Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/F3DNezzadU1XpT8L3aIipQJfYJc.roa
File: F3DNezzadU1XpT8L3aIipQJfYJc.roa (raw, json)
Hash identifier: EcUT/jibygMl/heN4FfG2zRp5RcPvi4m5eK4hVJhb3E=
Subject key identifier: 17:70:CD:7B:3C:DA:75:4D:57:A5:3F:0B:DD:A2:22:A5:02:5F:60:97
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD51F635A93632D8F9B9CA3817B6203
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/F3DNezzadU1XpT8L3aIipQJfYJc.roa
Signing time: Mon 02 Jan 2023 00:15:16 +0000
ROA not before: Mon 02 Jan 2023 00:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42123
IP address blocks: 89.41.136.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:1f:63:5a:93:63:2d:8f:9b:9c:a3:81:7b:62:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1770cd7b3cda754d57a53f0bdda222a5025f6097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:96:d1:09:28:ae:49:2d:ab:78:a7:b9:9a:d7:
da:8f:26:61:a7:03:2b:2d:43:05:0e:6a:be:6e:53:
d3:c7:6f:3d:53:a2:ce:50:dd:06:dc:95:bd:68:58:
39:67:cb:0f:6d:ae:8f:cb:ce:2b:b2:22:e7:2b:9c:
28:d8:a9:4b:9a:19:11:06:c4:70:2e:22:4b:c6:ac:
28:fd:07:d2:3d:90:65:ec:8a:ec:e6:68:0f:8c:93:
f2:4f:dd:b6:3e:5e:f8:54:1f:00:f6:37:9e:49:77:
f0:a6:04:d5:2c:2a:86:0b:3b:3f:c1:66:b9:c9:66:
be:65:19:32:95:0e:5f:12:f1:cb:4b:29:db:59:89:
01:73:7d:f1:7e:10:7c:8e:88:98:6c:9d:51:1e:75:
28:b1:f7:cc:f5:38:57:f4:9d:a3:24:c0:25:4d:1c:
d9:63:69:25:f4:30:52:c7:e5:45:17:0f:92:d8:53:
81:19:9f:f0:89:fe:df:85:45:8d:24:56:14:ac:35:
cc:4a:dc:9e:03:79:ec:6f:c5:06:6b:f5:05:0d:a9:
30:b8:15:42:c3:54:f8:0b:d8:00:ab:b8:a0:1c:22:
d3:e4:8e:20:34:85:73:79:d9:53:f7:51:1e:b0:c8:
86:79:b2:22:ee:7d:8a:47:87:02:54:82:88:5e:41:
18:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:70:CD:7B:3C:DA:75:4D:57:A5:3F:0B:DD:A2:22:A5:02:5F:60:97
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/F3DNezzadU1XpT8L3aIipQJfYJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.41.136.0/23
Signature Algorithm: sha256WithRSAEncryption
47:21:17:e5:96:3f:67:97:3e:c3:e6:eb:0c:c7:04:86:52:59:
d7:38:af:76:f2:ce:3f:b6:f5:a8:be:87:35:f4:14:e7:8f:25:
de:37:11:44:e5:45:ac:ab:f3:17:a2:0c:2e:7a:c4:6f:bb:e9:
32:ac:2f:8b:9f:d7:1b:ee:c7:ff:47:29:e6:a2:72:34:58:f3:
39:67:3f:95:ac:96:ec:7d:3b:e8:32:49:68:40:30:a1:82:8a:
27:59:7e:0e:b2:ee:96:d6:8f:0a:d0:5b:aa:a8:e4:99:a6:6d:
1e:3b:9a:28:87:7f:fd:49:69:01:a0:ae:7d:b3:f0:34:10:e3:
f2:bc:30:99:b1:93:67:81:ed:80:20:9a:06:2c:a0:50:5c:0c:
b6:6f:db:2e:a0:31:80:24:28:f9:a9:5f:fc:5a:c5:bb:86:c3:
f7:a1:39:cc:46:b1:d9:51:bf:fb:03:d3:02:01:77:a0:9f:74:
70:ee:85:34:35:94:8c:e6:f5:35:3b:6d:a7:cf:fa:18:2d:22:
49:61:d9:70:e6:68:61:50:7f:72:7a:e6:7a:2d:27:f4:99:19:
c9:a3:e0:2c:cd:dd:3b:5b:96:5d:f7:28:03:06:85:4c:a7:4f:
76:24:df:f5:ce:ed:ea:93:1f:6b:d4:38:c3:29:0d:0a:ea:1a:
18:65:e9:87
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1R9jWpNjLY+bnKOBe2IDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzcwY2Q3YjNjZGE3NTRkNTdhNTNmMGJkZGEyMjJhNTAyNWY2MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5bRCSiuSS2reKe5mtfajyZhpwMr
LUMFDmq+blPTx289U6LOUN0G3JW9aFg5Z8sPba6Py84rsiLnK5wo2KlLmhkRBsRw
LiJLxqwo/QfSPZBl7Irs5mgPjJPyT922Pl74VB8A9jeeSXfwpgTVLCqGCzs/wWa5
yWa+ZRkylQ5fEvHLSynbWYkBc33xfhB8joiYbJ1RHnUosffM9ThX9J2jJMAlTRzZ
Y2kl9DBSx+VFFw+S2FOBGZ/wif7fhUWNJFYUrDXMStyeA3nsb8UGa/UFDakwuBVC
w1T4C9gAq7igHCLT5I4gNIVzedlT91EesMiGebIi7n2KR4cCVIKIXkEYbQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBdwzXs82nVNV6U/C92iIqUCX2CXMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0YzRE5lenphZFUxWHBUOEwzYUlpcFFKZllKYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFZKYgw
DQYJKoZIhvcNAQELBQADggEBAEchF+WWP2eXPsPm6wzHBIZSWdc4r3byzj+29ai+
hzX0FOePJd43EUTlRayr8xeiDC56xG+76TKsL4uf1xvux/9HKeaicjRY8zlnP5Ws
lux9O+gySWhAMKGCiidZfg6y7pbWjwrQW6qo5JmmbR47miiHf/1JaQGgrn2z8DQQ
4/K8MJmxk2eB7YAgmgYsoFBcDLZv2y6gMYAkKPmpX/xaxbuGw/ehOcxGsdlRv/sD
0wIBd6CfdHDuhTQ1lIzm9TU7bafP+hgtIklh2XDmaGFQf3J65notJ/SZGcmj4CzN
3Ttbll33KAMGhUynT3Yk3/XO7eqTH2vUOMMpDQrqGhhl6Yc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:17 2025 by rpki-client