Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/K4UoliAJDnPT2oq72AyXanTYwdo.roa
File: K4UoliAJDnPT2oq72AyXanTYwdo.roa (raw, json)
Hash identifier: +5dNWwnlyTnn33FOhd8BsjDiWGBw/K7XK9sbIa7ROKQ=
Subject key identifier: 2B:85:28:96:20:09:0E:73:D3:DA:8A:BB:D8:0C:97:6A:74:D8:C1:DA
Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial: 01942067E47C972CA1613B058C2EC36D1B8A
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/K4UoliAJDnPT2oq72AyXanTYwdo.roa
Signing time: Wed 01 Jan 2025 05:47:47 +0000
ROA not before: Wed 01 Jan 2025 05:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204092
IP address blocks: 89.234.186.0/24 maxlen: 24
2a00:5884::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e4:7c:97:2c:a1:61:3b:05:8c:2e:c3:6d:1b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b85289620090e73d3da8abbd80c976a74d8c1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:35:35:07:c3:1c:ef:f7:08:df:2c:b2:8f:3f:
ca:04:e7:2f:12:46:10:2f:f0:94:ff:d4:4d:fc:b0:
25:e6:17:97:1b:61:4c:db:f5:4e:09:75:c1:cb:44:
a2:26:e6:9b:88:ca:ac:cd:f3:24:a6:b2:f1:d6:a9:
a4:87:8f:f6:a3:68:f8:19:a5:29:6d:5d:a7:5f:17:
f1:6b:0d:45:5e:d8:2e:67:21:90:c4:48:a2:ff:aa:
d4:48:62:ca:7d:5c:cf:bc:79:4e:67:0b:ca:ca:59:
4c:f5:2b:0f:45:e5:c4:2a:fc:50:f2:d7:f8:d4:1b:
ad:50:a2:91:84:2a:6c:2b:56:e6:96:98:82:db:64:
28:cb:fa:5f:2a:99:e2:79:ab:ae:ac:e6:19:ae:76:
66:72:e2:cc:12:59:72:57:6a:52:4a:47:1d:0e:a3:
42:67:ab:2f:7c:25:e4:e2:f9:e4:8f:01:e4:48:ad:
65:cb:c0:9a:94:36:5a:1c:6f:e7:d1:19:09:20:79:
fd:98:da:0a:92:b4:a1:b3:58:de:bf:1f:ce:59:fd:
7d:2b:28:a2:9e:ca:55:82:c1:49:3c:f2:2f:71:c3:
76:8d:e4:23:37:ca:fc:76:68:cf:b4:95:ed:1a:69:
5a:af:1c:d3:d4:64:d8:f6:fd:dc:f4:ff:67:d9:ea:
4c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:85:28:96:20:09:0E:73:D3:DA:8A:BB:D8:0C:97:6A:74:D8:C1:DA
X509v3 Authority Key Identifier:
keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/K4UoliAJDnPT2oq72AyXanTYwdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.186.0/24
IPv6:
2a00:5884::/32
Signature Algorithm: sha256WithRSAEncryption
9a:3b:d0:61:af:a8:fa:b9:47:6d:3d:52:d3:44:dd:45:5e:d0:
e0:68:8e:6d:9a:e9:c2:a6:d9:1a:12:35:34:37:cf:35:18:58:
4b:82:e8:d0:5e:3d:64:28:e5:bc:2d:fb:60:f8:e9:e8:af:d5:
29:5f:84:07:bf:0b:bf:6a:e5:89:51:89:a1:a0:e7:40:c6:f7:
3d:79:bd:72:36:c8:5f:74:2b:98:dd:87:56:aa:7d:9d:dc:3e:
bd:a8:21:7e:85:4e:bd:71:0f:8b:50:8b:c3:f6:b0:fd:6d:1b:
fc:56:6a:a7:27:9e:7c:4b:56:a2:f9:b1:97:bc:b8:a9:4a:67:
c7:b3:74:8c:0f:7f:44:e3:16:96:03:37:7a:91:f3:18:c9:5e:
30:92:1a:24:3b:8a:62:76:93:40:a9:04:f6:f8:bd:64:7d:b4:
33:f6:bc:19:6e:a4:9e:b2:34:23:29:c2:51:8e:75:1b:c8:45:
ed:e6:ff:46:11:50:72:66:df:22:f4:08:38:d9:7e:ca:0a:f8:
f5:9f:8c:33:7f:8e:bc:a4:9f:83:d4:15:64:5a:35:8b:50:6c:
72:86:43:89:6a:56:23:4a:5b:18:37:17:31:1c:14:cd:20:e8:
4f:be:e6:8c:b6:d9:b9:b3:57:6f:40:3c:ce:75:89:75:15:25:
a1:32:5d:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQgZ+R8lyyhYTsFjC7DbRuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjg1Mjg5NjIwMDkwZTczZDNkYThhYmJkODBjOTc2YTc0ZDhjMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjU1B8Mc7/cI3yyyjz/KBOcvEkYQ
L/CU/9RN/LAl5heXG2FM2/VOCXXBy0SiJuabiMqszfMkprLx1qmkh4/2o2j4GaUp
bV2nXxfxaw1FXtguZyGQxEii/6rUSGLKfVzPvHlOZwvKyllM9SsPReXEKvxQ8tf4
1ButUKKRhCpsK1bmlpiC22Qoy/pfKpnieauurOYZrnZmcuLMEllyV2pSSkcdDqNC
Z6svfCXk4vnkjwHkSK1ly8CalDZaHG/n0RkJIHn9mNoKkrShs1jevx/OWf19Kyii
nspVgsFJPPIvccN2jeQjN8r8dmjPtJXtGmlarxzT1GTY9v3c9P9n2epM2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCuFKJYgCQ5z09qKu9gMl2p02MHaMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xL0s0VW9saUFKRG5QVDJvcTcyQXlYYW5UWXdkby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBABZ6row
DQQCAAIwBwMFACoAWIQwDQYJKoZIhvcNAQELBQADggEBAJo70GGvqPq5R209UtNE
3UVe0OBojm2a6cKm2RoSNTQ3zzUYWEuC6NBePWQo5bwt+2D46eiv1SlfhAe/C79q
5YlRiaGg50DG9z15vXI2yF90K5jdh1aqfZ3cPr2oIX6FTr1xD4tQi8P2sP1tG/xW
aqcnnnxLVqL5sZe8uKlKZ8ezdIwPf0TjFpYDN3qR8xjJXjCSGiQ7imJ2k0CpBPb4
vWR9tDP2vBlupJ6yNCMpwlGOdRvIRe3m/0YRUHJm3yL0CDjZfsoK+PWfjDN/jryk
n4PUFWRaNYtQbHKGQ4lqViNKWxg3FzEcFM0g6E++5oy22bmzV29APM51iXUVJaEy
XXo=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:28:07 2025 by rpki-client on console.sobornost.net