Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/1994da-fbd0-4333-b419-e56fbe3a512a/1/lgoYNMZVaSOoUe2P1JUR84nKgZQ.roa
File: lgoYNMZVaSOoUe2P1JUR84nKgZQ.roa (raw, json)
Hash identifier: RbXEdSF2kd/LocKNttPnO0lybcwB65KCPnWOlRcAMrc=
Subject key identifier: 96:0A:18:34:C6:55:69:23:A8:51:ED:8F:D4:95:11:F3:89:CA:81:94
Certificate issuer: /CN=ad4955f1cdbde7ed9e69de11dea5c560f60456a9
Certificate serial: 01856ECB7F72600EE797230C12A82EE723B7
Authority key identifier: AD:49:55:F1:CD:BD:E7:ED:9E:69:DE:11:DE:A5:C5:60:F6:04:56:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rUlV8c295-2ead4R3qXFYPYEVqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/1994da-fbd0-4333-b419-e56fbe3a512a/1/lgoYNMZVaSOoUe2P1JUR84nKgZQ.roa
Signing time: Sun 01 Jan 2023 19:25:08 +0000
ROA not before: Sun 01 Jan 2023 19:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213122
IP address blocks: 194.49.68.0/24 maxlen: 24
194.49.69.0/24 maxlen: 24
194.49.78.0/24 maxlen: 24
194.49.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:7f:72:60:0e:e7:97:23:0c:12:a8:2e:e7:23:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad4955f1cdbde7ed9e69de11dea5c560f60456a9
Validity
Not Before: Jan 1 19:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=960a1834c6556923a851ed8fd49511f389ca8194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:50:14:5e:69:ee:6a:04:0d:06:a7:4e:71:a0:
18:35:73:2b:80:94:26:b2:95:b6:70:fb:81:c2:70:
05:28:c5:ca:c1:ad:23:e3:0f:09:1b:e6:3e:a1:60:
42:27:e0:7a:e6:cb:5c:93:17:21:cd:d2:20:50:36:
dc:9f:37:6b:d5:e9:da:da:a2:58:18:35:9c:bd:43:
62:55:82:ae:1a:8e:25:fd:9f:98:99:71:30:5b:1e:
b6:09:86:d4:33:f3:4a:ae:6e:f7:2c:10:7a:10:02:
48:17:7a:ee:c7:61:73:43:a7:10:e5:2f:3e:e6:e2:
e7:30:68:01:0a:fa:78:1f:1e:b3:e2:0d:f7:20:64:
7c:5e:64:1c:47:84:02:6d:e3:95:be:9e:25:13:42:
e6:39:be:f8:1b:ce:2e:74:06:5a:b5:97:c9:14:f4:
de:fe:42:0b:3c:4a:82:6a:81:4b:5d:72:09:3e:22:
f9:3d:83:cf:ea:33:31:73:2f:4c:f8:b6:b7:0b:0d:
84:13:ad:cd:24:2c:14:11:3e:e7:e8:bc:1e:02:fe:
fa:83:e8:8d:94:30:18:6b:37:e9:8c:77:be:9c:af:
97:e4:65:0e:ad:a2:3e:71:d7:f3:82:68:c9:d4:3f:
6a:9f:a6:55:02:c8:89:1e:e1:e1:44:ca:cf:b8:26:
1f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0A:18:34:C6:55:69:23:A8:51:ED:8F:D4:95:11:F3:89:CA:81:94
X509v3 Authority Key Identifier:
keyid:AD:49:55:F1:CD:BD:E7:ED:9E:69:DE:11:DE:A5:C5:60:F6:04:56:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rUlV8c295-2ead4R3qXFYPYEVqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/1994da-fbd0-4333-b419-e56fbe3a512a/1/lgoYNMZVaSOoUe2P1JUR84nKgZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/1994da-fbd0-4333-b419-e56fbe3a512a/1/rUlV8c295-2ead4R3qXFYPYEVqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.68.0/23
194.49.78.0/23
Signature Algorithm: sha256WithRSAEncryption
60:74:c5:43:f2:25:b7:c4:76:77:e0:02:2d:29:12:f8:9b:bd:
17:2d:7a:94:dd:2e:d3:08:63:a7:33:70:70:44:98:f1:d1:9b:
57:40:20:c7:b5:53:87:f8:e8:07:ea:64:ea:c7:92:05:da:25:
a9:b2:7a:e8:c3:7f:ef:cd:e0:fd:7e:57:e5:4d:8d:6b:f0:3a:
78:23:aa:74:e6:e7:97:7c:5c:3c:ca:a2:52:1a:f8:48:90:01:
7a:f0:60:d5:51:b1:62:ca:98:e6:a5:f4:f5:ca:b7:70:13:83:
07:5d:c1:3b:71:7c:cd:d8:bf:98:e3:6c:fd:6b:eb:40:b4:20:
18:e8:46:1e:74:53:73:d7:26:26:71:e6:e2:68:e5:47:54:10:
26:d7:f6:72:f7:96:b5:9b:5b:c2:1a:3c:74:69:c3:29:ba:54:
d7:89:06:9e:cf:80:89:96:f8:7f:17:b3:6e:f4:56:31:3b:77:
3e:d5:98:0e:88:fc:52:7f:c0:cb:0c:2c:2c:87:6f:b1:e2:30:
e6:47:bc:e7:c6:14:c4:a5:ce:dc:58:07:2d:02:25:7d:fd:b9:
b4:a5:46:ad:29:bb:8c:03:fe:b7:dc:50:43:9a:e1:57:f4:b3:
cc:62:e7:66:f6:b7:08:52:29:84:8a:c4:0e:00:15:0e:e1:20:
40:ad:f7:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuy39yYA7nlyMMEqgu5yO3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNDk1NWYxY2RiZGU3ZWQ5ZTY5ZGUxMWRlYTVjNTYwZjYw
NDU2YTkwHhcNMjMwMTAxMTkyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjBhMTgzNGM2NTU2OTIzYTg1MWVkOGZkNDk1MTFmMzg5Y2E4MTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVAUXmnuagQNBqdOcaAYNXMrgJQm
spW2cPuBwnAFKMXKwa0j4w8JG+Y+oWBCJ+B65stckxchzdIgUDbcnzdr1ena2qJY
GDWcvUNiVYKuGo4l/Z+YmXEwWx62CYbUM/NKrm73LBB6EAJIF3rux2FzQ6cQ5S8+
5uLnMGgBCvp4Hx6z4g33IGR8XmQcR4QCbeOVvp4lE0LmOb74G84udAZatZfJFPTe
/kILPEqCaoFLXXIJPiL5PYPP6jMxcy9M+La3Cw2EE63NJCwUET7n6LweAv76g+iN
lDAYazfpjHe+nK+X5GUOraI+cdfzgmjJ1D9qn6ZVAsiJHuHhRMrPuCYfhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJYKGDTGVWkjqFHtj9SVEfOJyoGUMB8GA1UdIwQY
MBaAFK1JVfHNveftnmneEd6lxWD2BFapMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclVsVjhjMjk1LTJlYWQ0UjNxWEZZUFlFVnFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8xOTk0ZGEtZmJkMC00MzMzLWI0MTkt
ZTU2ZmJlM2E1MTJhLzEvbGdvWU5NWlZhU09vVWUyUDFKVVI4NG5LZ1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8xOTk0ZGEtZmJkMC00MzMzLWI0MTktZTU2ZmJlM2E1MTJh
LzEvclVsVjhjMjk1LTJlYWQ0UjNxWEZZUFlFVnFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwjFEAwQB
wjFOMA0GCSqGSIb3DQEBCwUAA4IBAQBgdMVD8iW3xHZ34AItKRL4m70XLXqU3S7T
CGOnM3BwRJjx0ZtXQCDHtVOH+OgH6mTqx5IF2iWpsnrow3/vzeD9flflTY1r8Dp4
I6p05ueXfFw8yqJSGvhIkAF68GDVUbFiypjmpfT1yrdwE4MHXcE7cXzN2L+Y42z9
a+tAtCAY6EYedFNz1yYmcebiaOVHVBAm1/Zy95a1m1vCGjx0acMpulTXiQaez4CJ
lvh/F7Nu9FYxO3c+1ZgOiPxSf8DLDCwsh2+x4jDmR7znxhTEpc7cWActAiV9/bm0
pUatKbuMA/633FBDmuFX9LPMYudm9rcIUimEisQOABUO4SBArfds
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:41 2025 by rpki-client