Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/4dd169-8dcb-4653-8a03-571b6c612bec/1/avaZ658dTdnlteZmpyctkTlcNP8.roa
File: avaZ658dTdnlteZmpyctkTlcNP8.roa (raw, json)
Hash identifier: KHvxH5fCxcbQpviHolUXb9yiSjrJQE+TWAdsGNkg5vo=
Subject key identifier: 6A:F6:99:EB:9F:1D:4D:D9:E5:B5:E6:66:A7:27:2D:91:39:5C:34:FF
Certificate issuer: /CN=b541558181f7863119bf4a1554c75dab1f6c5292
Certificate serial: 0194228E1EF71A2BEA88BE06389D3C641B82
Authority key identifier: B5:41:55:81:81:F7:86:31:19:BF:4A:15:54:C7:5D:AB:1F:6C:52:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tUFVgYH3hjEZv0oVVMddqx9sUpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/4dd169-8dcb-4653-8a03-571b6c612bec/1/avaZ658dTdnlteZmpyctkTlcNP8.roa
Signing time: Wed 01 Jan 2025 15:48:46 +0000
ROA not before: Wed 01 Jan 2025 15:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207957
IP address blocks: 89.169.12.0/24 maxlen: 24
89.169.13.0/24 maxlen: 24
89.169.14.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:1e:f7:1a:2b:ea:88:be:06:38:9d:3c:64:1b:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b541558181f7863119bf4a1554c75dab1f6c5292
Validity
Not Before: Jan 1 15:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6af699eb9f1d4dd9e5b5e666a7272d91395c34ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b5:79:1a:6d:25:2a:68:87:7a:aa:ec:4d:4b:
97:77:0a:81:19:b1:c4:1f:9c:27:25:55:f6:ee:d1:
ec:1d:41:ab:7d:b5:76:4f:f4:ac:5f:cd:93:7e:c9:
f8:c6:31:e1:13:64:ed:29:ee:29:5b:79:d5:61:75:
85:b5:77:40:df:ab:11:e9:a0:95:f1:d0:7e:b9:49:
5f:60:f3:3d:df:4c:29:e5:99:93:35:f8:f9:46:85:
b6:f8:1d:0c:31:39:d8:aa:45:b9:dc:7d:d2:63:3e:
66:2c:ec:be:04:24:ba:f4:e8:75:c1:46:e4:4d:66:
00:96:0c:65:9b:b1:bd:26:7b:22:ca:e4:26:3b:5e:
f6:71:d6:05:9e:55:52:78:bd:33:0e:bb:01:c5:9e:
89:5f:3f:91:a0:39:1f:a6:e1:ab:86:0b:77:15:73:
58:b7:5d:e6:2e:04:da:f6:59:59:e2:7a:ca:a4:05:
fc:87:ec:90:d1:12:f6:2c:32:8e:12:42:e7:00:99:
27:fb:5a:1b:cb:e2:f7:1f:f8:5f:1f:7f:84:84:1b:
3a:3d:ee:e7:5c:56:b1:0e:d5:27:65:d2:b5:47:54:
40:b8:a8:26:2f:70:de:69:d5:25:73:85:08:bd:a9:
cb:ab:a4:83:df:88:ff:bd:4f:19:4f:34:9b:a5:3f:
a1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F6:99:EB:9F:1D:4D:D9:E5:B5:E6:66:A7:27:2D:91:39:5C:34:FF
X509v3 Authority Key Identifier:
keyid:B5:41:55:81:81:F7:86:31:19:BF:4A:15:54:C7:5D:AB:1F:6C:52:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tUFVgYH3hjEZv0oVVMddqx9sUpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/4dd169-8dcb-4653-8a03-571b6c612bec/1/avaZ658dTdnlteZmpyctkTlcNP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/4dd169-8dcb-4653-8a03-571b6c612bec/1/tUFVgYH3hjEZv0oVVMddqx9sUpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.169.12.0-89.169.14.255
Signature Algorithm: sha256WithRSAEncryption
ab:52:c8:65:c6:0f:03:97:56:4d:dd:3a:78:7c:ba:f6:df:96:
87:e8:cc:84:6b:77:ff:74:d6:d0:ad:12:31:80:a0:93:ef:1b:
44:86:4d:c6:92:76:7b:e7:68:fe:b0:e7:26:1d:a6:5a:4b:29:
a7:0d:98:d6:79:fd:d1:ff:30:07:87:d3:d8:4a:52:64:69:d1:
80:83:2f:88:26:6e:6a:71:d8:14:25:49:41:d5:4f:c2:c2:b7:
f6:14:30:92:39:ec:52:11:4c:41:ed:7b:4b:62:1e:25:e5:92:
f3:14:e5:5a:5e:47:a8:3b:46:f2:67:8e:46:51:7d:21:5b:76:
27:28:c7:5c:0e:f1:fb:67:60:5b:85:a6:ac:1c:c7:cc:05:a7:
21:0d:f3:c7:c9:e8:d3:00:0f:2b:54:31:41:a3:bb:66:e1:63:
54:dc:45:ef:0a:23:67:f1:95:7d:f5:4f:b2:bf:f1:8e:0c:d3:
94:01:c4:54:62:c4:fc:47:4c:f5:f1:23:6e:d4:13:6f:cd:66:
d0:b3:45:15:2d:91:a3:ac:39:fd:13:09:2f:3f:80:d0:5a:09:
d9:b1:16:0c:ea:95:17:55:fa:a7:9d:a6:f6:5d:00:f4:d9:08:
07:bb:d2:98:0a:04:a6:89:43:20:df:7a:90:15:26:25:b6:ce:
36:ab:89:e9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQijh73GivqiL4GOJ08ZBuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NDE1NTgxODFmNzg2MzExOWJmNGExNTU0Yzc1ZGFiMWY2
YzUyOTIwHhcNMjUwMTAxMTU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWY2OTllYjlmMWQ0ZGQ5ZTViNWU2NjZhNzI3MmQ5MTM5NWMzNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7V5Gm0lKmiHeqrsTUuXdwqBGbHE
H5wnJVX27tHsHUGrfbV2T/SsX82Tfsn4xjHhE2TtKe4pW3nVYXWFtXdA36sR6aCV
8dB+uUlfYPM930wp5ZmTNfj5RoW2+B0MMTnYqkW53H3SYz5mLOy+BCS69Oh1wUbk
TWYAlgxlm7G9JnsiyuQmO172cdYFnlVSeL0zDrsBxZ6JXz+RoDkfpuGrhgt3FXNY
t13mLgTa9llZ4nrKpAX8h+yQ0RL2LDKOEkLnAJkn+1oby+L3H/hfH3+EhBs6Pe7n
XFaxDtUnZdK1R1RAuKgmL3DeadUlc4UIvanLq6SD34j/vU8ZTzSbpT+hdQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGr2meufHU3Z5bXmZqcnLZE5XDT/MB8GA1UdIwQY
MBaAFLVBVYGB94YxGb9KFVTHXasfbFKSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFVGVmdZSDNoakVadjBvVlZNZGRxeDlzVXBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80ZGQxNjktOGRjYi00NjUzLThhMDMt
NTcxYjZjNjEyYmVjLzEvYXZhWjY1OGRUZG5sdGVabXB5Y3RrVGxjTlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80ZGQxNjktOGRjYi00NjUzLThhMDMtNTcxYjZjNjEyYmVj
LzEvdFVGVmdZSDNoakVadjBvVlZNZGRxeDlzVXBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZqQwD
BABZqQ4wDQYJKoZIhvcNAQELBQADggEBAKtSyGXGDwOXVk3dOnh8uvbflofozIRr
d/901tCtEjGAoJPvG0SGTcaSdnvnaP6w5yYdplpLKacNmNZ5/dH/MAeH09hKUmRp
0YCDL4gmbmpx2BQlSUHVT8LCt/YUMJI57FIRTEHte0tiHiXlkvMU5VpeR6g7RvJn
jkZRfSFbdicox1wO8ftnYFuFpqwcx8wFpyEN88fJ6NMADytUMUGju2bhY1TcRe8K
I2fxlX31T7K/8Y4M05QBxFRixPxHTPXxI27UE2/NZtCzRRUtkaOsOf0TCS8/gNBa
CdmxFgzqlRdV+qedpvZdAPTZCAe70pgKBKaJQyDfepAVJiW2zjariek=
-----END CERTIFICATE-----
Generated at Fri Apr 25 19:06:42 2025 by rpki-client