Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LUxGZs_8OkDkwMaPBDo7gQBFwig.roa
File: LUxGZs_8OkDkwMaPBDo7gQBFwig.roa (raw, json)
Hash identifier: VkxX3qA6TnxSzRS/LwO14JPIFTh2CypxrDTrmMF7Qdw=
Subject key identifier: 2D:4C:46:66:CF:FC:3A:40:E4:C0:C6:8F:04:3A:3B:81:00:45:C2:28
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2F7FD578CE828EF53B4F2C7EDF3AF
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LUxGZs_8OkDkwMaPBDo7gQBFwig.roa
Signing time: Thu 02 Jan 2025 01:48:16 +0000
ROA not before: Thu 02 Jan 2025 01:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199558
IP address blocks: 85.254.144.0/24 maxlen: 24
159.148.27.0/24 maxlen: 24
159.148.89.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.233.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:f7:fd:57:8c:e8:28:ef:53:b4:f2:c7:ed:f3:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d4c4666cffc3a40e4c0c68f043a3b810045c228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:4d:8a:d7:a6:0b:b2:ae:98:3e:4e:cd:a9:00:
a2:85:24:3f:2d:76:8a:a5:8f:5c:aa:9a:e9:df:28:
e2:c9:af:3f:d0:76:69:d7:23:90:40:42:78:79:2e:
11:36:d4:4d:d9:f0:60:7a:83:8c:73:72:fe:1d:23:
9b:0d:c2:04:00:7b:b2:e2:f7:3d:76:5f:ed:1f:3c:
ea:5d:9d:51:48:57:6c:6c:2b:ea:79:c6:6b:83:a0:
bd:b2:9c:c5:6e:fd:63:81:fb:b9:37:f6:cc:90:6f:
8d:f6:8e:2b:80:5a:dc:f2:d2:ed:7f:fd:ba:dc:b0:
3d:f9:f8:8d:3e:93:b3:84:2a:ce:d4:2d:44:1f:ef:
af:18:b7:b6:68:e9:77:ff:c7:c1:11:d2:5d:61:00:
3a:5a:96:23:c5:57:bd:ae:5d:97:3c:71:5e:1c:e2:
a6:34:bf:c3:0e:0b:80:08:14:54:1e:2b:79:95:42:
98:8e:5f:98:03:f3:ba:a7:ff:62:d2:7d:60:26:bc:
76:c1:0c:54:e0:b2:8a:cf:83:c5:08:e2:be:20:92:
b2:13:0e:f0:d2:d4:2e:bd:9c:7f:00:3e:6f:e4:24:
f8:53:61:83:78:8e:ac:26:ea:11:24:e8:92:d8:78:
3c:51:5e:29:8f:bb:44:99:e7:f9:6b:a5:63:a2:5b:
c1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:4C:46:66:CF:FC:3A:40:E4:C0:C6:8F:04:3A:3B:81:00:45:C2:28
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LUxGZs_8OkDkwMaPBDo7gQBFwig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.144.0/24
159.148.27.0/24
159.148.89.0/24
159.148.218.0/24
159.148.233.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:bd:ba:d6:98:3b:eb:85:87:18:5e:b2:a3:cd:70:d1:8b:f9:
8a:99:57:5d:27:9e:da:fb:20:0b:58:61:8d:80:eb:75:78:be:
8c:e8:1f:ca:a8:dd:a5:49:d6:2f:8d:c9:4e:a0:b3:f6:c9:d3:
e9:6c:a6:51:4a:68:95:e7:87:0e:c4:ec:43:3f:4e:10:2a:80:
22:25:57:25:d1:5e:b4:7d:13:cc:e1:38:9d:20:fc:79:c7:36:
e5:c4:5a:be:71:a7:29:f0:ef:4c:06:8e:6c:52:88:fb:98:32:
6d:47:2e:eb:82:cd:46:0e:ea:13:fd:c0:dc:52:0c:ac:60:b8:
97:04:6c:95:e2:f8:97:0f:3d:ce:31:91:b6:ea:e3:2c:28:9b:
02:6f:3a:70:fa:61:35:2e:68:ce:27:ad:40:a3:2d:39:6d:59:
48:5e:42:37:ea:e6:8b:9e:fd:76:e3:85:20:06:23:74:09:91:
14:9f:53:e7:d5:b5:f4:a5:f6:26:68:3b:ac:1b:f5:b4:f7:23:
dc:fa:7f:90:2e:7c:bf:4a:c5:57:fc:bf:11:4a:80:76:09:eb:
e2:cc:45:14:8c:8b:08:b5:3c:48:98:0e:60:ca:ca:c4:e0:8d:
21:11:34:5e:92:c4:f3:4a:57:09:a0:db:73:4f:59:dd:4e:53:
27:54:56:e2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQksvf9V4zoKO9TtPLH7fOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDRjNDY2NmNmZmMzYTQwZTRjMGM2OGYwNDNhM2I4MTAwNDVjMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1k2K16YLsq6YPk7NqQCihSQ/LXaK
pY9cqprp3yjiya8/0HZp1yOQQEJ4eS4RNtRN2fBgeoOMc3L+HSObDcIEAHuy4vc9
dl/tHzzqXZ1RSFdsbCvqecZrg6C9spzFbv1jgfu5N/bMkG+N9o4rgFrc8tLtf/26
3LA9+fiNPpOzhCrO1C1EH++vGLe2aOl3/8fBEdJdYQA6WpYjxVe9rl2XPHFeHOKm
NL/DDguACBRUHit5lUKYjl+YA/O6p/9i0n1gJrx2wQxU4LKKz4PFCOK+IJKyEw7w
0tQuvZx/AD5v5CT4U2GDeI6sJuoRJOiS2Hg8UV4pj7tEmef5a6VjolvBDQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC1MRmbP/DpA5MDGjwQ6O4EARcIoMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvTFV4R1pzXzhPa0Rrd01hUEJEbzdnUUJGd2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVf6QAwQA
n5QbAwQAn5RZAwQAn5TaAwQAn5TpMA0GCSqGSIb3DQEBCwUAA4IBAQC6vbrWmDvr
hYcYXrKjzXDRi/mKmVddJ57a+yALWGGNgOt1eL6M6B/KqN2lSdYvjclOoLP2ydPp
bKZRSmiV54cOxOxDP04QKoAiJVcl0V60fRPM4TidIPx5xzblxFq+cacp8O9MBo5s
Uoj7mDJtRy7rgs1GDuoT/cDcUgysYLiXBGyV4viXDz3OMZG26uMsKJsCbzpw+mE1
LmjOJ61Aoy05bVlIXkI36uaLnv1244UgBiN0CZEUn1Pn1bX0pfYmaDusG/W09yPc
+n+QLny/SsVX/L8RSoB2CevizEUUjIsItTxImA5gysrE4I0hETReksTzSlcJoNtz
T1ndTlMnVFbi
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:03 2025 by rpki-client