Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/f8paUaXIC4q8vKzG0-9YPPmQYos.roa
File: f8paUaXIC4q8vKzG0-9YPPmQYos.roa (raw, json)
Hash identifier: qu2vjt97YOhoMN5ODBJU70tUxeO85HFeHiC5U9AETXs=
Subject key identifier: 7F:CA:5A:51:A5:C8:0B:8A:BC:BC:AC:C6:D3:EF:58:3C:F9:90:62:8B
Certificate issuer: /CN=764f8daadf1d775d59d1502b573901b875513b56
Certificate serial: 01869895E47F40BB12FFF638513D642377EB
Authority key identifier: 76:4F:8D:AA:DF:1D:77:5D:59:D1:50:2B:57:39:01:B8:75:51:3B:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/f8paUaXIC4q8vKzG0-9YPPmQYos.roa
Signing time: Tue 28 Feb 2023 15:13:25 +0000
ROA not before: Tue 28 Feb 2023 15:13:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 89.23.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:95:e4:7f:40:bb:12:ff:f6:38:51:3d:64:23:77:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=764f8daadf1d775d59d1502b573901b875513b56
Validity
Not Before: Feb 28 15:13:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fca5a51a5c80b8abcbcacc6d3ef583cf990628b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7c:46:e3:e6:12:06:0c:47:2f:f8:57:a4:a0:
33:e0:4b:e0:aa:54:e5:d4:ca:a7:7b:10:88:b1:58:
12:79:12:39:06:15:ba:7d:b8:53:04:2d:dc:47:cf:
10:d1:75:00:54:13:86:90:61:69:0f:43:d3:d2:9a:
8e:a8:20:47:0d:d2:20:6e:7c:ee:c9:5b:be:81:cc:
b9:79:f1:21:f8:71:17:57:ea:98:0c:ed:2f:b3:c4:
c6:68:7e:54:52:47:cb:e0:73:d3:78:82:74:39:36:
09:db:3d:82:ed:45:e8:f7:64:f6:0d:c2:03:9b:2f:
3d:91:85:29:94:d7:5b:88:82:7b:c5:be:99:54:68:
32:fb:75:71:fe:27:54:8f:e9:d3:0e:6e:c6:bb:89:
3c:4c:a4:b3:a5:9a:4e:d5:d0:e4:04:46:99:a8:3b:
a7:fe:da:a4:ce:7a:4d:80:33:a4:4a:30:d0:06:46:
97:d6:bb:a0:9e:67:e5:05:b5:e4:d5:50:af:6f:27:
64:fd:c7:3b:0b:45:53:d9:0d:74:b0:54:69:cf:27:
49:38:b7:24:49:7f:ad:1b:22:ca:25:d6:48:17:bd:
b0:41:a0:cf:93:9c:99:36:a8:66:f4:29:f2:20:e6:
79:d0:3e:6a:e9:c5:de:c0:bb:76:8c:36:b2:9d:5a:
95:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:CA:5A:51:A5:C8:0B:8A:BC:BC:AC:C6:D3:EF:58:3C:F9:90:62:8B
X509v3 Authority Key Identifier:
keyid:76:4F:8D:AA:DF:1D:77:5D:59:D1:50:2B:57:39:01:B8:75:51:3B:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/f8paUaXIC4q8vKzG0-9YPPmQYos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/7b92bf-011b-44a7-8382-bfb2b8815e49/1/dk-Nqt8dd11Z0VArVzkBuHVRO1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.86.0/24
Signature Algorithm: sha256WithRSAEncryption
90:f3:87:4d:17:72:18:c6:b6:34:a6:1b:44:36:f6:0e:95:4b:
76:ea:1e:4b:81:dd:cd:46:57:76:ef:47:10:cb:be:b1:ef:b0:
c0:3f:b1:d2:e5:fc:d8:1d:95:f4:3b:19:80:92:7a:29:3d:7c:
32:23:f7:27:59:eb:7b:d0:40:a0:09:cb:82:79:ef:e5:43:1b:
69:75:54:6c:01:e3:81:dc:5c:1f:1a:8b:e1:c6:1d:05:78:a3:
67:aa:10:3a:11:e9:d1:2c:fa:a1:3c:be:09:60:cc:43:ea:7a:
60:13:8b:12:52:70:e3:d4:b1:a8:da:ad:aa:91:f7:0e:28:20:
c2:4e:2b:0a:fa:7f:44:d1:c4:fb:a9:43:e0:b5:5c:a6:95:07:
a3:4a:99:5d:0f:b3:f8:81:19:b4:bf:2b:db:d3:f5:8c:07:35:
79:61:fb:1c:92:1a:ad:1b:2c:fb:61:05:f4:4f:87:73:05:ae:
9b:ed:60:02:d0:22:cf:45:7d:d1:3b:27:3d:65:2a:d7:33:e5:
19:14:54:f3:6e:72:7a:ef:a2:43:4f:9e:e6:3a:88:80:ee:f1:
50:31:d1:4f:7f:33:05:92:af:63:ef:e9:c2:98:e0:9d:fd:6f:
db:4f:e9:38:79:0d:bc:6f:ae:d8:f7:15:b9:cf:db:46:2a:de:
c6:d7:f7:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaYleR/QLsS//Y4UT1kI3frMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NGY4ZGFhZGYxZDc3NWQ1OWQxNTAyYjU3MzkwMWI4NzU1
MTNiNTYwHhcNMjMwMjI4MTUxMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmNhNWE1MWE1YzgwYjhhYmNiY2FjYzZkM2VmNTgzY2Y5OTA2MjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHxG4+YSBgxHL/hXpKAz4EvgqlTl
1MqnexCIsVgSeRI5BhW6fbhTBC3cR88Q0XUAVBOGkGFpD0PT0pqOqCBHDdIgbnzu
yVu+gcy5efEh+HEXV+qYDO0vs8TGaH5UUkfL4HPTeIJ0OTYJ2z2C7UXo92T2DcID
my89kYUplNdbiIJ7xb6ZVGgy+3Vx/idUj+nTDm7Gu4k8TKSzpZpO1dDkBEaZqDun
/tqkznpNgDOkSjDQBkaX1rugnmflBbXk1VCvbydk/cc7C0VT2Q10sFRpzydJOLck
SX+tGyLKJdZIF72wQaDPk5yZNqhm9CnyIOZ50D5q6cXewLt2jDaynVqVsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/KWlGlyAuKvLysxtPvWDz5kGKLMB8GA1UdIwQY
MBaAFHZPjarfHXddWdFQK1c5Abh1UTtWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGstTnF0OGRkMTFaMFZBclZ6a0J1SFZSTzFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83YjkyYmYtMDExYi00NGE3LTgzODIt
YmZiMmI4ODE1ZTQ5LzEvZjhwYVVhWElDNHE4dkt6RzAtOVlQUG1RWW9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83YjkyYmYtMDExYi00NGE3LTgzODItYmZiMmI4ODE1ZTQ5
LzEvZGstTnF0OGRkMTFaMFZBclZ6a0J1SFZSTzFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdWMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ84dNF3IYxrY0phtENvYOlUt26h5Lgd3NRld270cQ
y76x77DAP7HS5fzYHZX0OxmAknopPXwyI/cnWet70ECgCcuCee/lQxtpdVRsAeOB
3FwfGovhxh0FeKNnqhA6EenRLPqhPL4JYMxD6npgE4sSUnDj1LGo2q2qkfcOKCDC
TisK+n9E0cT7qUPgtVymlQejSpldD7P4gRm0vyvb0/WMBzV5YfsckhqtGyz7YQX0
T4dzBa6b7WAC0CLPRX3ROyc9ZSrXM+UZFFTzbnJ676JDT57mOoiA7vFQMdFPfzMF
kq9j7+nCmOCd/W/bT+k4eQ28b67Y9xW5z9tGKt7G1/dx
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:35:13 2025 by rpki-client