQiH+Ge07yBwF+g4FrRMeYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMzQwMjUxZjE4MjYzNDdmNGU5NjQ1ZjY4MjRkM2I5M2Y0
N2U1ZGUwHhcNMjUwMTAxMTM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWJhYWQyYmU2NjEzNjdhYWM5YWY1MWQ4YzRiYzVjNTRmODQ2MWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmwD4h/5MpwQkYi0oqF4e69p0Rhk
N+gAJGybJHsfMt/DZ0XIIWfUWcjnQtraRLE/7csfBa/1hoepNlHVXSi3horjVBV5
8a/GZyr8bzESa3gt8cNpm6l3qDSm+VO6vfAyW50LZEG8bzlpKWUDqEREItnR7a5G
D2wjo+s/cLI39hAtvFHWZxwqEi9ST8ImgzdOruZF+g9z9NlnWYrhAnW2k0iNb+2l
7Z5mQ8ri3JjXK7zfOrs/VjXbfjPtFwXWKxJ8z1a642y1ZE/yqWMOaHAiEiCZd8zP
qy/1ulsr1QbRRPNeCtBStj2bUv0Ico+VdRsDqWvyxxg8WFub5TOKzxomkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKq6rSvmYTZ6rJr1HYxLxcVPhGHTMB8GA1UdIwQY
MBaAFLA0AlHxgmNH9OlkX2gk07k/R+XeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0RRQ1VmR0NZMGYwNldSZmFDVFR1VDlINWQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mNTIxMGQtMDU5MC00M2EzLTllZWQt
NmE4MzU2M2I2NTViLzEvcXJxdEstWmhObnFzbXZVZGpFdkZ4VS1FWWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mNTIxMGQtMDU5MC00M2EzLTllZWQtNmE4MzU2M2I2NTVi
LzEvc0RRQ1VmR0NZMGYwNldSZmFDVFR1VDlINWQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAWc+YMA0E
AgACMAcDBQAqE1sAMA0GCSqGSIb3DQEBCwUAA4IBAQA5NytmbLhEkWxjwH22/xaB
cLpRjt5ArorPNc1PsHljdv2dI9oFVZVSVsLxvNV2QY5ZfYDf88wQVQjz2kan+bx+
c9wUwnWb47+qwWR8VskvVo6a5D+OKKMoVhrj+52rdWEgec6fCSxPG11SThhSRjEH
N77+XI6y2RmqnKB86T/5fs1qP58IxM93tp1N4nlJL2H1+pj/K7ENMUt15siMtcSW
nUYGYFIYasbb4SlJmhN2IQ3bZTxKi8UKAzb6tnYXAae+rQVknfSV+nk09xUp6p+P
pMzt0jVHU7WQ4tBxzhmWgXM2D2eIprCiDU08u0hNFfCaWbr/cXouzBqTuXm7AP+l
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:25:44 2025 by rpki-client