Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/qPQUM7m4TexaZcWKmnwvLE550WM.roa
File: qPQUM7m4TexaZcWKmnwvLE550WM.roa (raw, json)
Hash identifier: jj+vFxtdTMCWDHuK9MsDrx3h80/ACYHKq2UKR/E8NoY=
Subject key identifier: A8:F4:14:33:B9:B8:4D:EC:5A:65:C5:8A:9A:7C:2F:2C:4E:79:D1:63
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0193928EC4274948BE680F6C5E13E8559461
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/qPQUM7m4TexaZcWKmnwvLE550WM.roa
Signing time: Wed 04 Dec 2024 16:44:10 +0000
ROA not before: Wed 04 Dec 2024 16:44:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 89.23.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:92:8e:c4:27:49:48:be:68:0f:6c:5e:13:e8:55:94:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Dec 4 16:44:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8f41433b9b84dec5a65c58a9a7c2f2c4e79d163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:94:01:1f:e0:6e:20:3d:a6:bd:07:6d:61:8b:
fc:ac:f1:5a:b0:a3:d8:ea:d4:6c:4c:f8:cd:66:7e:
f5:82:05:0a:71:f4:d7:ad:d7:07:5d:a4:11:dd:97:
28:0d:a5:c8:9d:70:3f:17:86:be:c4:43:79:0c:56:
6d:73:e8:34:3d:b9:c0:01:2e:ed:50:cb:67:e0:cb:
4f:05:11:f3:ac:0b:40:14:ca:2e:c0:49:de:3c:55:
49:3a:35:61:ae:30:ba:a6:39:25:9a:e5:60:1f:09:
b3:c1:ec:01:ca:53:af:ff:d0:fb:1a:fe:14:db:11:
64:aa:66:c3:a2:66:9e:a5:e8:eb:e0:96:ea:18:a5:
16:09:cd:88:06:fe:4d:65:25:ab:5b:01:76:5d:3f:
06:ca:05:a3:94:d7:4f:ca:b5:17:64:fb:08:3c:8f:
10:13:af:ce:6c:0a:dd:ed:b2:8d:5a:4d:da:f6:97:
4f:73:ea:66:ed:23:c2:ec:05:d0:b9:04:68:06:9e:
7e:32:6c:99:a8:0d:ae:27:45:54:a8:18:ef:d3:38:
ab:09:50:ff:3a:bb:ca:26:b6:55:6e:f7:ef:a4:a1:
aa:5a:24:a9:89:ba:7b:c2:69:b8:61:df:75:28:21:
0e:8c:81:65:42:b5:25:d5:3e:56:95:4e:eb:f7:49:
ff:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F4:14:33:B9:B8:4D:EC:5A:65:C5:8A:9A:7C:2F:2C:4E:79:D1:63
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/qPQUM7m4TexaZcWKmnwvLE550WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.85.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:8f:22:68:b2:d5:66:9b:c9:17:db:66:bf:4d:58:a6:09:8b:
71:08:a8:e7:f4:d0:c1:16:47:76:76:c8:16:64:28:20:93:2e:
86:82:d1:fc:e8:51:d5:cf:aa:7f:f5:61:1f:a2:e7:b0:e5:a5:
c8:39:b3:06:cc:1e:33:1c:44:28:74:e0:87:94:99:77:03:da:
0a:56:91:53:53:6e:23:07:8c:ba:6b:fd:fb:71:23:61:3f:54:
18:86:96:32:a7:6d:27:8c:79:58:cb:13:96:8a:0b:d2:b7:65:
5d:f9:f9:74:1c:47:32:92:37:ea:72:05:ca:15:6a:b0:2e:e1:
19:53:59:33:5b:e0:c1:50:c6:7e:be:24:d7:36:8d:1a:0e:bd:
71:93:a2:03:f8:50:f6:d3:80:51:04:0f:65:cf:39:4c:0e:ae:
7c:02:f6:e3:d2:f4:5d:25:ca:b1:ba:b2:39:97:f8:65:9f:3b:
b7:e7:58:27:fa:eb:47:d2:fd:4b:6e:2e:7d:d6:3a:b5:d8:d0:
1b:83:ed:86:0c:28:9e:c1:0a:cd:82:eb:a7:97:35:cb:16:77:
83:30:26:52:9b:9e:0d:5c:6b:8e:db:44:71:69:c5:85:de:4f:
1f:9b:f3:78:eb:8e:d8:63:07:38:07:55:8b:af:d0:96:a0:64:
b6:71:30:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOSjsQnSUi+aA9sXhPoVZRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjQxMjA0MTY0NDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGY0MTQzM2I5Yjg0ZGVjNWE2NWM1OGE5YTdjMmYyYzRlNzlkMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pQBH+BuID2mvQdtYYv8rPFasKPY
6tRsTPjNZn71ggUKcfTXrdcHXaQR3ZcoDaXInXA/F4a+xEN5DFZtc+g0PbnAAS7t
UMtn4MtPBRHzrAtAFMouwEnePFVJOjVhrjC6pjklmuVgHwmzwewBylOv/9D7Gv4U
2xFkqmbDomaepejr4JbqGKUWCc2IBv5NZSWrWwF2XT8GygWjlNdPyrUXZPsIPI8Q
E6/ObArd7bKNWk3a9pdPc+pm7SPC7AXQuQRoBp5+MmyZqA2uJ0VUqBjv0zirCVD/
OrvKJrZVbvfvpKGqWiSpibp7wmm4Yd91KCEOjIFlQrUl1T5WlU7r90n/6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKj0FDO5uE3sWmXFipp8LyxOedFjMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvcVBRVU03bTRUZXhhWmNXS21ud3ZMRTU1MFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdVMA0G
CSqGSIb3DQEBCwUAA4IBAQAfjyJostVmm8kX22a/TVimCYtxCKjn9NDBFkd2dsgW
ZCggky6GgtH86FHVz6p/9WEfouew5aXIObMGzB4zHEQodOCHlJl3A9oKVpFTU24j
B4y6a/37cSNhP1QYhpYyp20njHlYyxOWigvSt2Vd+fl0HEcykjfqcgXKFWqwLuEZ
U1kzW+DBUMZ+viTXNo0aDr1xk6ID+FD204BRBA9lzzlMDq58Avbj0vRdJcqxurI5
l/hlnzu351gn+utH0v1Lbi591jq12NAbg+2GDCiewQrNguunlzXLFneDMCZSm54N
XGuO20RxacWF3k8fm/N4647YYwc4B1WLr9CWoGS2cTCy
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:44:38 2025 by rpki-client