Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/38K4h39BvbFoIbP8BAXX_dbL_1g.roa
File: 38K4h39BvbFoIbP8BAXX_dbL_1g.roa (raw, json)
Hash identifier: S8omm9r9ZV0oOURKKRvCpdVGxFUr3U/F0y6hW8ghe1k=
Subject key identifier: DF:C2:B8:87:7F:41:BD:B1:68:21:B3:FC:04:05:D7:FD:D6:CB:FF:58
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01936CA8EC74B549945A04E8C62EDBEAEFE6
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/38K4h39BvbFoIbP8BAXX_dbL_1g.roa
Signing time: Wed 27 Nov 2024 08:07:10 +0000
ROA not before: Wed 27 Nov 2024 08:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:a8:ec:74:b5:49:94:5a:04:e8:c6:2e:db:ea:ef:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 27 08:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfc2b8877f41bdb16821b3fc0405d7fdd6cbff58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:dc:73:c4:f4:c9:7e:bf:ed:57:d2:0f:23:57:
8a:e0:50:be:33:af:6b:b9:0b:21:11:cf:c2:ae:8d:
be:d0:63:b6:cd:e3:5b:8c:a3:9d:a4:aa:f7:cf:72:
16:93:4a:f6:2d:36:10:fd:9c:0c:44:78:9d:bc:01:
d0:fa:a6:c1:15:05:e9:23:9f:b0:8a:2e:f2:bc:09:
fc:b2:1f:f6:7c:5f:d3:88:f7:fe:2a:14:d4:13:d7:
78:3f:6a:9e:4c:34:e0:d6:79:75:e5:99:e2:ce:05:
52:7d:24:b0:de:c2:89:2a:60:66:c1:c2:97:b7:0b:
ab:70:89:c8:e0:00:12:c5:ca:9d:92:d8:e5:b8:e0:
d8:06:e2:bb:5b:92:f4:f1:de:1b:4a:dc:9c:b9:65:
16:81:ac:62:21:89:14:81:77:59:67:91:f6:f7:65:
ae:91:0a:95:67:c5:57:b4:8e:a7:24:33:7c:12:4d:
4e:c7:d0:84:75:77:ba:6c:15:04:a6:e5:09:ef:37:
84:83:fe:73:75:1c:63:84:c4:c8:a3:43:dd:f5:4a:
f3:91:32:df:bf:44:51:d3:a3:3b:4a:3b:c3:dd:46:
9b:15:5f:44:38:46:4d:46:71:0e:f7:72:1d:0a:bf:
f1:e4:3b:61:27:ee:93:e1:ed:0a:6d:ec:73:fc:f1:
d8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C2:B8:87:7F:41:BD:B1:68:21:B3:FC:04:05:D7:FD:D6:CB:FF:58
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/38K4h39BvbFoIbP8BAXX_dbL_1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
Signature Algorithm: sha256WithRSAEncryption
32:e9:1b:be:39:a4:f6:e2:9a:8c:9d:46:0e:0b:38:64:3f:24:
bd:ec:bb:01:98:e6:98:90:f8:87:a6:10:07:3b:73:f7:7d:f5:
09:c2:ff:7c:91:2f:9b:d1:4f:4b:a2:a1:49:84:e7:41:fc:d7:
23:b6:a0:46:fd:63:40:a2:e2:9c:9a:1e:f4:96:dc:6e:32:a7:
01:fc:57:12:01:71:ca:0a:70:ed:4f:a7:35:3b:70:ff:e3:e7:
91:62:af:f1:a4:3c:c0:9e:ce:3d:d9:61:a7:1c:30:01:b8:97:
11:6a:16:1f:d2:da:a8:3e:e0:43:dd:f9:7b:02:69:c3:51:b3:
bd:30:74:4d:7b:de:a0:37:86:aa:2b:12:da:d2:c4:61:05:be:
c9:be:9e:c4:30:a9:23:ad:72:a7:4a:84:92:c5:fb:84:f9:00:
cf:37:09:b5:5c:6e:53:d8:00:a0:03:f4:ab:6f:01:39:e1:e7:
32:d8:b0:91:54:10:a0:34:80:1c:10:91:36:24:95:fc:46:04:
16:2a:0b:93:5f:f9:f4:67:35:4a:85:d3:ee:12:2b:d2:1f:fa:
46:d3:a7:5d:9b:24:2f:9c:e6:aa:cd:d3:08:22:e6:47:04:b6:
d7:e8:ed:ff:b3:c1:51:4a:bf:6b:60:a8:5c:ca:55:1f:3e:93:
a1:a4:83:06
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNsqOx0tUmUWgToxi7b6u/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQxMTI3MDgwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmMyYjg4NzdmNDFiZGIxNjgyMWIzZmMwNDA1ZDdmZGQ2Y2JmZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9xzxPTJfr/tV9IPI1eK4FC+M69r
uQshEc/Cro2+0GO2zeNbjKOdpKr3z3IWk0r2LTYQ/ZwMRHidvAHQ+qbBFQXpI5+w
ii7yvAn8sh/2fF/TiPf+KhTUE9d4P2qeTDTg1nl15ZnizgVSfSSw3sKJKmBmwcKX
twurcInI4AASxcqdktjluODYBuK7W5L08d4bStycuWUWgaxiIYkUgXdZZ5H292Wu
kQqVZ8VXtI6nJDN8Ek1Ox9CEdXe6bBUEpuUJ7zeEg/5zdRxjhMTIo0Pd9UrzkTLf
v0RR06M7SjvD3UabFV9EOEZNRnEO93IdCr/x5DthJ+6T4e0Kbexz/PHYPwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN/CuId/Qb2xaCGz/AQF1/3Wy/9YMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMzhLNGgzOUJ2YkZvSWJQOEJBWFhfZGJMXzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABZKlED
BAJZKlAwDQYJKoZIhvcNAQELBQADggEBADLpG745pPbimoydRg4LOGQ/JL3suwGY
5piQ+IemEAc7c/d99QnC/3yRL5vRT0uioUmE50H81yO2oEb9Y0Ci4pyaHvSW3G4y
pwH8VxIBccoKcO1PpzU7cP/j55Fir/GkPMCezj3ZYaccMAG4lxFqFh/S2qg+4EPd
+XsCacNRs70wdE173qA3hqorEtrSxGEFvsm+nsQwqSOtcqdKhJLF+4T5AM83CbVc
blPYAKAD9KtvATnh5zLYsJFUEKA0gBwQkTYklfxGBBYqC5Nf+fRnNUqF0+4SK9If
+kbTp12bJC+c5qrN0wgi5kcEttfo7f+zwVFKv2tgqFzKVR8+k6GkgwY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:33:55 2025 by rpki-client