Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LYljiu_x1vvuP2RP_zVP0_4uyg0.roa
File: LYljiu_x1vvuP2RP_zVP0_4uyg0.roa (raw, json)
Hash identifier: 1jX4iUQ0AqD2PShDswu1sL1RSuntvh/XBs4VQj6Gd/I=
Subject key identifier: 2D:89:63:8A:EF:F1:D6:FB:EE:3F:64:4F:FF:35:4F:D3:FE:2E:CA:0D
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019424B2E9894A2815BC1C974F5770F5421F
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LYljiu_x1vvuP2RP_zVP0_4uyg0.roa
Signing time: Thu 02 Jan 2025 01:48:12 +0000
ROA not before: Thu 02 Jan 2025 01:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 89.191.96.0/20 maxlen: 20
89.191.124.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:e9:89:4a:28:15:bc:1c:97:4f:57:70:f5:42:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 01:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d89638aeff1d6fbee3f644fff354fd3fe2eca0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f1:17:b0:03:92:c0:8b:f7:30:6f:92:5e:00:
c7:ce:8e:ed:3d:a7:4b:cc:bf:18:37:8a:3e:01:02:
03:a5:8c:e4:bf:b9:21:fc:29:38:80:ef:ca:da:c2:
86:87:ae:a9:40:16:73:f6:2a:8f:2c:08:13:37:91:
02:a9:e9:87:e3:43:0d:e1:a5:e1:8b:f6:ab:c0:83:
62:e0:6b:20:fd:40:c1:ff:3a:c9:04:44:be:97:4b:
96:15:cb:17:c4:04:5e:b9:f5:ad:fc:c6:12:32:6f:
c8:d4:41:88:b6:63:9d:95:5b:43:14:92:e1:01:ac:
22:24:08:d8:e5:de:67:15:df:76:21:e5:23:57:ad:
80:8f:d1:b0:c5:0b:3c:94:d6:d1:28:4c:a7:47:ab:
7f:7b:92:86:58:5a:e2:b4:26:8a:d3:ac:14:2d:89:
f4:29:66:c0:11:cd:8b:65:d7:0b:ed:ea:b7:b2:82:
af:48:8a:39:7b:c3:c7:63:53:e0:63:86:ca:6c:3a:
26:1d:db:91:c3:28:f5:e3:90:ef:3a:30:15:56:60:
51:62:65:65:11:f7:d2:07:65:c6:b8:c8:a6:90:d4:
0a:af:df:19:d6:0c:02:c1:7c:87:bf:8e:23:11:db:
66:1a:70:59:dd:ef:dd:51:48:af:f6:57:95:32:63:
c7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:89:63:8A:EF:F1:D6:FB:EE:3F:64:4F:FF:35:4F:D3:FE:2E:CA:0D
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LYljiu_x1vvuP2RP_zVP0_4uyg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.191.96.0/20
89.191.124.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:ce:e5:7e:72:a9:65:13:75:b2:21:1f:d3:97:64:40:d7:d2:
8d:5c:eb:5d:48:2e:a0:2b:36:96:7f:10:34:af:61:fb:71:43:
8d:ab:e3:38:c8:20:fc:0f:1a:65:8c:b0:48:68:87:00:0e:cb:
7d:a8:3e:1d:fe:32:c6:e5:36:3a:bf:af:8c:09:25:b8:f2:0e:
30:0c:d3:60:10:ec:56:ac:83:06:b8:9f:68:ac:0a:c1:d1:b1:
6d:5e:b9:8c:74:04:3b:69:6a:45:80:ed:7e:58:c0:cf:89:c5:
9e:1e:36:15:8e:6f:78:8e:f5:f5:02:02:7e:45:69:ec:93:c8:
e9:6c:37:8f:fe:8e:75:77:97:19:5e:3b:24:d8:6a:90:2d:4f:
82:bc:60:78:b8:2a:c2:30:56:72:e2:b3:bb:e5:e5:b3:5d:5e:
50:5a:4f:96:6c:7f:24:ee:92:91:05:d5:45:41:36:fd:47:59:
39:93:51:65:dc:16:17:eb:f7:c4:e8:ca:67:7b:e4:6b:67:9e:
6e:c3:f9:ad:02:05:c1:1b:7b:fc:6c:aa:4f:31:ca:c2:c7:c0:
a5:76:48:31:35:28:ca:f5:34:09:e9:16:99:c3:a8:ba:83:1b:
56:d3:db:82:34:3d:e0:2d:29:0d:90:71:b3:1c:94:80:ed:71:
ed:49:d7:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQksumJSigVvByXT1dw9UIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMTAyMDE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDg5NjM4YWVmZjFkNmZiZWUzZjY0NGZmZjM1NGZkM2ZlMmVjYTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvEXsAOSwIv3MG+SXgDHzo7tPadL
zL8YN4o+AQIDpYzkv7kh/Ck4gO/K2sKGh66pQBZz9iqPLAgTN5ECqemH40MN4aXh
i/arwINi4Gsg/UDB/zrJBES+l0uWFcsXxAReufWt/MYSMm/I1EGItmOdlVtDFJLh
AawiJAjY5d5nFd92IeUjV62Aj9GwxQs8lNbRKEynR6t/e5KGWFritCaK06wULYn0
KWbAEc2LZdcL7eq3soKvSIo5e8PHY1PgY4bKbDomHduRwyj145DvOjAVVmBRYmVl
EffSB2XGuMimkNQKr98Z1gwCwXyHv44jEdtmGnBZ3e/dUUiv9leVMmPHgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC2JY4rv8db77j9kT/81T9P+LsoNMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvTFlsaml1X3gxdnZ1UDJSUF96VlAwXzR1eWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWb9gAwQC
Wb98MA0GCSqGSIb3DQEBCwUAA4IBAQCPzuV+cqllE3WyIR/Tl2RA19KNXOtdSC6g
KzaWfxA0r2H7cUONq+M4yCD8DxpljLBIaIcADst9qD4d/jLG5TY6v6+MCSW48g4w
DNNgEOxWrIMGuJ9orArB0bFtXrmMdAQ7aWpFgO1+WMDPicWeHjYVjm94jvX1AgJ+
RWnsk8jpbDeP/o51d5cZXjsk2GqQLU+CvGB4uCrCMFZy4rO75eWzXV5QWk+WbH8k
7pKRBdVFQTb9R1k5k1Fl3BYX6/fE6Mpne+RrZ55uw/mtAgXBG3v8bKpPMcrCx8Cl
dkgxNSjK9TQJ6RaZw6i6gxtW09uCND3gLSkNkHGzHJSA7XHtSdeo
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:38 2025 by rpki-client