Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2FKlRtEbiLdPIBYcbB_-H0f8zPs.roa
File: 2FKlRtEbiLdPIBYcbB_-H0f8zPs.roa (raw, json)
Hash identifier: o8MXNGEeCuJFpQ6vQjNPKdvvUZyBAxz50MVYtf1mCXM=
Subject key identifier: D8:52:A5:46:D1:1B:88:B7:4F:20:16:1C:6C:1F:FE:1F:47:FC:CC:FB
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01960681287BDF7503EE303ECDFA5FD78C17
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2FKlRtEbiLdPIBYcbB_-H0f8zPs.roa
Signing time: Sat 05 Apr 2025 15:10:49 +0000
ROA not before: Sat 05 Apr 2025 15:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25693
IP address blocks: 89.33.192.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:06:81:28:7b:df:75:03:ee:30:3e:cd:fa:5f:d7:8c:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 5 15:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d852a546d11b88b74f20161c6c1ffe1f47fcccfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e6:79:45:c8:da:10:d8:60:d4:57:f5:1d:ce:
6e:e0:ba:3d:c3:36:26:54:1e:d2:89:8f:a0:89:63:
d6:5f:8a:fa:28:bf:e1:f0:15:01:a9:9c:e1:30:0d:
aa:28:07:6b:f2:fb:b8:c1:c3:d7:91:5b:4c:57:c7:
fb:bc:aa:9b:01:d4:0c:0e:ab:5e:5d:98:cb:36:2c:
d6:63:01:dd:bf:14:1e:73:f9:f5:ee:d7:1e:1a:de:
12:93:a8:5b:3c:ce:02:2d:37:07:d3:50:22:75:dc:
76:24:a3:21:9b:28:73:24:a5:d4:f0:dd:2f:9e:0d:
af:8f:49:19:55:70:e3:e2:4d:1d:85:6c:7f:18:38:
0a:4e:ad:c5:7b:11:3d:d4:7a:28:92:e5:03:e1:23:
36:bb:fb:42:3b:2d:96:34:fb:9e:1e:85:dd:f1:8e:
57:75:9c:c1:55:15:51:78:b2:ff:65:f2:22:55:39:
25:95:e8:e5:a3:67:5e:db:6d:69:98:cd:6c:d2:c9:
ed:2f:24:66:01:78:cb:6c:c6:7c:ba:0b:64:66:9b:
36:0a:a0:1b:01:23:5e:09:fe:a9:25:e7:f1:b1:ec:
f6:9a:92:5f:2e:17:6b:38:b8:c3:f4:88:63:ce:65:
4b:81:9d:36:7a:db:c1:2b:b5:fe:51:18:0e:18:42:
b5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:52:A5:46:D1:1B:88:B7:4F:20:16:1C:6C:1F:FE:1F:47:FC:CC:FB
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2FKlRtEbiLdPIBYcbB_-H0f8zPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.192.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:ce:b9:30:8e:88:20:81:35:62:3c:66:80:98:0b:89:43:25:
2e:eb:2d:8b:24:9f:ff:89:c0:6a:55:57:fd:1f:a7:dc:5d:95:
83:01:81:fd:ae:b5:70:c6:58:ee:41:2b:45:e8:4b:77:ab:93:
6e:48:b2:51:ed:cf:ca:9f:ab:97:46:51:05:02:6d:d5:0f:76:
d3:e3:85:90:0e:67:44:3d:45:9b:fe:76:02:09:60:59:98:0e:
35:76:d9:3d:c0:57:4b:3e:8b:20:60:ec:8a:f6:67:cb:f8:6d:
d1:95:03:be:d7:c3:1e:53:47:a7:be:b2:e8:b0:b8:1e:38:c2:
ae:3b:c1:80:6f:a1:e7:cb:6f:8c:84:9c:b0:e4:7c:e9:89:1e:
bb:39:aa:39:48:63:5e:d7:bf:9a:fc:e5:c7:e8:85:ee:5c:38:
e7:5d:87:d4:7e:30:13:79:94:fd:97:78:e7:ea:9c:25:a5:4a:
1c:ae:a4:48:3b:8f:41:6d:2e:94:be:c3:91:80:e8:9c:17:f0:
fd:1c:57:e9:b9:bb:c9:40:2b:9b:54:31:7a:13:1b:24:1a:ec:
49:45:17:e5:6c:c3:70:2f:18:d9:4c:c4:dc:7f:e7:ed:8a:76:
6b:6a:41:0b:cb:98:c0:a6:03:5f:c0:82:a6:d6:e2:b8:bb:99:
cc:e1:04:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYGgSh733UD7jA+zfpf14wXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNDA1MTUxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODUyYTU0NmQxMWI4OGI3NGYyMDE2MWM2YzFmZmUxZjQ3ZmNjY2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruZ5RcjaENhg1Ff1Hc5u4Lo9wzYm
VB7SiY+giWPWX4r6KL/h8BUBqZzhMA2qKAdr8vu4wcPXkVtMV8f7vKqbAdQMDqte
XZjLNizWYwHdvxQec/n17tceGt4Sk6hbPM4CLTcH01Aiddx2JKMhmyhzJKXU8N0v
ng2vj0kZVXDj4k0dhWx/GDgKTq3FexE91HookuUD4SM2u/tCOy2WNPueHoXd8Y5X
dZzBVRVReLL/ZfIiVTkllejlo2de221pmM1s0sntLyRmAXjLbMZ8ugtkZps2CqAb
ASNeCf6pJefxsez2mpJfLhdrOLjD9IhjzmVLgZ02etvBK7X+URgOGEK16wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhSpUbRG4i3TyAWHGwf/h9H/Mz7MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMkZLbFJ0RWJpTGRQSUJZY2JCXy1IMGY4elBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSHAMA0G
CSqGSIb3DQEBCwUAA4IBAQAOzrkwjogggTViPGaAmAuJQyUu6y2LJJ//icBqVVf9
H6fcXZWDAYH9rrVwxljuQStF6Et3q5NuSLJR7c/Kn6uXRlEFAm3VD3bT44WQDmdE
PUWb/nYCCWBZmA41dtk9wFdLPosgYOyK9mfL+G3RlQO+18MeU0envrLosLgeOMKu
O8GAb6Hny2+MhJyw5HzpiR67Oao5SGNe17+a/OXH6IXuXDjnXYfUfjATeZT9l3jn
6pwlpUocrqRIO49BbS6UvsORgOicF/D9HFfpubvJQCubVDF6ExskGuxJRRflbMNw
LxjZTMTcf+ftinZrakELy5jApgNfwIKm1uK4u5nM4QQR
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:31 2025 by rpki-client on console.sobornost.net