Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/XNozD6gpDdwt0jGjIZYI-3jrZdo.roa
File: XNozD6gpDdwt0jGjIZYI-3jrZdo.roa (raw, json)
Hash identifier: hHWVNnpzJQhuwUuCwNB2KNKcpqNI3ZvRAGrTDP4DfJA=
Subject key identifier: 5C:DA:33:0F:A8:29:0D:DC:2D:D2:31:A3:21:96:08:FB:78:EB:65:DA
Certificate issuer: /CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Certificate serial: 019424B3DA8846D80C31E661434928702E4A
Authority key identifier: 15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/XNozD6gpDdwt0jGjIZYI-3jrZdo.roa
Signing time: Thu 02 Jan 2025 01:49:14 +0000
ROA not before: Thu 02 Jan 2025 01:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57817
IP address blocks: 89.184.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:da:88:46:d8:0c:31:e6:61:43:49:28:70:2e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Validity
Not Before: Jan 2 01:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cda330fa8290ddc2dd231a3219608fb78eb65da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6c:31:55:b8:1d:48:78:f7:fd:74:27:45:b6:
35:24:a3:95:3b:2c:a0:24:6d:b9:6e:b3:76:30:62:
90:8a:92:a7:67:6d:a8:1f:4c:42:74:76:c8:d5:a5:
d3:76:cb:6d:c5:40:a7:09:8b:03:6e:ae:12:29:44:
ce:db:c9:b0:56:57:67:0b:f1:c1:16:26:97:37:69:
20:c3:a5:f9:2e:7b:a0:d9:37:d5:57:29:8e:b1:0d:
ff:da:ac:fd:bb:4a:7e:21:61:e5:07:04:d7:b1:56:
93:b3:55:78:42:ee:05:93:e0:18:df:22:1e:94:31:
16:c4:12:f5:e9:65:29:50:7b:e6:14:f1:ad:fc:10:
98:08:32:fc:90:d5:2c:15:23:2f:06:f6:bd:d3:00:
53:12:52:8f:16:33:69:f2:cc:a1:cf:67:af:18:9e:
16:8f:ec:6b:71:e4:3b:ca:b8:5c:8e:e1:56:db:c0:
d9:b7:49:84:da:55:84:d3:5d:6b:9b:5d:c4:91:aa:
b9:be:04:db:ab:f0:78:93:d8:ec:c0:55:37:45:8b:
c6:ba:2d:a8:aa:f1:40:56:6e:bd:f2:f1:bb:73:f2:
be:a6:e3:f4:bc:5f:7b:ba:61:6f:df:c4:4d:ee:20:
e0:bb:a9:9b:5e:8c:a2:03:86:46:5e:c5:f0:f6:45:
5b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DA:33:0F:A8:29:0D:DC:2D:D2:31:A3:21:96:08:FB:78:EB:65:DA
X509v3 Authority Key Identifier:
keyid:15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/XNozD6gpDdwt0jGjIZYI-3jrZdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.184.107.0/24
Signature Algorithm: sha256WithRSAEncryption
af:c8:7d:b3:9a:d9:64:d7:ad:13:29:14:37:09:90:8d:3c:09:
05:18:8e:45:09:b4:bc:fe:2d:4e:06:f5:50:e7:85:c9:b5:c2:
ef:9a:71:04:d0:b1:53:3a:f2:e2:ff:bd:a3:11:64:9e:b2:0a:
0d:17:c1:7b:a5:f7:9e:57:8a:6f:fe:aa:5c:b5:4f:fd:1a:a3:
11:32:e1:b2:f4:cf:fb:0f:14:b1:8d:ef:48:05:65:1c:f6:a0:
a0:56:49:c3:a8:d3:87:12:67:52:e9:29:3f:5e:a6:da:bd:af:
26:3a:56:9f:e1:6d:22:ce:4c:b6:5c:0e:8f:85:f8:b3:83:10:
28:e4:5f:47:52:bc:2e:dd:b7:f0:4d:f8:49:60:2b:33:79:d9:
34:54:2a:cb:16:ec:8a:9d:16:ad:58:cf:65:2f:6b:c1:92:74:
6a:86:a3:3f:1e:b7:ef:03:b7:a5:f9:b5:b4:27:aa:69:22:b0:
83:41:73:13:3f:9e:5f:74:0e:28:c4:4e:5e:08:26:59:6f:a3:
21:68:ca:7e:14:da:90:1a:51:b1:c1:f7:26:76:0c:cb:20:cb:
51:c7:60:1b:23:e8:1b:05:c6:61:b0:13:1d:61:79:4f:96:8c:
fd:87:75:e4:eb:d0:1b:92:67:bd:e2:d8:fc:9f:7e:cf:25:03:
51:ea:2b:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks9qIRtgMMeZhQ0kocC5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MDFjODQ1ZjEzZGQ0YWQ2ZTlkYWU0NzBkNWZmNjljNWNj
YTM3NzEwHhcNMjUwMTAyMDE0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2RhMzMwZmE4MjkwZGRjMmRkMjMxYTMyMTk2MDhmYjc4ZWI2NWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGwxVbgdSHj3/XQnRbY1JKOVOyyg
JG25brN2MGKQipKnZ22oH0xCdHbI1aXTdsttxUCnCYsDbq4SKUTO28mwVldnC/HB
FiaXN2kgw6X5Lnug2TfVVymOsQ3/2qz9u0p+IWHlBwTXsVaTs1V4Qu4Fk+AY3yIe
lDEWxBL16WUpUHvmFPGt/BCYCDL8kNUsFSMvBva90wBTElKPFjNp8syhz2evGJ4W
j+xrceQ7yrhcjuFW28DZt0mE2lWE011rm13Ekaq5vgTbq/B4k9jswFU3RYvGui2o
qvFAVm698vG7c/K+puP0vF97umFv38RN7iDgu6mbXoyiA4ZGXsXw9kVb7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzaMw+oKQ3cLdIxoyGWCPt462XaMB8GA1UdIwQY
MBaAFBUByEXxPdStbp2uRw1f9pxcyjdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEt
ZWQ3OTE1NDM2YjI3LzEvWE5vekQ2Z3BEZHd0MGpHaklaWUktM2pyWmRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wMzc2YTEtNDlkNi00YTRkLThjMmEtZWQ3OTE1NDM2YjI3
LzEvRlFISVJmRTkxSzF1bmE1SERWXzJuRnpLTjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbhrMA0G
CSqGSIb3DQEBCwUAA4IBAQCvyH2zmtlk160TKRQ3CZCNPAkFGI5FCbS8/i1OBvVQ
54XJtcLvmnEE0LFTOvLi/72jEWSesgoNF8F7pfeeV4pv/qpctU/9GqMRMuGy9M/7
DxSxje9IBWUc9qCgVknDqNOHEmdS6Sk/Xqbava8mOlaf4W0izky2XA6PhfizgxAo
5F9HUrwu3bfwTfhJYCszedk0VCrLFuyKnRatWM9lL2vBknRqhqM/HrfvA7el+bW0
J6ppIrCDQXMTP55fdA4oxE5eCCZZb6MhaMp+FNqQGlGxwfcmdgzLIMtRx2AbI+gb
BcZhsBMdYXlPloz9h3Xk69Abkme94tj8n37PJQNR6iuG
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:26:00 2025 by rpki-client