Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5fSPrI7Z9we9nbzXMCUE5-t7B38.roa
File: 5fSPrI7Z9we9nbzXMCUE5-t7B38.roa (raw, json)
Hash identifier: WmN2P0slEI2/CTywFvl7vy8fY5idF8ZNhLZ0fBOYyJM=
Subject key identifier: E5:F4:8F:AC:8E:D9:F7:07:BD:9D:BC:D7:30:25:04:E7:EB:7B:07:7F
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01950E70B74626B689DB586DE26673F632EF
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5fSPrI7Z9we9nbzXMCUE5-t7B38.roa
Signing time: Sun 16 Feb 2025 11:07:02 +0000
ROA not before: Sun 16 Feb 2025 11:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400810
IP address blocks: 89.42.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:0e:70:b7:46:26:b6:89:db:58:6d:e2:66:73:f6:32:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 16 11:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5f48fac8ed9f707bd9dbcd7302504e7eb7b077f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1f:62:5c:78:a0:a4:ef:14:54:7e:06:4e:e8:
f0:19:4b:a4:56:e4:c3:ec:2b:c3:3d:9e:32:3e:c2:
b9:09:47:3e:dc:d3:3c:ef:af:05:c4:12:f7:c8:fc:
0c:67:69:70:d8:c3:35:83:75:96:30:e1:d9:08:c9:
95:77:2c:7c:8b:52:96:7a:18:81:67:ae:da:d2:3b:
20:4a:e9:e0:88:19:91:b0:02:fe:25:26:c1:45:ae:
dc:2d:7a:83:e4:03:82:6e:8f:51:f9:67:83:55:fc:
81:67:84:45:71:d3:7c:fc:66:f1:79:b7:de:49:93:
08:d6:ef:90:28:ee:8a:02:96:96:09:b4:84:e3:29:
1a:9d:f8:65:0f:44:10:c7:d3:b5:f4:83:06:47:dd:
22:f0:4f:05:a4:de:d9:ed:49:74:41:be:1d:9f:01:
a9:94:bf:c5:9c:c7:fd:96:a9:b4:c6:6d:51:99:01:
46:83:52:9e:51:a3:90:df:fb:05:7a:ba:0d:1e:2d:
19:6a:19:84:37:6b:0e:b1:af:25:9e:cf:88:06:19:
1f:fa:e7:23:ee:81:a5:a3:85:56:8f:b9:2d:8c:88:
49:57:1e:5f:30:13:9b:33:2a:c9:de:df:02:25:07:
c9:22:ec:e2:1e:46:e7:85:9d:f1:30:a5:ba:2c:52:
c2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:F4:8F:AC:8E:D9:F7:07:BD:9D:BC:D7:30:25:04:E7:EB:7B:07:7F
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5fSPrI7Z9we9nbzXMCUE5-t7B38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.87.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:fe:84:1e:1e:ea:1c:23:5c:12:95:16:82:f1:c5:18:85:00:
80:6e:6c:46:37:bc:9c:ed:05:2e:de:a0:0e:77:2c:e2:ed:90:
08:74:da:c2:35:26:ab:d3:dd:de:43:44:b3:8b:ca:e9:f9:b3:
82:60:c3:11:e7:07:35:2d:15:2e:d3:1f:01:3e:9d:a1:ee:bb:
0b:66:ba:fb:c5:7a:e6:83:68:0d:10:f0:56:ca:5b:58:13:98:
6b:63:53:d8:39:13:e6:f2:f6:11:44:93:3f:a8:f4:45:b3:9d:
e2:5c:86:09:99:78:03:0b:e2:51:c4:3c:8a:b9:2d:ca:7b:5d:
44:35:03:bc:a3:f1:aa:93:b3:8d:48:51:ae:f5:c8:05:6c:d1:
f1:92:ea:76:8c:b6:07:71:18:25:55:29:b3:19:4a:2b:e0:8a:
87:83:24:85:c8:f1:aa:de:97:36:d2:15:6f:5c:4e:9e:3c:b8:
f4:ca:c2:72:81:a7:56:24:2d:09:ae:b2:d5:f4:3d:00:0d:3f:
12:1b:ce:b9:5a:0a:98:92:a5:3d:cd:ed:90:13:11:97:04:38:
4c:c4:d9:75:af:17:21:8b:c6:48:bd:17:04:f9:f5:77:8c:af:
35:00:c5:58:cc:e7:6b:26:02:db:a1:60:e5:e8:8c:ea:d6:e5:
25:9f:1a:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUOcLdGJraJ21ht4mZz9jLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMjE2MTEwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWY0OGZhYzhlZDlmNzA3YmQ5ZGJjZDczMDI1MDRlN2ViN2IwNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB9iXHigpO8UVH4GTujwGUukVuTD
7CvDPZ4yPsK5CUc+3NM8768FxBL3yPwMZ2lw2MM1g3WWMOHZCMmVdyx8i1KWehiB
Z67a0jsgSungiBmRsAL+JSbBRa7cLXqD5AOCbo9R+WeDVfyBZ4RFcdN8/Gbxebfe
SZMI1u+QKO6KApaWCbSE4ykanfhlD0QQx9O19IMGR90i8E8FpN7Z7Ul0Qb4dnwGp
lL/FnMf9lqm0xm1RmQFGg1KeUaOQ3/sFeroNHi0ZahmEN2sOsa8lns+IBhkf+ucj
7oGlo4VWj7ktjIhJVx5fMBObMyrJ3t8CJQfJIuziHkbnhZ3xMKW6LFLCxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOX0j6yO2fcHvZ281zAlBOfrewd/MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNWZTUHJJN1o5d2U5bmJ6WE1DVUU1LXQ3QjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpXMA0G
CSqGSIb3DQEBCwUAA4IBAQAu/oQeHuocI1wSlRaC8cUYhQCAbmxGN7yc7QUu3qAO
dyzi7ZAIdNrCNSar093eQ0Szi8rp+bOCYMMR5wc1LRUu0x8BPp2h7rsLZrr7xXrm
g2gNEPBWyltYE5hrY1PYORPm8vYRRJM/qPRFs53iXIYJmXgDC+JRxDyKuS3Ke11E
NQO8o/Gqk7ONSFGu9cgFbNHxkup2jLYHcRglVSmzGUor4IqHgySFyPGq3pc20hVv
XE6ePLj0ysJygadWJC0JrrLV9D0ADT8SG865WgqYkqU9ze2QExGXBDhMxNl1rxch
i8ZIvRcE+fV3jK81AMVYzOdrJgLboWDl6Izq1uUlnxpu
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:44:20 2025 by rpki-client