Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/laiwhTGDMa3GgUa9Emwt7i9rEdM.roa
File: laiwhTGDMa3GgUa9Emwt7i9rEdM.roa (raw, json)
Hash identifier: RweBES0GF8N0ZwYFbSpfU2jgdB8o74JX6N/g/Yo4zEc=
Subject key identifier: 95:A8:B0:85:31:83:31:AD:C6:81:46:BD:12:6C:2D:EE:2F:6B:11:D3
Certificate issuer: /CN=c518644ac461ddd2cf4bc5ad5c2b4262535c38c8
Certificate serial: 0187793A11EB7EF333059BAFD9E50B05B0CA
Authority key identifier: C5:18:64:4A:C4:61:DD:D2:CF:4B:C5:AD:5C:2B:42:62:53:5C:38:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xRhkSsRh3dLPS8WtXCtCYlNcOMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/laiwhTGDMa3GgUa9Emwt7i9rEdM.roa
Signing time: Thu 13 Apr 2023 06:07:41 +0000
ROA not before: Thu 13 Apr 2023 06:07:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 89.42.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:3a:11:eb:7e:f3:33:05:9b:af:d9:e5:0b:05:b0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c518644ac461ddd2cf4bc5ad5c2b4262535c38c8
Validity
Not Before: Apr 13 06:07:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95a8b085318331adc68146bd126c2dee2f6b11d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:19:4c:5b:c9:f8:ae:1c:03:b0:98:a7:c0:9e:
aa:99:55:20:89:b9:f3:c1:96:07:cd:85:3a:be:28:
00:88:27:b4:f5:bd:91:d7:2b:58:a7:74:4c:0c:44:
49:4f:89:91:81:db:7a:9d:05:dd:83:d4:1a:a6:f7:
b7:76:69:01:11:ac:b1:5d:9e:18:9a:8e:d3:ee:0d:
d0:8b:c6:00:0a:ff:3a:c7:73:c2:b5:17:c3:36:29:
5e:4f:6d:26:b3:64:a9:72:5e:45:61:bc:b3:95:51:
e6:67:9e:ce:38:79:a1:e3:21:e0:be:8e:8f:21:39:
ee:eb:6f:69:05:00:c7:06:c8:61:b7:93:02:51:77:
27:1d:f0:b6:a7:85:8b:9d:ec:75:8c:38:b9:ef:20:
4f:ed:e4:57:56:6a:ce:27:96:e1:8b:c1:e1:83:11:
7c:95:61:f0:f5:5f:f7:a8:75:d5:cd:9d:ec:b3:80:
3f:10:c6:c5:99:a2:e4:7c:f3:1f:6c:43:17:5f:62:
01:c7:3f:88:64:9c:4b:d0:5a:30:f3:27:81:d6:ce:
5d:24:61:d0:dd:7c:62:d1:d3:e8:48:ac:de:1f:09:
68:04:41:ab:4c:cf:7f:cf:6d:e9:33:d8:60:0e:ff:
68:68:4b:79:18:b8:61:d3:91:9c:df:61:43:c5:64:
d5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A8:B0:85:31:83:31:AD:C6:81:46:BD:12:6C:2D:EE:2F:6B:11:D3
X509v3 Authority Key Identifier:
keyid:C5:18:64:4A:C4:61:DD:D2:CF:4B:C5:AD:5C:2B:42:62:53:5C:38:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRhkSsRh3dLPS8WtXCtCYlNcOMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/laiwhTGDMa3GgUa9Emwt7i9rEdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1df875-2a23-4fe8-b1f0-cebded36f878/1/xRhkSsRh3dLPS8WtXCtCYlNcOMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.111.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:93:c3:e5:65:53:63:04:cb:8f:ac:7b:6f:3e:62:45:92:20:
03:37:a5:5b:cc:fc:46:af:b8:75:fb:a2:82:5c:f8:4a:aa:c5:
3d:7c:26:2b:e1:5a:a9:b0:c0:d8:3d:3a:d6:a9:9f:58:03:3b:
49:ec:d3:08:8c:62:67:ab:74:bb:65:16:ca:33:cb:5e:a3:de:
fc:d2:b6:ad:95:7c:f5:51:a8:cd:a6:d6:45:18:e7:76:3a:4c:
8e:55:41:d9:97:08:35:ba:03:74:ad:d9:a5:ad:d5:e4:82:82:
b2:5b:e8:8a:d9:ab:ac:ff:9d:ef:c3:96:28:a1:61:30:ab:88:
30:9f:bb:ba:19:52:3f:0e:93:bb:81:ae:85:b6:fa:be:ab:4a:
74:8b:42:bd:74:3e:e4:27:c1:28:f3:20:72:ad:60:c5:49:52:
f0:44:22:60:54:ce:14:7f:4f:3b:f7:86:56:d9:ae:38:2f:91:
4f:31:67:04:10:70:23:07:a1:ef:1a:cb:d2:06:66:bf:b7:17:
45:aa:c9:b5:61:61:f1:44:44:dd:d7:80:17:ff:e4:ec:a4:d9:
df:1e:13:96:04:b4:53:fb:45:b4:b7:f7:1e:47:d3:03:e7:96:
2f:73:64:fd:b7:1d:65:48:61:98:1c:33:f4:7f:df:73:97:e5:
e5:1b:10:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd5OhHrfvMzBZuv2eULBbDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTg2NDRhYzQ2MWRkZDJjZjRiYzVhZDVjMmI0MjYyNTM1
YzM4YzgwHhcNMjMwNDEzMDYwNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWE4YjA4NTMxODMzMWFkYzY4MTQ2YmQxMjZjMmRlZTJmNmIxMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRlMW8n4rhwDsJinwJ6qmVUgibnz
wZYHzYU6vigAiCe09b2R1ytYp3RMDERJT4mRgdt6nQXdg9Qapve3dmkBEayxXZ4Y
mo7T7g3Qi8YACv86x3PCtRfDNileT20ms2Spcl5FYbyzlVHmZ57OOHmh4yHgvo6P
ITnu629pBQDHBshht5MCUXcnHfC2p4WLnex1jDi57yBP7eRXVmrOJ5bhi8HhgxF8
lWHw9V/3qHXVzZ3ss4A/EMbFmaLkfPMfbEMXX2IBxz+IZJxL0Fow8yeB1s5dJGHQ
3Xxi0dPoSKzeHwloBEGrTM9/z23pM9hgDv9oaEt5GLhh05Gc32FDxWTVnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWosIUxgzGtxoFGvRJsLe4vaxHTMB8GA1UdIwQY
MBaAFMUYZErEYd3Sz0vFrVwrQmJTXDjIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJoa1NzUmgzZExQUzhXdFhDdENZbE5jT01nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZGY4NzUtMmEyMy00ZmU4LWIxZjAt
Y2ViZGVkMzZmODc4LzEvbGFpd2hUR0RNYTNHZ1VhOUVtd3Q3aTlyRWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZGY4NzUtMmEyMy00ZmU4LWIxZjAtY2ViZGVkMzZmODc4
LzEveFJoa1NzUmgzZExQUzhXdFhDdENZbE5jT01nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpvMA0G
CSqGSIb3DQEBCwUAA4IBAQDRk8PlZVNjBMuPrHtvPmJFkiADN6VbzPxGr7h1+6KC
XPhKqsU9fCYr4VqpsMDYPTrWqZ9YAztJ7NMIjGJnq3S7ZRbKM8teo9780ratlXz1
UajNptZFGOd2OkyOVUHZlwg1ugN0rdmlrdXkgoKyW+iK2aus/53vw5YooWEwq4gw
n7u6GVI/DpO7ga6Ftvq+q0p0i0K9dD7kJ8Eo8yByrWDFSVLwRCJgVM4Uf08794ZW
2a44L5FPMWcEEHAjB6HvGsvSBma/txdFqsm1YWHxRETd14AX/+TspNnfHhOWBLRT
+0W0t/ceR9MD55Yvc2T9tx1lSGGYHDP0f99zl+XlGxCY
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:08:42 2025 by rpki-client