Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/iXpW7trYPEYlm7X0545OBYd3aeY.roa
File: iXpW7trYPEYlm7X0545OBYd3aeY.roa (raw, json)
Hash identifier: 8JxwAo7W6nB78VJF0Y0YGIBHwIaTSxNYBVUGOAKlsKo=
Subject key identifier: 89:7A:56:EE:DA:D8:3C:46:25:9B:B5:F4:E7:8E:4E:05:87:77:69:E6
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD51BC23BB4CCC6902D58CE7FE6CD4B
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/iXpW7trYPEYlm7X0545OBYd3aeY.roa
Signing time: Mon 02 Jan 2023 00:15:15 +0000
ROA not before: Mon 02 Jan 2023 00:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39802
IP address blocks: 89.39.120.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:1b:c2:3b:b4:cc:c6:90:2d:58:ce:7f:e6:cd:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=897a56eedad83c46259bb5f4e78e4e05877769e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:00:c1:8c:46:28:41:0d:85:ba:a3:f6:12:96:
61:dd:e1:23:95:28:f2:9d:6c:d1:8e:61:dc:11:f5:
2b:36:36:a6:72:c4:28:91:f6:78:e7:5c:87:be:8e:
b2:93:63:9d:25:4f:aa:b6:ce:be:78:f5:81:a1:f7:
49:2d:93:94:fb:ce:41:43:66:b4:44:91:58:30:42:
49:da:aa:cc:a7:bb:23:c9:b6:36:f0:d6:d4:d3:7b:
9b:24:6a:a8:5e:f8:13:7f:b7:d2:bf:52:51:54:a1:
4f:1b:44:eb:39:63:57:f1:75:be:4c:44:d7:8d:79:
fb:73:06:10:9a:3e:2a:e9:9f:1d:5d:14:06:8d:5f:
7b:2b:89:34:d7:71:9f:4f:c5:3f:dc:15:f4:32:93:
33:f9:09:64:3e:9a:f2:19:76:4e:7f:ad:82:53:e3:
9f:dc:d5:41:8c:fd:80:3f:de:7b:fb:12:0b:22:5c:
fc:a4:87:18:03:41:c0:00:7e:68:88:8b:2f:68:c3:
1c:7c:63:01:a1:11:e6:95:3d:a2:df:ef:b3:90:18:
81:28:93:77:2c:45:a3:5d:f7:d7:b4:f0:15:ae:1a:
08:75:8f:1d:ff:6d:1e:7b:64:67:0c:12:da:0c:f3:
fa:b0:a5:61:7d:b6:2c:4e:f6:13:ea:6e:c1:48:a4:
af:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:7A:56:EE:DA:D8:3C:46:25:9B:B5:F4:E7:8E:4E:05:87:77:69:E6
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/iXpW7trYPEYlm7X0545OBYd3aeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.120.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:07:22:d2:07:df:56:a2:e2:25:27:88:3c:71:e4:85:c5:04:
73:9d:dd:dd:3b:4f:fd:6d:5a:c0:32:44:e4:6f:f9:4c:e0:f4:
71:e5:89:b7:e9:45:90:e5:9b:1b:31:d6:c6:51:7c:19:0c:30:
72:22:99:4f:67:36:a7:89:a6:75:aa:04:78:d7:15:09:89:d6:
3b:05:29:59:08:5b:b0:57:32:d3:43:05:0b:d1:8c:7b:50:57:
d2:07:6d:aa:23:97:a1:46:92:6e:fc:58:76:1c:b8:a3:03:8e:
3e:59:e9:ea:bd:4d:eb:4e:95:37:62:84:6d:63:97:18:dc:6b:
f5:df:c1:04:74:40:64:09:25:6d:8c:37:bf:1e:9f:c7:b9:0c:
04:96:bb:92:70:86:7c:34:bb:5e:22:3b:74:03:40:f7:dd:55:
90:2a:3d:ef:25:64:94:b8:1b:6d:ed:84:39:8b:95:34:2a:ef:
94:e3:62:d9:d6:c0:62:bc:75:41:07:e0:5e:2c:d9:ce:70:d5:
fe:20:a2:00:85:58:13:89:af:ba:69:32:f8:a6:ab:bd:7c:ab:
30:64:eb:8d:68:b4:45:1d:32:5a:bb:38:fa:95:8c:d4:6b:15:
31:8b:1e:ff:8e:40:c7:4e:9f:76:cd:2b:0b:ca:cd:9b:b4:f0:
b9:6a:19:1d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1RvCO7TMxpAtWM5/5s1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTdhNTZlZWRhZDgzYzQ2MjU5YmI1ZjRlNzhlNGUwNTg3Nzc2OWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogDBjEYoQQ2FuqP2EpZh3eEjlSjy
nWzRjmHcEfUrNjamcsQokfZ451yHvo6yk2OdJU+qts6+ePWBofdJLZOU+85BQ2a0
RJFYMEJJ2qrMp7sjybY28NbU03ubJGqoXvgTf7fSv1JRVKFPG0TrOWNX8XW+TETX
jXn7cwYQmj4q6Z8dXRQGjV97K4k013GfT8U/3BX0MpMz+QlkPpryGXZOf62CU+Of
3NVBjP2AP957+xILIlz8pIcYA0HAAH5oiIsvaMMcfGMBoRHmlT2i3++zkBiBKJN3
LEWjXffXtPAVrhoIdY8d/20ee2RnDBLaDPP6sKVhfbYsTvYT6m7BSKSvcwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIl6Vu7a2DxGJZu19OeOTgWHd2nmMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2lYcFc3dHJZUEVZbG03WDA1NDVPQllkM2FlWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFZJ3gw
DQYJKoZIhvcNAQELBQADggEBALEHItIH31ai4iUniDxx5IXFBHOd3d07T/1tWsAy
RORv+Uzg9HHlibfpRZDlmxsx1sZRfBkMMHIimU9nNqeJpnWqBHjXFQmJ1jsFKVkI
W7BXMtNDBQvRjHtQV9IHbaojl6FGkm78WHYcuKMDjj5Z6eq9TetOlTdihG1jlxjc
a/XfwQR0QGQJJW2MN78en8e5DASWu5Jwhnw0u14iO3QDQPfdVZAqPe8lZJS4G23t
hDmLlTQq75TjYtnWwGK8dUEH4F4s2c5w1f4gogCFWBOJr7ppMvimq718qzBk641o
tEUdMlq7OPqVjNRrFTGLHv+OQMdOn3bNKwvKzZu08LlqGR0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:28 2025 by rpki-client