Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/331ce6-e428-41fa-bb10-db3afd3d762e/1/TdvnZ-pSKLZ2di0IsrjKM1Y6TNQ.roa
File: TdvnZ-pSKLZ2di0IsrjKM1Y6TNQ.roa (raw, json)
Hash identifier: 3haz/IHoayXe0sYmFVaRZdqvibPOZRqi6vqfWqU727k=
Subject key identifier: 4D:DB:E7:67:EA:52:28:B6:76:76:2D:08:B2:B8:CA:33:56:3A:4C:D4
Certificate issuer: /CN=81aeb7622a44d23c2a45b4d0df40d6cdcc33241d
Certificate serial: 019425FC4CD067209465A2C811FE53A8294F
Authority key identifier: 81:AE:B7:62:2A:44:D2:3C:2A:45:B4:D0:DF:40:D6:CD:CC:33:24:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ga63YipE0jwqRbTQ30DWzcwzJB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/331ce6-e428-41fa-bb10-db3afd3d762e/1/TdvnZ-pSKLZ2di0IsrjKM1Y6TNQ.roa
Signing time: Thu 02 Jan 2025 07:47:59 +0000
ROA not before: Thu 02 Jan 2025 07:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204949
IP address blocks: 89.23.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:4c:d0:67:20:94:65:a2:c8:11:fe:53:a8:29:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81aeb7622a44d23c2a45b4d0df40d6cdcc33241d
Validity
Not Before: Jan 2 07:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ddbe767ea5228b676762d08b2b8ca33563a4cd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f5:78:b7:e3:2e:50:df:07:56:49:05:d3:55:
47:4e:41:ad:84:f3:f6:0c:2c:fb:af:cf:db:c8:5e:
fc:22:15:90:06:59:1f:32:0b:59:46:f8:55:cb:3d:
e5:f8:bb:11:42:c8:15:79:de:ad:60:25:c2:d0:80:
89:fd:9d:5f:a5:4e:37:f8:71:3c:83:de:eb:67:c2:
c1:b2:09:71:f4:8e:e3:5f:df:f2:63:cf:23:c1:5e:
66:21:87:06:8f:de:df:93:51:09:1a:4e:e7:48:c7:
04:8b:e8:cc:fa:5a:9b:58:4b:49:2c:21:5c:a1:5d:
bb:75:1b:dc:d9:b4:0e:36:63:fb:42:25:8b:38:20:
7b:1e:9e:df:76:57:2c:5d:1e:36:59:b4:18:31:cd:
a8:17:0f:86:83:73:fd:de:98:80:82:f0:94:30:5c:
e5:67:a4:0c:c9:04:2e:f7:84:e7:de:7c:95:73:12:
27:b3:8b:75:b4:0d:2c:27:e6:24:80:c6:62:d3:b6:
6a:cd:31:5e:f8:01:3b:63:76:17:df:1c:d8:b6:bd:
61:1e:2e:a7:6c:7a:e5:40:83:32:74:16:66:ec:79:
91:66:05:bb:68:b8:9a:ec:7c:46:ed:dc:49:f9:60:
40:e4:2c:da:4d:04:ba:d9:2b:31:b0:83:a4:ac:3e:
74:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DB:E7:67:EA:52:28:B6:76:76:2D:08:B2:B8:CA:33:56:3A:4C:D4
X509v3 Authority Key Identifier:
keyid:81:AE:B7:62:2A:44:D2:3C:2A:45:B4:D0:DF:40:D6:CD:CC:33:24:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ga63YipE0jwqRbTQ30DWzcwzJB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/331ce6-e428-41fa-bb10-db3afd3d762e/1/TdvnZ-pSKLZ2di0IsrjKM1Y6TNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/331ce6-e428-41fa-bb10-db3afd3d762e/1/ga63YipE0jwqRbTQ30DWzcwzJB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.125.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:d2:68:dc:49:36:ca:5e:1f:0d:78:f6:89:cd:21:59:d1:8c:
a4:90:3b:8b:dd:bd:2d:78:37:d6:a7:5c:d7:20:07:b9:e2:01:
a9:d6:df:6f:78:a9:9c:ee:a6:33:54:7a:64:4f:f4:e4:39:ba:
3f:9e:81:be:d9:d7:25:a4:bc:e7:6a:6b:9b:2f:17:0c:07:02:
f4:68:11:06:b6:24:83:ad:58:97:74:5b:40:0b:9f:6d:18:2f:
7a:53:a3:f2:4a:d5:40:d8:8d:23:79:f7:21:99:d8:ff:df:a0:
53:f5:4e:c9:e0:4c:63:67:c2:c8:7d:21:d4:42:b3:92:4c:78:
2b:8d:36:50:85:ce:ce:ba:3f:7d:f9:49:70:d6:4f:44:71:41:
3d:8b:7a:60:2a:fa:68:dd:8f:fb:dc:85:ef:ea:67:1c:47:0d:
1a:6b:50:02:89:74:13:9f:36:cc:cd:f0:98:5a:58:73:ed:6d:
88:84:39:8b:dc:47:09:ef:ed:db:07:48:ff:5b:a8:34:b4:98:
34:df:f6:98:2b:c1:76:37:77:06:d5:d7:27:50:e2:01:3e:1d:
16:e4:cb:df:27:85:af:d3:91:36:a6:fa:00:60:b7:0a:43:26:
80:fc:3d:19:d6:21:bd:31:0e:e3:12:ce:30:55:98:40:93:cf:
90:4d:37:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/EzQZyCUZaLIEf5TqClPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYWViNzYyMmE0NGQyM2MyYTQ1YjRkMGRmNDBkNmNkY2Mz
MzI0MWQwHhcNMjUwMTAyMDc0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRiZTc2N2VhNTIyOGI2NzY3NjJkMDhiMmI4Y2EzMzU2M2E0Y2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPV4t+MuUN8HVkkF01VHTkGthPP2
DCz7r8/byF78IhWQBlkfMgtZRvhVyz3l+LsRQsgVed6tYCXC0ICJ/Z1fpU43+HE8
g97rZ8LBsglx9I7jX9/yY88jwV5mIYcGj97fk1EJGk7nSMcEi+jM+lqbWEtJLCFc
oV27dRvc2bQONmP7QiWLOCB7Hp7fdlcsXR42WbQYMc2oFw+Gg3P93piAgvCUMFzl
Z6QMyQQu94Tn3nyVcxIns4t1tA0sJ+YkgMZi07ZqzTFe+AE7Y3YX3xzYtr1hHi6n
bHrlQIMydBZm7HmRZgW7aLia7HxG7dxJ+WBA5CzaTQS62SsxsIOkrD50gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE3b52fqUii2dnYtCLK4yjNWOkzUMB8GA1UdIwQY
MBaAFIGut2IqRNI8KkW00N9A1s3MMyQdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2E2M1lpcEUwandxUmJUUTMwRFd6Y3d6SkIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8zMzFjZTYtZTQyOC00MWZhLWJiMTAt
ZGIzYWZkM2Q3NjJlLzEvVGR2blotcFNLTFoyZGkwSXNyaktNMVk2VE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8zMzFjZTYtZTQyOC00MWZhLWJiMTAtZGIzYWZkM2Q3NjJl
LzEvZ2E2M1lpcEUwandxUmJUUTMwRFd6Y3d6SkIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRd9MA0G
CSqGSIb3DQEBCwUAA4IBAQB60mjcSTbKXh8NePaJzSFZ0YykkDuL3b0teDfWp1zX
IAe54gGp1t9veKmc7qYzVHpkT/TkObo/noG+2dclpLznamubLxcMBwL0aBEGtiSD
rViXdFtAC59tGC96U6PyStVA2I0jefchmdj/36BT9U7J4ExjZ8LIfSHUQrOSTHgr
jTZQhc7Ouj99+Ulw1k9EcUE9i3pgKvpo3Y/73IXv6mccRw0aa1ACiXQTnzbMzfCY
Wlhz7W2IhDmL3EcJ7+3bB0j/W6g0tJg03/aYK8F2N3cG1dcnUOIBPh0W5MvfJ4Wv
05E2pvoAYLcKQyaA/D0Z1iG9MQ7jEs4wVZhAk8+QTTe7
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:31:54 2025 by rpki-client on console.sobornost.net