Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/d2a9bc-13b1-4b30-b563-209e1f84224e/1/a_PNkPnx5ou35JrpXNK2_iqC5Yc.roa
File: a_PNkPnx5ou35JrpXNK2_iqC5Yc.roa (raw, json)
Hash identifier: iMkdGKK1MTR9CDFy5rjVtC+a2w/5myXmTmA9XTMLkJo=
Subject key identifier: 6B:F3:CD:90:F9:F1:E6:8B:B7:E4:9A:E9:5C:D2:B6:FE:2A:82:E5:87
Certificate issuer: /CN=b6e0fe0faf6844988af2f744d516edb9c5dfe71c
Certificate serial: 01942143DB3E67C33A5C4B5939E3D8EDDA0B
Authority key identifier: B6:E0:FE:0F:AF:68:44:98:8A:F2:F7:44:D5:16:ED:B9:C5:DF:E7:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tuD-D69oRJiK8vdE1RbtucXf5xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/d2a9bc-13b1-4b30-b563-209e1f84224e/1/a_PNkPnx5ou35JrpXNK2_iqC5Yc.roa
Signing time: Wed 01 Jan 2025 09:48:02 +0000
ROA not before: Wed 01 Jan 2025 09:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41124
IP address blocks: 89.107.96.0/24 maxlen: 24
89.107.97.0/24 maxlen: 24
89.107.98.0/24 maxlen: 24
89.107.99.0/24 maxlen: 24
89.107.100.0/24 maxlen: 24
89.107.101.0/24 maxlen: 24
89.107.102.0/24 maxlen: 24
89.107.103.0/24 maxlen: 24
185.27.68.0/24 maxlen: 24
185.27.69.0/24 maxlen: 24
185.27.70.0/24 maxlen: 24
185.27.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:db:3e:67:c3:3a:5c:4b:59:39:e3:d8:ed:da:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6e0fe0faf6844988af2f744d516edb9c5dfe71c
Validity
Not Before: Jan 1 09:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bf3cd90f9f1e68bb7e49ae95cd2b6fe2a82e587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:66:13:eb:1a:72:b6:08:55:3b:f9:56:5a:59:
79:4e:dd:7c:4c:71:3d:bd:ac:4c:4a:ee:25:fc:93:
a4:15:89:a6:49:79:04:e9:ac:af:bf:ce:6c:c5:c2:
24:a2:38:52:72:a0:f5:b3:e2:80:7a:8c:68:35:51:
91:4e:59:32:01:e2:de:02:2d:c6:cf:ed:39:9e:96:
ba:b3:fc:9e:f3:6b:b9:7b:72:e5:c3:77:a2:6e:c8:
33:f6:f2:a8:fb:0e:d2:b6:27:39:51:41:39:ae:a8:
ec:40:9e:96:74:79:a7:24:b2:d0:a8:6d:98:28:4e:
44:45:59:a8:ce:17:a4:21:56:94:2c:41:34:d4:fd:
74:22:33:6c:72:33:f2:50:7f:5c:18:91:21:8a:69:
d5:46:fe:1f:cf:e1:a0:ab:7d:a0:29:b4:5c:f8:a2:
c3:5e:fd:f4:8e:d6:ed:6d:15:3c:30:c4:45:2f:fc:
ca:6f:03:64:11:8d:04:82:d1:7f:a6:e6:29:43:d5:
7b:8f:fb:ec:09:ce:41:96:10:2b:ea:f1:f4:4d:00:
52:27:4e:69:90:db:79:4e:94:09:34:9d:57:1b:25:
84:d8:b5:59:76:b9:f6:4b:d8:41:e8:45:bc:85:10:
ff:e0:f3:8c:6f:52:8c:60:da:91:7f:02:df:25:c4:
b7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F3:CD:90:F9:F1:E6:8B:B7:E4:9A:E9:5C:D2:B6:FE:2A:82:E5:87
X509v3 Authority Key Identifier:
keyid:B6:E0:FE:0F:AF:68:44:98:8A:F2:F7:44:D5:16:ED:B9:C5:DF:E7:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tuD-D69oRJiK8vdE1RbtucXf5xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d2a9bc-13b1-4b30-b563-209e1f84224e/1/a_PNkPnx5ou35JrpXNK2_iqC5Yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d2a9bc-13b1-4b30-b563-209e1f84224e/1/tuD-D69oRJiK8vdE1RbtucXf5xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.96.0/21
185.27.68.0/22
Signature Algorithm: sha256WithRSAEncryption
17:6f:ec:cc:ae:e8:92:c7:ab:9f:89:cf:03:df:59:4b:5a:72:
eb:24:df:e2:e9:57:bb:f6:1c:da:6e:1f:12:a5:d8:3f:08:81:
7f:c8:57:16:de:0f:6b:94:1f:45:e5:5c:de:90:30:4c:66:65:
eb:ee:0c:10:e9:f7:88:58:c7:f0:8c:81:97:d7:a4:06:6c:bb:
43:d2:cd:09:61:48:3c:59:a6:c3:76:42:3d:85:86:39:0a:e2:
44:7b:00:cc:c0:d0:6e:48:78:d0:6c:77:55:39:9c:da:af:50:
32:27:b2:a2:44:2f:a5:59:22:c0:d3:b0:2d:89:bc:e6:4d:09:
37:d3:c9:d3:c4:0c:ef:16:dc:ee:1e:6c:93:91:d9:e4:59:f0:
f0:b5:69:d1:c1:79:a4:5c:91:71:27:4e:4b:29:e2:c1:b2:73:
b3:8d:d9:6a:5e:95:7a:b1:16:a3:70:9e:11:f8:aa:e0:52:0f:
27:4d:94:83:3e:1a:b9:b0:2c:c3:39:ec:ce:ef:b7:e0:f3:50:
27:c4:40:10:c8:2f:2d:11:47:4f:7d:e5:e2:47:1d:c5:5e:19:
17:8a:89:6f:a3:ae:bd:8b:4f:1e:92:03:0b:05:17:fd:eb:aa:
eb:96:78:4b:f6:e1:4b:c7:ca:f5:b3:a1:74:6e:ee:f0:63:3c:
61:01:d5:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ9s+Z8M6XEtZOePY7doLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZTBmZTBmYWY2ODQ0OTg4YWYyZjc0NGQ1MTZlZGI5YzVk
ZmU3MWMwHhcNMjUwMTAxMDk0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmYzY2Q5MGY5ZjFlNjhiYjdlNDlhZTk1Y2QyYjZmZTJhODJlNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGYT6xpytghVO/lWWll5Tt18THE9
vaxMSu4l/JOkFYmmSXkE6ayvv85sxcIkojhScqD1s+KAeoxoNVGRTlkyAeLeAi3G
z+05npa6s/ye82u5e3Llw3eibsgz9vKo+w7Stic5UUE5rqjsQJ6WdHmnJLLQqG2Y
KE5ERVmozhekIVaULEE01P10IjNscjPyUH9cGJEhimnVRv4fz+Ggq32gKbRc+KLD
Xv30jtbtbRU8MMRFL/zKbwNkEY0EgtF/puYpQ9V7j/vsCc5BlhAr6vH0TQBSJ05p
kNt5TpQJNJ1XGyWE2LVZdrn2S9hB6EW8hRD/4POMb1KMYNqRfwLfJcS3gQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGvzzZD58eaLt+Sa6VzStv4qguWHMB8GA1UdIwQY
MBaAFLbg/g+vaESYivL3RNUW7bnF3+ccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHVELUQ2OW9SSmlLOHZkRTFSYnR1Y1hmNXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9kMmE5YmMtMTNiMS00YjMwLWI1NjMt
MjA5ZTFmODQyMjRlLzEvYV9QTmtQbng1b3UzNUpycFhOSzJfaXFDNVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9kMmE5YmMtMTNiMS00YjMwLWI1NjMtMjA5ZTFmODQyMjRl
LzEvdHVELUQ2OW9SSmlLOHZkRTFSYnR1Y1hmNXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWWtgAwQC
uRtEMA0GCSqGSIb3DQEBCwUAA4IBAQAXb+zMruiSx6ufic8D31lLWnLrJN/i6Ve7
9hzabh8Spdg/CIF/yFcW3g9rlB9F5VzekDBMZmXr7gwQ6feIWMfwjIGX16QGbLtD
0s0JYUg8WabDdkI9hYY5CuJEewDMwNBuSHjQbHdVOZzar1AyJ7KiRC+lWSLA07At
ibzmTQk308nTxAzvFtzuHmyTkdnkWfDwtWnRwXmkXJFxJ05LKeLBsnOzjdlqXpV6
sRajcJ4R+KrgUg8nTZSDPhq5sCzDOezO77fg81AnxEAQyC8tEUdPfeXiRx3FXhkX
iolvo669i08ekgMLBRf966rrlnhL9uFLx8r1s6F0bu7wYzxhAdWn
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:49:23 2025 by rpki-client