Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/sFxhOh1PlCNNPaAQedPBLR7rPuc.roa
File: sFxhOh1PlCNNPaAQedPBLR7rPuc.roa (raw, json)
Hash identifier: vfIIhwyxG18L5/cjteWvpMiwzteNdc0nLyk3uUG6qQY=
Subject key identifier: B0:5C:61:3A:1D:4F:94:23:4D:3D:A0:10:79:D3:C1:2D:1E:EB:3E:E7
Certificate issuer: /CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Certificate serial: 019421B1B272D9527942A5F1C287D037F7B7
Authority key identifier: EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/sFxhOh1PlCNNPaAQedPBLR7rPuc.roa
Signing time: Wed 01 Jan 2025 11:48:01 +0000
ROA not before: Wed 01 Jan 2025 11:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48671
IP address blocks: 89.38.232.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:b2:72:d9:52:79:42:a5:f1:c2:87:d0:37:f7:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Validity
Not Before: Jan 1 11:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b05c613a1d4f94234d3da01079d3c12d1eeb3ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:94:57:aa:05:75:c6:7c:99:27:d7:e0:e2:e8:
9f:e2:fa:6c:08:d9:23:2f:47:34:46:20:41:48:11:
99:c7:c2:ad:0c:6a:3b:11:2a:e5:e4:6c:4c:87:a3:
dd:c8:d8:22:31:8e:74:b1:7d:76:d4:9b:c3:45:e7:
21:31:22:47:75:30:90:e9:66:90:37:57:3c:de:1b:
b6:f7:9e:58:72:45:f3:28:40:eb:d0:bf:01:a6:3d:
ce:16:e8:ed:7e:bb:b8:eb:2c:ae:b7:9f:fe:3e:bc:
96:3e:e8:f9:a5:f4:5f:d8:12:01:0d:25:42:7c:7a:
57:12:f2:8d:5f:74:e1:00:d7:2c:47:23:a6:aa:03:
3b:a7:59:60:d2:1c:c8:23:9a:f7:fe:5b:31:63:41:
20:b9:ec:a8:ca:c7:4b:b4:1d:58:91:cb:e7:12:5d:
10:c6:1c:fb:a5:00:50:ce:60:7e:be:f4:75:cf:6d:
11:ec:a5:4f:c2:67:f4:57:cd:bd:f9:41:ea:26:27:
96:68:86:0d:23:8b:64:da:db:09:ef:5f:42:3e:13:
c6:bc:52:8a:bd:27:cc:a3:42:08:45:2d:7f:c3:df:
ff:d5:3f:7c:80:6b:47:a7:5b:18:5b:9a:5f:a4:ec:
ea:f2:6c:17:64:81:41:96:b5:cc:4e:d0:6a:52:e6:
5d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:5C:61:3A:1D:4F:94:23:4D:3D:A0:10:79:D3:C1:2D:1E:EB:3E:E7
X509v3 Authority Key Identifier:
keyid:EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/sFxhOh1PlCNNPaAQedPBLR7rPuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.232.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:e2:63:6e:77:78:54:5e:24:c7:54:ab:a5:3b:82:b3:4a:04:
ea:43:7f:f9:09:88:8d:d6:28:95:e6:64:b7:7e:23:12:10:b8:
07:6b:d7:dc:32:69:8f:60:d3:f0:b2:a5:c1:7c:e8:92:2b:96:
3c:e2:01:63:b2:bd:ef:83:8a:bc:ed:75:b7:05:ee:3b:67:9c:
8b:d8:64:3f:81:af:d1:af:c7:61:91:39:3b:1b:bf:12:2d:96:
f3:a5:27:4b:80:d0:c6:ef:1b:06:bb:cb:85:d9:46:f5:1a:22:
50:5b:6e:b4:77:46:93:c1:00:4f:f6:44:80:03:53:d2:73:3e:
1c:a4:0d:a0:64:da:4d:b3:af:88:e6:ec:c1:c9:fb:e5:c8:0e:
e6:e3:1f:45:f4:75:3e:14:9e:7f:45:e0:7d:66:68:90:b0:d9:
0e:df:1b:38:14:ab:9e:46:69:66:c8:95:6c:36:56:16:ac:01:
e5:94:44:66:99:31:3d:c4:3c:c1:46:43:6e:06:c8:a0:8d:60:
8a:1c:cc:ca:e1:41:c1:d4:aa:5d:51:b7:95:18:a0:69:4d:3b:
ce:49:8b:45:93:73:35:7d:54:f5:59:87:a0:cf:80:62:8a:81:
f3:87:66:d3:a0:a2:a4:01:70:0e:5a:d5:09:99:ea:2c:ac:5f:
60:78:f1:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsbJy2VJ5QqXxwofQN/e3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjQyZTgwNjAyYWVkZjU4YTNjN2E4MTg4M2MxYTM0ZjY5
ZDJmYjQwHhcNMjUwMTAxMTE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDVjNjEzYTFkNGY5NDIzNGQzZGEwMTA3OWQzYzEyZDFlZWIzZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5RXqgV1xnyZJ9fg4uif4vpsCNkj
L0c0RiBBSBGZx8KtDGo7ESrl5GxMh6PdyNgiMY50sX121JvDRechMSJHdTCQ6WaQ
N1c83hu2955YckXzKEDr0L8Bpj3OFujtfru46yyut5/+PryWPuj5pfRf2BIBDSVC
fHpXEvKNX3ThANcsRyOmqgM7p1lg0hzII5r3/lsxY0EgueyoysdLtB1YkcvnEl0Q
xhz7pQBQzmB+vvR1z20R7KVPwmf0V829+UHqJieWaIYNI4tk2tsJ719CPhPGvFKK
vSfMo0IIRS1/w9//1T98gGtHp1sYW5pfpOzq8mwXZIFBlrXMTtBqUuZdEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBcYTodT5QjTT2gEHnTwS0e6z7nMB8GA1UdIwQY
MBaAFOv0LoBgKu31ijx6gYg8GjT2nS+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2Mt
MTkwM2VkYWZhOGJmLzEvc0Z4aE9oMVBsQ05OUGFBUWVkUEJMUjdyUHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2MtMTkwM2VkYWZhOGJm
LzEvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSboMA0G
CSqGSIb3DQEBCwUAA4IBAQCh4mNud3hUXiTHVKulO4KzSgTqQ3/5CYiN1iiV5mS3
fiMSELgHa9fcMmmPYNPwsqXBfOiSK5Y84gFjsr3vg4q87XW3Be47Z5yL2GQ/ga/R
r8dhkTk7G78SLZbzpSdLgNDG7xsGu8uF2Ub1GiJQW260d0aTwQBP9kSAA1PScz4c
pA2gZNpNs6+I5uzByfvlyA7m4x9F9HU+FJ5/ReB9ZmiQsNkO3xs4FKueRmlmyJVs
NlYWrAHllERmmTE9xDzBRkNuBsigjWCKHMzK4UHB1KpdUbeVGKBpTTvOSYtFk3M1
fVT1WYegz4BiioHzh2bToKKkAXAOWtUJmeosrF9gePF5
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:34 2025 by rpki-client on console.sobornost.net