Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lPPX7mjCioCmrgcLy3zzsQMtSJI.roa
File: lPPX7mjCioCmrgcLy3zzsQMtSJI.roa (raw, json)
Hash identifier: /HNH37d2F3YT5YeC+W0RAmxZqBpJIDLIQZHESvz/idg=
Subject key identifier: 94:F3:D7:EE:68:C2:8A:80:A6:AE:07:0B:CB:7C:F3:B1:03:2D:48:92
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01941FFA3D988E9EA33B6AEEB374A4AD360A
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lPPX7mjCioCmrgcLy3zzsQMtSJI.roa
Signing time: Wed 01 Jan 2025 03:48:00 +0000
ROA not before: Wed 01 Jan 2025 03:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61059
IP address blocks: 89.44.88.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3d:98:8e:9e:a3:3b:6a:ee:b3:74:a4:ad:36:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 03:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94f3d7ee68c28a80a6ae070bcb7cf3b1032d4892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:87:3c:b2:74:2d:6d:d5:ec:6d:82:b3:ed:5a:
d2:8a:7a:c2:2c:1c:2d:e2:96:2f:a4:38:e4:b6:75:
c4:a7:e0:d3:9b:52:ca:dd:0d:4f:bc:4a:03:19:de:
07:7a:59:a5:86:82:79:e6:6f:b8:33:67:51:d8:f9:
ed:19:51:8c:8d:c3:b6:8b:72:1e:24:06:a9:75:df:
64:a8:ed:bb:9d:9d:41:da:d0:d2:59:74:90:01:9b:
8b:ad:50:3d:9c:46:77:ee:3b:3d:96:33:fc:82:10:
57:3c:03:95:4e:b9:48:41:2c:89:56:e1:2e:ad:70:
19:e9:fa:19:76:15:fd:48:8c:83:49:df:ad:5d:b9:
a9:a4:70:70:f8:6d:6f:eb:4c:36:c7:79:be:61:20:
0a:26:50:87:30:a6:f6:6c:e7:89:ff:81:e1:6d:e6:
ad:d8:60:be:c7:fb:3b:14:56:e0:8e:2d:09:50:b0:
8d:6b:c5:d7:eb:a5:00:f9:54:cb:38:ec:55:f4:d3:
02:2d:cc:e2:9e:b6:16:53:50:3e:cb:81:b7:50:b0:
e6:ad:3b:fe:0e:32:fc:c8:d9:eb:ee:51:e7:43:11:
2a:8d:67:40:a2:e7:d7:f0:14:f8:1e:78:6d:17:df:
32:d1:cb:97:88:1d:fc:91:4f:74:88:0b:09:64:f3:
80:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F3:D7:EE:68:C2:8A:80:A6:AE:07:0B:CB:7C:F3:B1:03:2D:48:92
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/lPPX7mjCioCmrgcLy3zzsQMtSJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.88.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:56:f8:37:b4:21:9a:bf:ca:2c:c5:ea:cc:88:e5:88:fb:fe:
b9:6a:ee:ea:3e:b9:c2:6f:49:ad:b6:1a:03:bd:05:c9:93:03:
48:e1:e8:ea:22:02:58:3f:a6:d6:52:4f:e8:29:8c:8e:f1:8e:
7f:54:4c:02:46:e2:93:ec:63:f3:81:25:32:6a:a9:ee:3b:48:
20:2d:a5:ce:68:ee:ca:63:d2:6f:9a:94:2c:7d:ea:26:4e:55:
f4:17:53:bc:e8:8f:02:88:0d:2f:80:81:ec:3e:4f:f3:33:3f:
f7:8a:17:73:5f:8d:a4:58:58:a0:8a:31:61:7c:3e:01:b6:c2:
0e:45:05:1e:c6:e6:9e:a5:8d:18:98:b8:c1:6b:97:aa:ae:e7:
5b:8a:0d:d1:00:db:3a:dc:c3:85:1c:2e:e8:36:1b:5f:aa:22:
61:68:d6:be:dc:28:72:08:01:96:f3:ca:8e:15:0a:b7:4c:0d:
4a:1f:b4:28:ea:36:67:91:a6:12:dd:eb:44:df:99:09:d8:9c:
84:30:23:24:84:86:0a:f4:bf:a9:ea:e2:a0:ae:60:03:2e:83:
33:34:64:77:0c:5c:68:47:e4:28:7d:d9:7a:32:6b:5f:97:c3:
49:38:fd:bf:54:a6:50:46:dc:45:b0:0a:1a:81:e4:42:df:7e:
25:33:d2:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+j2Yjp6jO2rus3SkrTYKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjUwMTAxMDM0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGYzZDdlZTY4YzI4YTgwYTZhZTA3MGJjYjdjZjNiMTAzMmQ0ODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04c8snQtbdXsbYKz7VrSinrCLBwt
4pYvpDjktnXEp+DTm1LK3Q1PvEoDGd4HelmlhoJ55m+4M2dR2PntGVGMjcO2i3Ie
JAapdd9kqO27nZ1B2tDSWXSQAZuLrVA9nEZ37js9ljP8ghBXPAOVTrlIQSyJVuEu
rXAZ6foZdhX9SIyDSd+tXbmppHBw+G1v60w2x3m+YSAKJlCHMKb2bOeJ/4Hhbeat
2GC+x/s7FFbgji0JULCNa8XX66UA+VTLOOxV9NMCLczinrYWU1A+y4G3ULDmrTv+
DjL8yNnr7lHnQxEqjWdAoufX8BT4HnhtF98y0cuXiB38kU90iAsJZPOAnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTz1+5owoqApq4HC8t887EDLUiSMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvbFBQWDdtakNpb0NtcmdjTHkzenpzUU10U0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSxYMA0G
CSqGSIb3DQEBCwUAA4IBAQBrVvg3tCGav8osxerMiOWI+/65au7qPrnCb0mtthoD
vQXJkwNI4ejqIgJYP6bWUk/oKYyO8Y5/VEwCRuKT7GPzgSUyaqnuO0ggLaXOaO7K
Y9JvmpQsfeomTlX0F1O86I8CiA0vgIHsPk/zMz/3ihdzX42kWFigijFhfD4BtsIO
RQUexuaepY0YmLjBa5eqrudbig3RANs63MOFHC7oNhtfqiJhaNa+3ChyCAGW88qO
FQq3TA1KH7Qo6jZnkaYS3etE35kJ2JyEMCMkhIYK9L+p6uKgrmADLoMzNGR3DFxo
R+Qofdl6Mmtfl8NJOP2/VKZQRtxFsAoageRC334lM9Li
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:45:54 2025 by rpki-client