Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/epelwHANh7OiGsK_9lXuxpfMg6A.roa
File: epelwHANh7OiGsK_9lXuxpfMg6A.roa (raw, json)
Hash identifier: cvIngfrBRq+miG7IEBZb12qk6qbFmlm6tUzWI+SSFws=
Subject key identifier: 7A:97:A5:C0:70:0D:87:B3:A2:1A:C2:BF:F6:55:EE:C6:97:CC:83:A0
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 019425217C5436641B0EB76F91480B473440
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/epelwHANh7OiGsK_9lXuxpfMg6A.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48931
IP address blocks: 89.42.38.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7c:54:36:64:1b:0e:b7:6f:91:48:0b:47:34:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a97a5c0700d87b3a21ac2bff655eec697cc83a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:64:95:ee:1d:97:53:98:37:10:40:3a:b3:f8:
0d:18:1a:af:5f:c4:48:67:d3:0c:62:2e:3e:e5:72:
59:0c:3e:66:a0:9c:48:dd:c4:57:fe:fa:12:30:38:
bc:af:1e:f5:2f:75:4b:cb:24:3e:39:ac:f7:6a:88:
7a:c2:b9:79:1c:d8:97:9c:d3:fb:ff:bb:38:cd:4c:
ee:fa:0d:7e:87:d7:f8:b4:e7:1e:99:67:a8:b6:88:
52:71:dc:b8:e0:8b:0c:69:8e:b0:f9:62:03:db:49:
7f:84:13:e5:b5:19:2b:d9:a2:1e:d0:9c:8d:af:2f:
70:48:5e:e5:df:89:78:c1:e8:92:f5:b3:01:37:1e:
21:c6:55:14:de:ef:9f:a1:6e:84:31:49:75:b2:66:
4c:ea:1a:cf:b3:5c:7e:fa:5f:db:e3:be:af:c6:af:
93:7c:2c:92:ef:2d:0e:17:ed:c1:82:6a:c6:47:fe:
f3:e6:db:c2:c3:cb:51:b0:e5:13:be:40:e7:01:91:
c9:90:43:53:13:4e:e9:30:b2:0b:54:45:82:fe:02:
81:7c:b7:8a:b1:36:5e:fe:0b:1d:09:7e:49:d1:64:
02:3b:36:20:ce:e6:fc:c9:2f:af:a1:ad:cb:ea:9a:
93:53:89:b9:4a:4f:bb:bf:10:e2:51:9f:1b:07:39:
a0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:97:A5:C0:70:0D:87:B3:A2:1A:C2:BF:F6:55:EE:C6:97:CC:83:A0
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/epelwHANh7OiGsK_9lXuxpfMg6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.38.0/23
Signature Algorithm: sha256WithRSAEncryption
08:dd:79:07:2e:17:ee:bf:15:0f:8c:b8:1b:7b:54:db:b5:09:
79:15:e3:b7:b7:a8:e6:a9:cb:fe:9d:ea:96:2c:3a:e8:f7:e7:
3a:93:89:ef:b6:b4:0b:5c:75:c1:61:33:f0:82:a7:3e:71:fd:
6a:c2:bc:7f:ab:4e:78:9f:a4:22:d8:14:af:30:eb:4e:1e:e2:
4c:91:a2:36:1a:45:5b:2c:ef:35:86:91:ac:c2:44:43:13:cd:
d6:75:41:46:b3:5f:67:45:9d:09:13:4c:d5:6c:4b:bc:17:ae:
9f:91:5a:6e:0a:66:bd:74:07:78:8f:fd:eb:a4:16:de:14:79:
1d:12:15:36:f8:c4:4d:0a:91:40:a0:67:23:7e:e6:4a:a8:57:
e6:06:02:5c:3f:2f:eb:18:35:1a:6e:3c:36:94:ff:a2:c2:ef:
21:4f:0c:86:34:ea:6a:85:f8:74:59:b1:78:61:09:e2:6e:44:
70:5f:49:e4:bf:31:4f:d5:0e:bf:ae:18:d0:f2:ba:09:22:ad:
04:3d:1a:1a:24:de:56:ac:d2:09:ed:e5:ec:72:56:fd:5b:54:
cb:fa:aa:2a:e3:1f:f8:fc:fa:00:8d:41:b7:ee:a8:d8:9c:b5:
a4:d9:be:8f:dc:1b:75:d2:dd:63:b9:66:7d:d2:ca:50:e2:8a:
31:2f:3a:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIXxUNmQbDrdvkUgLRzRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTk3YTVjMDcwMGQ4N2IzYTIxYWMyYmZmNjU1ZWVjNjk3Y2M4M2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymSV7h2XU5g3EEA6s/gNGBqvX8RI
Z9MMYi4+5XJZDD5moJxI3cRX/voSMDi8rx71L3VLyyQ+Oaz3aoh6wrl5HNiXnNP7
/7s4zUzu+g1+h9f4tOcemWeotohScdy44IsMaY6w+WID20l/hBPltRkr2aIe0JyN
ry9wSF7l34l4weiS9bMBNx4hxlUU3u+foW6EMUl1smZM6hrPs1x++l/b476vxq+T
fCyS7y0OF+3BgmrGR/7z5tvCw8tRsOUTvkDnAZHJkENTE07pMLILVEWC/gKBfLeK
sTZe/gsdCX5J0WQCOzYgzub8yS+voa3L6pqTU4m5Sk+7vxDiUZ8bBzmg3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHqXpcBwDYezohrCv/ZV7saXzIOgMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvZXBlbHdIQU5oN09pR3NLXzlsWHV4cGZNZzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSomMA0G
CSqGSIb3DQEBCwUAA4IBAQAI3XkHLhfuvxUPjLgbe1TbtQl5FeO3t6jmqcv+neqW
LDro9+c6k4nvtrQLXHXBYTPwgqc+cf1qwrx/q054n6Qi2BSvMOtOHuJMkaI2GkVb
LO81hpGswkRDE83WdUFGs19nRZ0JE0zVbEu8F66fkVpuCma9dAd4j/3rpBbeFHkd
EhU2+MRNCpFAoGcjfuZKqFfmBgJcPy/rGDUabjw2lP+iwu8hTwyGNOpqhfh0WbF4
YQnibkRwX0nkvzFP1Q6/rhjQ8roJIq0EPRoaJN5WrNIJ7eXsclb9W1TL+qoq4x/4
/PoAjUG37qjYnLWk2b6P3Bt10t1juWZ90spQ4ooxLzq+
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:35:41 2025 by rpki-client