Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/8ziN_bF6XVG3egvLYMZ-igDT2m0.roa
File: 8ziN_bF6XVG3egvLYMZ-igDT2m0.roa (raw, json)
Hash identifier: 2y4+VkPzMm0A3ca3/W8KFFmcaaOYYshok4VjWhz91ZQ=
Subject key identifier: F3:38:8D:FD:B1:7A:5D:51:B7:7A:0B:CB:60:C6:7E:8A:00:D3:DA:6D
Certificate issuer: /CN=ef678469574acc03d782e63281ff44faaab3f847
Certificate serial: 01856C0A32C03DCD6481AF6859C44D69FD73
Authority key identifier: EF:67:84:69:57:4A:CC:03:D7:82:E6:32:81:FF:44:FA:AA:B3:F8:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/72eEaVdKzAPXguYygf9E-qqz-Ec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/8ziN_bF6XVG3egvLYMZ-igDT2m0.roa
Signing time: Sun 01 Jan 2023 06:34:45 +0000
ROA not before: Sun 01 Jan 2023 06:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208037
IP address blocks: 89.232.172.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:32:c0:3d:cd:64:81:af:68:59:c4:4d:69:fd:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef678469574acc03d782e63281ff44faaab3f847
Validity
Not Before: Jan 1 06:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3388dfdb17a5d51b77a0bcb60c67e8a00d3da6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cc:ce:df:be:05:66:34:02:88:28:db:1b:9a:
48:0b:0a:d9:c6:fe:92:d3:d2:78:fc:3b:02:17:d7:
29:38:a5:a3:94:e3:3f:7e:d8:dd:36:ed:63:7a:68:
97:1d:e0:4e:fe:ef:74:a5:72:db:b8:4e:1a:cd:31:
84:03:5f:49:08:c9:4c:4b:33:8a:21:2d:94:d2:ae:
04:bb:47:d9:41:8a:5d:ee:11:fc:ce:6d:54:53:fe:
b2:87:49:c3:29:e7:9d:c0:5b:86:8b:7e:d2:b9:4b:
47:c9:1f:8d:07:47:a8:94:28:28:31:9a:33:c3:79:
fd:a4:9d:8d:4f:ed:95:ce:74:ac:2e:ca:e2:a6:38:
eb:3d:89:fd:1b:ae:0a:09:29:33:e8:fa:bf:5e:16:
da:f3:77:40:73:ab:ba:15:57:6c:72:44:8b:fd:8c:
24:d9:e8:4f:d2:69:3c:60:a9:b3:a8:f3:39:49:b7:
c6:4e:5e:76:45:29:bb:bf:62:a4:77:81:fb:23:ed:
19:da:40:b2:5c:4c:c7:2b:8a:07:cd:3c:f9:75:39:
06:a3:ee:22:6e:b1:cf:a0:79:c1:be:af:6e:64:ad:
7e:48:64:3a:a4:cb:2d:52:c6:63:6c:c0:88:1a:c7:
6a:49:3d:c4:1b:9e:cd:40:53:78:b1:a3:0a:24:10:
1f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:38:8D:FD:B1:7A:5D:51:B7:7A:0B:CB:60:C6:7E:8A:00:D3:DA:6D
X509v3 Authority Key Identifier:
keyid:EF:67:84:69:57:4A:CC:03:D7:82:E6:32:81:FF:44:FA:AA:B3:F8:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/72eEaVdKzAPXguYygf9E-qqz-Ec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/8ziN_bF6XVG3egvLYMZ-igDT2m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/72eEaVdKzAPXguYygf9E-qqz-Ec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.232.172.0/24
Signature Algorithm: sha256WithRSAEncryption
10:07:e2:e1:8a:a6:7a:35:20:87:13:de:b1:8a:c7:d5:65:3b:
d1:90:fc:d4:23:60:d9:be:99:a8:2d:c9:aa:d7:8a:de:1e:94:
5e:2f:ba:49:93:65:2a:04:06:90:b0:b2:c1:95:dc:06:d5:cc:
0d:ff:0c:9e:a4:c4:2f:ac:3e:0c:cf:2f:60:b5:a5:e3:0e:e6:
a9:5e:d7:15:37:38:21:2e:14:17:8c:05:ab:16:36:05:72:82:
15:27:09:5c:c3:a7:94:2e:f9:5c:99:07:4d:63:8b:cf:2e:9d:
64:ce:b2:c4:ba:bd:c0:63:21:51:49:da:c0:cb:05:ad:9a:43:
eb:c6:ba:61:08:17:e4:67:8b:bf:b9:1a:d3:ee:3d:b8:a6:26:
c5:f3:49:13:02:3e:dd:f5:d2:70:07:8e:9e:d9:e8:bd:62:fc:
aa:0b:c6:a8:22:93:dc:18:ee:f3:4e:5b:55:3f:c6:4d:51:5e:
06:12:98:b4:e1:14:2a:3a:ef:30:58:31:d9:cb:71:ec:cd:39:
f7:44:fb:f9:81:f9:e1:47:4b:d8:f9:01:36:30:1a:a9:f1:38:
e0:6a:19:83:04:9b:44:c6:33:34:68:75:fd:8f:3c:f6:23:8d:
75:e2:60:14:be:90:1b:78:92:32:7d:f4:b0:b8:48:9a:9f:54:
15:3c:65:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsCjLAPc1kga9oWcRNaf1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNjc4NDY5NTc0YWNjMDNkNzgyZTYzMjgxZmY0NGZhYWFi
M2Y4NDcwHhcNMjMwMTAxMDYzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzM4OGRmZGIxN2E1ZDUxYjc3YTBiY2I2MGM2N2U4YTAwZDNkYTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhszO374FZjQCiCjbG5pICwrZxv6S
09J4/DsCF9cpOKWjlOM/ftjdNu1jemiXHeBO/u90pXLbuE4azTGEA19JCMlMSzOK
IS2U0q4Eu0fZQYpd7hH8zm1UU/6yh0nDKeedwFuGi37SuUtHyR+NB0eolCgoMZoz
w3n9pJ2NT+2VznSsLsripjjrPYn9G64KCSkz6Pq/Xhba83dAc6u6FVdsckSL/Ywk
2ehP0mk8YKmzqPM5SbfGTl52RSm7v2Kkd4H7I+0Z2kCyXEzHK4oHzTz5dTkGo+4i
brHPoHnBvq9uZK1+SGQ6pMstUsZjbMCIGsdqST3EG57NQFN4saMKJBAfTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPM4jf2xel1Rt3oLy2DGfooA09ptMB8GA1UdIwQY
MBaAFO9nhGlXSswD14LmMoH/RPqqs/hHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzJlRWFWZEt6QVBYZ3VZeWdmOUUtcXF6LUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9iNDY3M2ItMjEwYi00ZTVhLTg3NmEt
ZGMwNTllNjliMWQwLzEvOHppTl9iRjZYVkczZWd2TFlNWi1pZ0RUMm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9iNDY3M2ItMjEwYi00ZTVhLTg3NmEtZGMwNTllNjliMWQw
LzEvNzJlRWFWZEt6QVBYZ3VZeWdmOUUtcXF6LUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWeisMA0G
CSqGSIb3DQEBCwUAA4IBAQAQB+LhiqZ6NSCHE96xisfVZTvRkPzUI2DZvpmoLcmq
14reHpReL7pJk2UqBAaQsLLBldwG1cwN/wyepMQvrD4Mzy9gtaXjDuapXtcVNzgh
LhQXjAWrFjYFcoIVJwlcw6eULvlcmQdNY4vPLp1kzrLEur3AYyFRSdrAywWtmkPr
xrphCBfkZ4u/uRrT7j24pibF80kTAj7d9dJwB46e2ei9YvyqC8aoIpPcGO7zTltV
P8ZNUV4GEpi04RQqOu8wWDHZy3HszTn3RPv5gfnhR0vY+QE2MBqp8TjgahmDBJtE
xjM0aHX9jzz2I4114mAUvpAbeJIyffSwuEian1QVPGUr
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:45:54 2025 by rpki-client