Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/iK58VosE5w8mUj2wirH28XtYM5A.roa
File: iK58VosE5w8mUj2wirH28XtYM5A.roa (raw, json)
Hash identifier: lwJ26QyaKSAykzTa2c1dCOGWXN9UHJ9aao/p/Mfy+T0=
Subject key identifier: 88:AE:7C:56:8B:04:E7:0F:26:52:3D:B0:8A:B1:F6:F1:7B:58:33:90
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0189BF1039D1F87A91E9F8D3850CB0AFA582
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/iK58VosE5w8mUj2wirH28XtYM5A.roa
Signing time: Fri 04 Aug 2023 05:40:58 +0000
ROA not before: Fri 04 Aug 2023 05:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14445
IP address blocks: 89.42.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bf:10:39:d1:f8:7a:91:e9:f8:d3:85:0c:b0:af:a5:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 4 05:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88ae7c568b04e70f26523db08ab1f6f17b583390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fe:fe:72:94:e6:4b:36:10:1e:52:99:53:2f:
f8:9e:88:b9:69:20:1e:fb:1a:ba:8a:44:cd:4a:ed:
d2:45:89:46:bf:b9:45:5e:74:5b:35:42:d3:ea:85:
94:b6:d8:c5:54:2c:cd:b7:69:f9:ca:0e:16:db:e6:
24:80:1e:89:44:41:70:5a:4a:f0:a2:ca:35:65:f8:
7a:30:24:af:9e:da:1e:90:d6:8d:e3:76:69:ef:ec:
06:72:25:89:ee:21:ad:57:37:6f:1e:58:89:c6:a7:
5f:7d:89:2e:48:bb:3a:89:38:ec:31:27:d9:cc:a9:
7d:99:68:17:02:fa:2d:79:52:74:71:07:a0:e2:4b:
fd:ff:5b:b7:b9:45:c9:39:3e:be:78:cd:0d:1e:48:
33:ce:39:f1:fd:41:35:b4:9c:70:aa:28:3a:16:86:
74:7a:2a:4a:76:ed:64:7d:d5:6a:b6:a9:3f:b8:b1:
38:44:b6:c6:6b:a1:fd:3e:10:2a:b6:95:d1:cf:69:
55:86:8d:45:d7:cb:60:06:f5:be:86:32:a9:a3:58:
cd:75:72:8f:33:3b:60:ae:5b:99:9c:66:c1:97:6b:
31:91:cc:e8:4b:0a:92:75:00:94:9d:bb:a7:f9:1c:
53:bb:db:65:6a:02:c9:26:94:84:11:39:ae:5d:cd:
dc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:AE:7C:56:8B:04:E7:0F:26:52:3D:B0:8A:B1:F6:F1:7B:58:33:90
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/iK58VosE5w8mUj2wirH28XtYM5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.91.0/24
Signature Algorithm: sha256WithRSAEncryption
42:07:d2:dd:ab:3d:e5:89:9f:59:a9:30:a3:e3:50:81:cd:24:
e6:cc:e8:70:2b:e8:38:b4:7e:7b:d6:6f:13:f4:fa:5b:d7:02:
06:3f:a2:d2:3a:81:01:41:21:8e:d8:be:0f:c2:35:14:9c:5d:
42:4b:aa:f3:97:5d:ac:36:ab:10:15:98:06:7c:f3:f2:c7:97:
45:ed:74:9f:ba:7b:44:56:8a:18:12:32:92:d1:ae:4a:33:3a:
ec:6c:4e:05:8f:57:db:30:c1:b5:91:eb:9c:0f:19:8c:21:b2:
74:f6:fb:87:62:80:6c:b6:2d:2c:ee:43:cd:c3:30:3f:f6:9e:
92:96:22:a4:31:10:97:78:2e:05:64:fa:28:47:db:6e:b6:91:
89:c1:92:da:92:7c:5a:13:b0:c9:e7:b7:af:6b:37:e1:79:d8:
5b:8c:40:ce:fc:69:51:7d:36:d7:97:98:30:c4:d6:fc:bc:e5:
e0:26:62:85:44:7b:a6:d0:14:7b:8b:0f:4e:96:af:81:25:3a:
27:05:27:99:ba:3b:73:ea:4d:3d:ac:53:57:70:42:93:aa:3b:
4c:9a:ae:a9:41:0d:ce:e2:99:25:5d:fe:12:b1:28:7d:68:60:
22:8e:4e:30:5e:31:ec:58:b9:c3:18:f5:d6:63:b2:64:60:73:
5e:46:ea:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm/EDnR+HqR6fjThQywr6WCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwODA0MDU0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGFlN2M1NjhiMDRlNzBmMjY1MjNkYjA4YWIxZjZmMTdiNTgzMzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv7+cpTmSzYQHlKZUy/4noi5aSAe
+xq6ikTNSu3SRYlGv7lFXnRbNULT6oWUttjFVCzNt2n5yg4W2+YkgB6JREFwWkrw
oso1Zfh6MCSvntoekNaN43Zp7+wGciWJ7iGtVzdvHliJxqdffYkuSLs6iTjsMSfZ
zKl9mWgXAvoteVJ0cQeg4kv9/1u3uUXJOT6+eM0NHkgzzjnx/UE1tJxwqig6FoZ0
eipKdu1kfdVqtqk/uLE4RLbGa6H9PhAqtpXRz2lVho1F18tgBvW+hjKpo1jNdXKP
MztgrluZnGbBl2sxkczoSwqSdQCUnbun+RxTu9tlagLJJpSEETmuXc3cgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiufFaLBOcPJlI9sIqx9vF7WDOQMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvaUs1OFZvc0U1dzhtVWoyd2lySDI4WHRZTTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpbMA0G
CSqGSIb3DQEBCwUAA4IBAQBCB9Ldqz3liZ9ZqTCj41CBzSTmzOhwK+g4tH571m8T
9Ppb1wIGP6LSOoEBQSGO2L4PwjUUnF1CS6rzl12sNqsQFZgGfPPyx5dF7XSfuntE
VooYEjKS0a5KMzrsbE4Fj1fbMMG1keucDxmMIbJ09vuHYoBsti0s7kPNwzA/9p6S
liKkMRCXeC4FZPooR9tutpGJwZLaknxaE7DJ57evazfhedhbjEDO/GlRfTbXl5gw
xNb8vOXgJmKFRHum0BR7iw9Olq+BJTonBSeZujtz6k09rFNXcEKTqjtMmq6pQQ3O
4pklXf4SsSh9aGAijk4wXjHsWLnDGPXWY7JkYHNeRup2
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:01:39 2025 by rpki-client