Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/SHFgifcOXjY6tuL7zRQslt0-LWg.roa
File: SHFgifcOXjY6tuL7zRQslt0-LWg.roa (raw, json)
Hash identifier: a5er75LwyX90Ja64eQQAjooSQbCWA9NL5ygqey9w5RE=
Subject key identifier: 48:71:60:89:F7:0E:5E:36:3A:B6:E2:FB:CD:14:2C:96:DD:3E:2D:68
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0194B88BA3D53C37080DB590D525974F99E7
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/SHFgifcOXjY6tuL7zRQslt0-LWg.roa
Signing time: Thu 30 Jan 2025 18:49:06 +0000
ROA not before: Thu 30 Jan 2025 18:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42689
IP address blocks: 89.23.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b8:8b:a3:d5:3c:37:08:0d:b5:90:d5:25:97:4f:99:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jan 30 18:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48716089f70e5e363ab6e2fbcd142c96dd3e2d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e2:19:ff:30:7a:7e:9d:4a:8e:af:25:7e:02:
86:3b:43:38:ac:4e:4d:24:38:70:0b:77:82:d9:6a:
97:bc:62:ec:87:60:2f:e0:30:d9:d9:f4:16:50:62:
c6:df:a2:64:b9:12:51:8a:af:9c:9d:f4:0f:24:77:
a1:6d:cc:f2:dd:71:97:8d:ca:ff:ec:05:a6:b0:e3:
4e:c8:7b:fd:77:40:8b:af:de:5d:be:ad:80:3e:e1:
16:a4:f4:ba:f4:dc:8b:36:c9:a7:b7:38:e4:e6:66:
f4:8b:12:61:c6:68:bf:16:b7:7d:d6:2b:4f:02:ee:
23:33:8f:3d:9c:85:66:99:ec:f0:62:bb:e7:13:73:
d6:62:bb:3c:5a:b6:09:75:6f:8a:84:09:50:05:ea:
c1:51:0d:f3:e8:23:7d:87:1c:67:c2:3e:3f:50:b5:
31:d8:84:b8:a7:d1:ba:2c:52:c8:ab:cd:81:3b:16:
9c:dc:5e:69:67:e8:19:8a:d9:df:d9:3f:f8:97:be:
98:6c:4b:4c:1b:d6:e4:86:46:4b:92:17:64:0e:40:
6f:52:82:47:05:f8:d9:8a:44:66:b0:d8:54:54:34:
6a:b4:1c:3b:25:b4:d0:c9:f9:cb:7f:06:90:72:1d:
4f:f8:2e:42:e5:da:2e:13:1c:58:c7:d2:7b:e8:9c:
cc:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:71:60:89:F7:0E:5E:36:3A:B6:E2:FB:CD:14:2C:96:DD:3E:2D:68
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/SHFgifcOXjY6tuL7zRQslt0-LWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.79.0/24
Signature Algorithm: sha256WithRSAEncryption
20:d5:88:61:94:e5:64:46:eb:7b:ad:27:a1:1e:63:ec:54:c5:
b8:cc:9b:62:f2:76:65:d1:f0:90:95:20:0e:cf:ec:91:90:42:
fd:8e:6f:9b:1e:77:88:48:5f:43:27:f9:cf:dd:e7:24:50:47:
42:48:fc:17:33:0c:cb:f7:03:14:e4:48:85:8f:60:60:98:a1:
4d:11:05:b2:ee:da:4c:e9:db:3d:33:72:f3:de:2a:84:7a:bd:
01:d2:ad:93:c2:cf:c5:d4:cb:3d:27:59:4b:83:8a:a0:e7:16:
f0:3f:d5:97:34:56:71:75:e7:cd:5a:ae:83:58:79:0a:50:ce:
eb:b0:8f:ce:16:21:85:e5:79:e0:a1:ec:16:93:dd:11:2b:ce:
33:e8:da:08:72:e8:bc:ff:27:33:5b:51:43:c4:a0:9a:30:1d:
d0:1b:d7:a2:1f:69:0c:7f:37:dd:ac:71:0e:81:8d:7a:e9:6c:
14:cf:66:65:d6:37:cd:0a:6c:b7:a2:b9:2d:38:bf:56:2a:6b:
02:2e:82:3e:a1:e9:83:56:50:87:47:90:9e:21:e9:ee:da:54:
54:52:f2:33:34:aa:29:71:75:5f:12:a6:86:e3:fb:fd:0d:7a:
df:0f:f1:28:20:0a:17:a0:24:dc:89:d2:a3:c1:72:9f:05:77:
98:19:86:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZS4i6PVPDcIDbWQ1SWXT5nnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwMTMwMTg0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODcxNjA4OWY3MGU1ZTM2M2FiNmUyZmJjZDE0MmM5NmRkM2UyZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOIZ/zB6fp1Kjq8lfgKGO0M4rE5N
JDhwC3eC2WqXvGLsh2Av4DDZ2fQWUGLG36JkuRJRiq+cnfQPJHehbczy3XGXjcr/
7AWmsONOyHv9d0CLr95dvq2APuEWpPS69NyLNsmntzjk5mb0ixJhxmi/Frd91itP
Au4jM489nIVmmezwYrvnE3PWYrs8WrYJdW+KhAlQBerBUQ3z6CN9hxxnwj4/ULUx
2IS4p9G6LFLIq82BOxac3F5pZ+gZitnf2T/4l76YbEtMG9bkhkZLkhdkDkBvUoJH
BfjZikRmsNhUVDRqtBw7JbTQyfnLfwaQch1P+C5C5douExxYx9J76JzM+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhxYIn3Dl42Orbi+80ULJbdPi1oMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvU0hGZ2lmY09Yalk2dHVMN3pSUXNsdDAtTFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdPMA0G
CSqGSIb3DQEBCwUAA4IBAQAg1YhhlOVkRut7rSehHmPsVMW4zJti8nZl0fCQlSAO
z+yRkEL9jm+bHneISF9DJ/nP3eckUEdCSPwXMwzL9wMU5EiFj2BgmKFNEQWy7tpM
6ds9M3Lz3iqEer0B0q2Tws/F1Ms9J1lLg4qg5xbwP9WXNFZxdefNWq6DWHkKUM7r
sI/OFiGF5XngoewWk90RK84z6NoIcui8/yczW1FDxKCaMB3QG9eiH2kMfzfdrHEO
gY166WwUz2Zl1jfNCmy3orktOL9WKmsCLoI+oemDVlCHR5CeIenu2lRUUvIzNKop
cXVfEqaG4/v9DXrfD/EoIAoXoCTcidKjwXKfBXeYGYZL
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:48:56 2025 by rpki-client