Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/3b4Fq6_bIamsudbItbqhSpD_K9w.roa
File: 3b4Fq6_bIamsudbItbqhSpD_K9w.roa (raw, json)
Hash identifier: Vh901Zhx3OCDgeqedfZ/abhYR9Rhwc8dnd6e61mW9to=
Subject key identifier: DD:BE:05:AB:AF:DB:21:A9:AC:B9:D6:C8:B5:BA:A1:4A:90:FF:2B:DC
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 019426D9FA1547F0A4BF0475E88D61461E9D
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/3b4Fq6_bIamsudbItbqhSpD_K9w.roa
Signing time: Thu 02 Jan 2025 11:50:06 +0000
ROA not before: Thu 02 Jan 2025 11:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60737
IP address blocks: 89.30.86.0/24 maxlen: 24
89.30.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fa:15:47:f0:a4:bf:04:75:e8:8d:61:46:1e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Jan 2 11:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddbe05abafdb21a9acb9d6c8b5baa14a90ff2bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a5:49:b2:e5:8e:26:bb:1a:71:5c:e5:cf:c3:
a2:f6:af:76:41:f9:35:3c:62:85:a9:37:02:50:9e:
f1:cf:35:5a:b1:ba:4f:d7:ac:6b:ab:e6:66:56:6a:
34:28:3a:73:f1:3a:d7:5e:a1:53:44:bf:5d:f5:ce:
bb:75:a1:c2:b0:23:f1:3e:e0:55:9f:55:35:13:5a:
e3:f7:f4:6b:51:4d:48:63:ef:ab:9e:8b:66:48:81:
a5:66:aa:67:61:a4:e5:43:34:f9:a5:29:38:bc:87:
f5:1a:eb:27:2d:b5:4b:05:70:09:55:ba:c6:69:10:
0c:ef:0b:43:2e:12:ac:57:1a:9a:c4:4b:88:5c:bd:
1b:26:cd:d8:c5:d7:43:a2:00:91:ec:bd:fe:c0:8d:
29:65:c4:d6:04:1a:a2:71:44:f5:70:d4:53:55:29:
c4:be:99:d3:16:4f:2e:54:cb:1f:22:be:89:6b:7a:
5b:36:3d:78:37:fa:ca:86:60:6b:2e:49:3f:6a:0f:
aa:1b:55:e6:0f:b9:b8:e4:d3:0b:2a:57:c7:e4:53:
b2:0e:19:de:22:1a:46:4f:95:82:a0:1f:fe:d7:53:
8a:6a:bc:de:f4:11:fe:89:d8:4e:f0:fc:24:a8:ef:
7c:37:bb:81:2c:7a:c2:d2:51:6e:37:db:b6:d0:37:
e8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BE:05:AB:AF:DB:21:A9:AC:B9:D6:C8:B5:BA:A1:4A:90:FF:2B:DC
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/3b4Fq6_bIamsudbItbqhSpD_K9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.30.86.0/24
89.30.95.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:c0:bd:48:22:3e:48:07:9e:61:48:5b:43:78:6b:a6:4c:e4:
62:4a:52:c5:a5:9f:8c:93:a0:a7:d0:d5:aa:e3:4f:3c:da:21:
43:21:35:53:a8:82:1a:52:d0:81:ed:25:37:ed:eb:39:ef:32:
c4:0d:1a:cb:3a:d1:b7:a2:df:be:7b:7d:42:1e:96:d2:56:4b:
e9:d1:73:56:6f:1d:8e:bb:b0:b3:b3:4f:fc:ef:e6:a8:8b:a0:
a4:c9:3b:5b:f2:c8:0c:21:b1:6d:b9:38:e7:f9:76:fb:ac:f1:
06:04:b4:12:ea:35:c8:2e:47:5e:a0:13:81:18:eb:14:39:7c:
c0:4e:c8:65:97:3f:bd:9f:12:e3:40:2b:ff:9e:79:ab:26:d3:
6f:c8:76:d2:86:2f:d2:a7:03:3b:73:b3:ae:c7:d7:ed:e3:39:
a6:a5:cc:a2:48:6c:25:ef:52:b0:b5:c5:86:60:ef:26:b3:bb:
0d:be:d6:7b:87:b4:9d:dc:42:b5:5b:34:4c:e0:64:ea:58:27:
2d:2a:73:8d:6a:04:40:94:c1:36:f8:92:3c:23:dc:a3:63:45:
be:ab:88:04:5b:79:49:bc:26:41:1e:56:9f:a5:72:72:a5:6d:
dc:53:86:25:23:02:ae:52:5b:65:43:12:d4:ab:4a:44:98:76:
00:a0:9d:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQm2foVR/CkvwR16I1hRh6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDAwYWMyMzk2YWUyMjhkMmIyZTU2ZjRiMDY3Mzk5Njkz
NzllNDQwHhcNMjUwMTAyMTE1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGJlMDVhYmFmZGIyMWE5YWNiOWQ2YzhiNWJhYTE0YTkwZmYyYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaVJsuWOJrsacVzlz8Oi9q92Qfk1
PGKFqTcCUJ7xzzVasbpP16xrq+ZmVmo0KDpz8TrXXqFTRL9d9c67daHCsCPxPuBV
n1U1E1rj9/RrUU1IY++rnotmSIGlZqpnYaTlQzT5pSk4vIf1GusnLbVLBXAJVbrG
aRAM7wtDLhKsVxqaxEuIXL0bJs3YxddDogCR7L3+wI0pZcTWBBqicUT1cNRTVSnE
vpnTFk8uVMsfIr6Ja3pbNj14N/rKhmBrLkk/ag+qG1XmD7m45NMLKlfH5FOyDhne
IhpGT5WCoB/+11OKarze9BH+idhO8PwkqO98N7uBLHrC0lFuN9u20DfoiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN2+Bauv2yGprLnWyLW6oUqQ/yvcMB8GA1UdIwQY
MBaAFF5ACsI5auIo0rLlb0sGc5lpN55EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYt
ZGZlZDEyZjFhMDFlLzEvM2I0RnE2X2JJYW1zdWRiSXRicWhTcERfSzl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9kNjdhOTUtY2IzNi00OTM3LTkyMjYtZGZlZDEyZjFhMDFl
LzEvWGtBS3dqbHE0aWpTc3VWdlN3WnptV2szbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWR5WAwQA
WR5fMA0GCSqGSIb3DQEBCwUAA4IBAQBawL1IIj5IB55hSFtDeGumTORiSlLFpZ+M
k6Cn0NWq40882iFDITVTqIIaUtCB7SU37es57zLEDRrLOtG3ot++e31CHpbSVkvp
0XNWbx2Ou7Czs0/87+aoi6CkyTtb8sgMIbFtuTjn+Xb7rPEGBLQS6jXILkdeoBOB
GOsUOXzATshllz+9nxLjQCv/nnmrJtNvyHbShi/SpwM7c7Oux9ft4zmmpcyiSGwl
71KwtcWGYO8ms7sNvtZ7h7Sd3EK1WzRM4GTqWCctKnONagRAlME2+JI8I9yjY0W+
q4gEW3lJvCZBHlafpXJypW3cU4YlIwKuUltlQxLUq0pEmHYAoJ2v
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:47 2025 by rpki-client on console.sobornost.net