Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/NPXq7VLWTvwMe_H1BOcCF7vP8QQ.roa
File: NPXq7VLWTvwMe_H1BOcCF7vP8QQ.roa (raw, json)
Hash identifier: UBan9KbEcKtiRn9epXoesYMRtYi5lW0QY6/c4yNUKv8=
Subject key identifier: 34:F5:EA:ED:52:D6:4E:FC:0C:7B:F1:F5:04:E7:02:17:BB:CF:F1:04
Certificate issuer: /CN=87d38ba12f4629c2131fc60e8950d6c303be7d22
Certificate serial: 019421B1E0E20FB8A8FABC81BD88959420ED
Authority key identifier: 87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/NPXq7VLWTvwMe_H1BOcCF7vP8QQ.roa
Signing time: Wed 01 Jan 2025 11:48:13 +0000
ROA not before: Wed 01 Jan 2025 11:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212544
IP address blocks: 89.38.212.0/22 maxlen: 22
89.41.184.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e0:e2:0f:b8:a8:fa:bc:81:bd:88:95:94:20:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d38ba12f4629c2131fc60e8950d6c303be7d22
Validity
Not Before: Jan 1 11:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34f5eaed52d64efc0c7bf1f504e70217bbcff104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:17:4f:49:14:d0:92:34:70:9f:87:2a:22:e3:
fe:30:9d:ee:bb:04:d3:95:a5:8c:4c:6a:2b:78:19:
9c:14:67:f4:5f:f5:23:19:55:7f:3c:66:ad:05:83:
91:25:c5:75:ff:99:1e:37:48:7f:34:1b:a1:f4:fc:
62:12:aa:a0:e1:65:bb:65:ac:ce:86:0b:bd:9f:71:
bd:c1:9e:46:74:2d:ef:8d:67:5b:a8:64:36:ab:ff:
49:e9:29:af:bb:1a:ff:1f:69:08:1b:db:dc:3d:3f:
df:ab:59:9d:58:74:cc:0a:84:4a:e2:fd:77:ec:1a:
16:6e:d3:4d:7f:73:0b:45:5d:ff:52:3a:66:c1:eb:
ac:21:98:6e:a5:e8:f1:f2:4c:60:d1:7f:62:55:93:
bc:2c:8b:83:ce:1e:80:92:da:40:4b:be:7c:b3:ac:
53:c6:cf:14:26:57:34:61:f3:e9:21:f5:77:61:5b:
3d:11:1d:c6:15:f1:41:ab:ba:0f:01:6e:ba:bd:28:
64:3b:9f:7b:25:c2:13:24:c4:fc:f7:d3:f3:d0:dd:
1b:28:33:a9:51:29:4e:a9:d7:ca:dc:04:1a:ce:3f:
35:75:4a:ff:7b:b2:18:fa:78:dc:15:0d:a1:b3:5d:
97:4d:ab:c0:64:f9:28:76:0b:fe:d1:fa:f2:ef:43:
f3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F5:EA:ED:52:D6:4E:FC:0C:7B:F1:F5:04:E7:02:17:BB:CF:F1:04
X509v3 Authority Key Identifier:
keyid:87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/NPXq7VLWTvwMe_H1BOcCF7vP8QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.212.0/22
89.41.184.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:ce:9b:61:20:41:50:1d:c2:a5:6b:6b:0f:2a:3c:0d:fb:46:
b9:a4:0c:02:e1:45:14:cd:07:ae:48:24:75:c6:ad:2d:39:fd:
7a:2a:8c:80:27:2e:a2:2e:f5:a4:4e:24:ad:fe:d8:0d:a5:4a:
25:3c:b5:9d:db:ca:1a:08:22:2e:69:f2:92:3d:a3:e5:39:40:
e1:2b:00:04:99:c1:ed:cc:f3:5e:96:b1:1d:af:09:7d:d8:9d:
bb:2f:83:64:26:cf:a3:c1:4a:8c:17:c6:43:25:87:f3:cd:80:
f2:61:84:47:d9:ce:43:45:e9:a4:8f:c1:a8:21:ca:ff:60:ec:
04:32:dc:0a:56:18:6c:bc:c5:9a:90:a5:d4:1b:bb:4c:7a:76:
80:7d:4f:7e:f4:16:1b:b6:d3:25:2c:5f:f1:82:76:50:bb:86:
b5:9e:af:82:1a:36:51:45:a6:01:05:a6:84:f4:e3:92:cb:a1:
f0:69:9b:9c:ac:55:fb:75:dd:f8:26:40:fd:3f:bd:ae:46:6a:
09:4d:7a:6c:f9:7e:05:38:09:29:b7:af:cb:63:08:82:e9:5d:
f7:b7:74:83:2d:55:a3:b2:59:dd:74:5a:bb:1a:d2:26:ea:4f:
99:08:67:22:b1:ca:f1:13:05:5e:e1:95:a8:94:00:68:3d:c2:
c6:07:9e:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhseDiD7io+ryBvYiVlCDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZDM4YmExMmY0NjI5YzIxMzFmYzYwZTg5NTBkNmMzMDNi
ZTdkMjIwHhcNMjUwMTAxMTE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGY1ZWFlZDUyZDY0ZWZjMGM3YmYxZjUwNGU3MDIxN2JiY2ZmMTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BdPSRTQkjRwn4cqIuP+MJ3uuwTT
laWMTGoreBmcFGf0X/UjGVV/PGatBYORJcV1/5keN0h/NBuh9PxiEqqg4WW7ZazO
hgu9n3G9wZ5GdC3vjWdbqGQ2q/9J6Smvuxr/H2kIG9vcPT/fq1mdWHTMCoRK4v13
7BoWbtNNf3MLRV3/UjpmweusIZhupejx8kxg0X9iVZO8LIuDzh6AktpAS758s6xT
xs8UJlc0YfPpIfV3YVs9ER3GFfFBq7oPAW66vShkO597JcITJMT899Pz0N0bKDOp
USlOqdfK3AQazj81dUr/e7IY+njcFQ2hs12XTavAZPkodgv+0fry70PzuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDT16u1S1k78DHvx9QTnAhe7z/EEMB8GA1UdIwQY
MBaAFIfTi6EvRinCEx/GDolQ1sMDvn0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2Njkt
ZmQ1NWM1OGVkYWY3LzEvTlBYcTdWTFdUdndNZV9IMUJPY0NGN3ZQOFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2NjktZmQ1NWM1OGVkYWY3
LzEvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSbUAwQC
WSm4MA0GCSqGSIb3DQEBCwUAA4IBAQC3zpthIEFQHcKla2sPKjwN+0a5pAwC4UUU
zQeuSCR1xq0tOf16KoyAJy6iLvWkTiSt/tgNpUolPLWd28oaCCIuafKSPaPlOUDh
KwAEmcHtzPNelrEdrwl92J27L4NkJs+jwUqMF8ZDJYfzzYDyYYRH2c5DRemkj8Go
Icr/YOwEMtwKVhhsvMWakKXUG7tMenaAfU9+9BYbttMlLF/xgnZQu4a1nq+CGjZR
RaYBBaaE9OOSy6HwaZucrFX7dd34JkD9P72uRmoJTXps+X4FOAkpt6/LYwiC6V33
t3SDLVWjslnddFq7GtIm6k+ZCGciscrxEwVe4ZWolABoPcLGB566
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:37:59 2025 by rpki-client