Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/MHNWn_bNBX1lqcEOD0mTT7wACrI.roa
File: MHNWn_bNBX1lqcEOD0mTT7wACrI.roa (raw, json)
Hash identifier: clLcaYzI7DQcX+Fv2rNG1C3Zllntv/UDtJxJ/vRXxoQ=
Subject key identifier: 30:73:56:9F:F6:CD:05:7D:65:A9:C1:0E:0F:49:93:4F:BC:00:0A:B2
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 019425217FA64ABFB628270FA3F8EA6EAB8A
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/MHNWn_bNBX1lqcEOD0mTT7wACrI.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215014
IP address blocks: 89.42.38.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7f:a6:4a:bf:b6:28:27:0f:a3:f8:ea:6e:ab:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3073569ff6cd057d65a9c10e0f49934fbc000ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3b:12:2e:3d:bb:a5:a4:fa:0d:6e:48:a3:69:
60:66:2e:3a:31:7e:5a:4d:00:94:07:d7:10:f2:bf:
1d:28:91:f0:c5:e0:81:77:9b:a4:32:70:bd:ff:9d:
48:67:d1:e5:7a:69:b7:aa:f9:5f:80:11:f3:92:7d:
5b:48:86:1a:f9:a8:00:0e:d3:b9:6e:87:ff:e2:14:
98:d6:a8:b2:00:45:29:6b:36:71:6d:d6:34:1f:ca:
98:1e:50:2b:f8:ab:36:33:5d:d6:53:d3:df:81:fd:
ae:da:be:3a:8f:ce:7e:9f:f0:8b:17:b4:8c:14:3b:
be:15:22:66:4a:21:26:e5:7d:7c:56:66:1e:f5:78:
a2:67:04:7c:90:8d:69:5d:9a:8d:c7:c9:13:3c:a7:
87:af:fd:e7:2c:31:29:6c:c6:c7:8a:00:88:6f:90:
e7:29:e5:1c:e1:bf:a9:4f:e7:d0:8a:dd:45:a4:60:
ec:de:06:40:c5:d5:7c:62:a6:22:fd:80:62:6d:48:
2b:74:ff:38:61:88:5a:04:76:58:88:98:85:76:cf:
9c:15:27:65:9b:e7:46:7e:5e:e9:38:d0:f1:f8:a3:
99:5a:cc:09:2c:17:ff:11:74:a8:43:05:2c:a7:88:
06:14:f9:58:76:95:2b:ce:44:e4:d9:4c:91:b7:55:
af:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:73:56:9F:F6:CD:05:7D:65:A9:C1:0E:0F:49:93:4F:BC:00:0A:B2
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/MHNWn_bNBX1lqcEOD0mTT7wACrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.38.0/23
Signature Algorithm: sha256WithRSAEncryption
87:46:4b:20:e3:ed:ba:d6:75:98:c3:a8:b4:3a:81:95:7b:7d:
74:a5:16:c3:8a:1b:c7:e4:6e:42:9e:c0:58:94:0c:df:4e:da:
35:ff:3d:82:53:6e:80:31:78:51:77:d1:d9:c0:98:57:44:90:
66:1f:72:c0:3b:0d:62:4c:82:48:99:a4:a5:68:2b:ac:9f:0c:
5c:57:0d:0c:20:90:e9:d6:cc:7d:88:d2:19:a6:81:d9:49:44:
31:bd:74:62:d6:bd:8a:e8:f3:e8:da:28:e9:42:7a:7c:07:d8:
17:a5:b2:41:ec:44:c9:7d:85:df:6b:3d:db:83:59:db:2b:0f:
d1:15:66:78:a8:90:7a:2f:b6:d7:6b:2a:7e:f2:9f:4e:fa:8d:
6f:02:ac:d0:31:06:06:48:72:ce:de:d7:fe:fd:78:b6:ae:2f:
34:3c:e1:ac:f3:4a:a7:1d:6a:dc:17:e6:8b:5b:34:2f:37:11:
78:63:c6:d5:50:ba:99:9d:14:d5:d2:06:40:8b:08:7e:e6:dd:
7f:82:7e:7d:9a:6c:21:01:a6:a2:76:3e:0e:5e:d2:f2:54:2e:
0c:4d:cf:11:ca:42:cc:03:0a:4e:2b:c2:18:cc:d7:a6:ca:2b:
76:c3:8f:85:99:cb:2c:3c:67:96:21:d1:0f:c6:85:73:02:10:
a0:d3:38:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIX+mSr+2KCcPo/jqbquKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDczNTY5ZmY2Y2QwNTdkNjVhOWMxMGUwZjQ5OTM0ZmJjMDAwYWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljsSLj27paT6DW5Io2lgZi46MX5a
TQCUB9cQ8r8dKJHwxeCBd5ukMnC9/51IZ9Hlemm3qvlfgBHzkn1bSIYa+agADtO5
bof/4hSY1qiyAEUpazZxbdY0H8qYHlAr+Ks2M13WU9Pfgf2u2r46j85+n/CLF7SM
FDu+FSJmSiEm5X18VmYe9XiiZwR8kI1pXZqNx8kTPKeHr/3nLDEpbMbHigCIb5Dn
KeUc4b+pT+fQit1FpGDs3gZAxdV8YqYi/YBibUgrdP84YYhaBHZYiJiFds+cFSdl
m+dGfl7pONDx+KOZWswJLBf/EXSoQwUsp4gGFPlYdpUrzkTk2UyRt1Wv2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBzVp/2zQV9ZanBDg9Jk0+8AAqyMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvTUhOV25fYk5CWDFscWNFT0QwbVRUN3dBQ3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSomMA0G
CSqGSIb3DQEBCwUAA4IBAQCHRksg4+261nWYw6i0OoGVe310pRbDihvH5G5CnsBY
lAzfTto1/z2CU26AMXhRd9HZwJhXRJBmH3LAOw1iTIJImaSlaCusnwxcVw0MIJDp
1sx9iNIZpoHZSUQxvXRi1r2K6PPo2ijpQnp8B9gXpbJB7ETJfYXfaz3bg1nbKw/R
FWZ4qJB6L7bXayp+8p9O+o1vAqzQMQYGSHLO3tf+/Xi2ri80POGs80qnHWrcF+aL
WzQvNxF4Y8bVULqZnRTV0gZAiwh+5t1/gn59mmwhAaaidj4OXtLyVC4MTc8RykLM
AwpOK8IYzNemyit2w4+FmcssPGeWIdEPxoVzAhCg0zi6
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:45:20 2025 by rpki-client