Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/Lhc4yA3jd8j7g6n7KG81PHwkNHA.roa
File: Lhc4yA3jd8j7g6n7KG81PHwkNHA.roa (raw, json)
Hash identifier: RY0G2x4F2FmW8VJCMd43Nl3qoENwRZMQ0FWtUZlg72M=
Subject key identifier: 2E:17:38:C8:0D:E3:77:C8:FB:83:A9:FB:28:6F:35:3C:7C:24:34:70
Certificate issuer: /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Certificate serial: 01941FFA2A3DB83C98A997C44330DE08E94D
Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/Lhc4yA3jd8j7g6n7KG81PHwkNHA.roa
Signing time: Wed 01 Jan 2025 03:47:56 +0000
ROA not before: Wed 01 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60064
IP address blocks: 185.114.35.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2a:3d:b8:3c:98:a9:97:c4:43:30:de:08:e9:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Validity
Not Before: Jan 1 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e1738c80de377c8fb83a9fb286f353c7c243470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:58:97:21:7e:49:50:9c:ec:e8:62:1c:8f:90:
59:d2:48:b0:2e:b0:3f:17:37:53:d5:18:47:b5:1b:
55:90:7f:44:0a:3a:17:40:80:5b:2a:3f:30:d4:a9:
2d:2e:5c:18:e2:d0:98:88:86:ce:d7:22:be:47:4a:
54:fe:e3:88:ca:61:1a:14:2a:1e:cc:86:13:dc:41:
ed:7d:22:ab:70:be:42:6a:79:74:81:7d:9c:1a:7a:
ea:60:92:47:c2:a3:b5:c0:14:b3:a1:78:19:a0:58:
2e:39:ea:1a:67:dd:f1:bb:25:c3:d4:a4:00:ac:f8:
f9:cd:55:72:f0:d5:cd:33:c4:36:4f:89:f4:2d:ae:
ca:95:d9:94:77:26:c7:08:20:f2:51:49:33:e7:1d:
6b:8a:87:7f:a4:b8:56:7d:06:18:6d:bc:7b:00:35:
d8:00:df:30:b0:2f:96:bd:12:d2:e4:15:16:f3:d7:
95:43:ff:f7:da:29:a9:3e:04:16:82:ec:17:90:17:
29:32:bb:ab:18:f2:b2:3c:0a:ea:44:d3:89:89:e0:
87:e1:b7:80:41:44:64:6d:36:96:e8:01:6a:f8:6b:
95:0f:c4:5c:a5:b1:c3:f3:bf:ac:ea:35:d4:19:b7:
c6:18:91:cc:60:82:c5:b2:84:a6:e0:49:b7:9e:87:
6c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:17:38:C8:0D:E3:77:C8:FB:83:A9:FB:28:6F:35:3C:7C:24:34:70
X509v3 Authority Key Identifier:
keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/Lhc4yA3jd8j7g6n7KG81PHwkNHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.35.0/24
Signature Algorithm: sha256WithRSAEncryption
89:b8:24:64:45:c3:a4:3f:23:09:60:8d:1d:44:e1:ec:bc:e5:
15:b7:a8:fd:52:9b:d0:b3:d8:74:53:59:e3:48:03:5b:67:7b:
d2:b3:17:1d:51:79:2a:be:56:9b:d6:dd:13:56:0b:93:32:a2:
9e:37:9e:5a:cf:04:e3:08:83:b9:b0:a7:3a:bb:4e:81:34:d4:
22:33:c0:79:e9:56:9f:14:ee:b0:15:df:9f:d0:42:e2:0d:12:
89:ad:a6:74:00:bb:3f:4b:d6:23:92:c8:0b:31:3c:60:96:2e:
40:ff:b4:e1:2e:9b:c9:c4:a2:e5:6f:91:00:b0:e9:10:48:b2:
36:e4:c3:70:87:22:54:a2:6d:7f:5c:21:9c:4c:11:56:d1:89:
f5:87:66:bf:cf:ac:2f:74:4a:0a:3c:76:9e:da:e4:26:46:17:
4d:e0:9c:43:c6:09:4d:3d:3b:90:9c:6d:b7:cc:2b:6c:b1:7a:
f1:e5:86:d3:b9:2e:cd:dc:d0:ec:8e:d4:b5:26:9f:ea:5c:a0:
af:68:d6:a6:da:9c:c9:79:43:8b:a3:8d:9d:4a:35:46:75:bf:
07:c1:9d:68:8b:53:cc:69:64:36:64:31:38:42:e4:71:84:87:
1d:2b:3f:8a:1b:a5:b9:af:67:4c:56:2b:ee:ef:aa:c4:31:de:
09:cf:a2:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+io9uDyYqZfEQzDeCOlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTRhN2UyYThjNzAxMjMyNWFlOTczZWQxYTJiYmEwNWIy
YmI5YzEwHhcNMjUwMTAxMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTE3MzhjODBkZTM3N2M4ZmI4M2E5ZmIyODZmMzUzYzdjMjQzNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjliXIX5JUJzs6GIcj5BZ0kiwLrA/
FzdT1RhHtRtVkH9ECjoXQIBbKj8w1KktLlwY4tCYiIbO1yK+R0pU/uOIymEaFCoe
zIYT3EHtfSKrcL5Canl0gX2cGnrqYJJHwqO1wBSzoXgZoFguOeoaZ93xuyXD1KQA
rPj5zVVy8NXNM8Q2T4n0La7KldmUdybHCCDyUUkz5x1riod/pLhWfQYYbbx7ADXY
AN8wsC+WvRLS5BUW89eVQ//32impPgQWguwXkBcpMrurGPKyPArqRNOJieCH4beA
QURkbTaW6AFq+GuVD8RcpbHD87+s6jXUGbfGGJHMYILFsoSm4Em3nodsZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4XOMgN43fI+4Op+yhvNTx8JDRwMB8GA1UdIwQY
MBaAFBIUp+KoxwEjJa6XPtGiu6BbK7nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQt
ZTljMzY0OWMxMjE4LzEvTGhjNHlBM2pkOGo3ZzZuN0tHODFQSHdrTkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQtZTljMzY0OWMxMjE4
LzEvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXIjMA0G
CSqGSIb3DQEBCwUAA4IBAQCJuCRkRcOkPyMJYI0dROHsvOUVt6j9UpvQs9h0U1nj
SANbZ3vSsxcdUXkqvlab1t0TVguTMqKeN55azwTjCIO5sKc6u06BNNQiM8B56Vaf
FO6wFd+f0ELiDRKJraZ0ALs/S9YjksgLMTxgli5A/7ThLpvJxKLlb5EAsOkQSLI2
5MNwhyJUom1/XCGcTBFW0Yn1h2a/z6wvdEoKPHae2uQmRhdN4JxDxglNPTuQnG23
zCtssXrx5YbTuS7N3NDsjtS1Jp/qXKCvaNam2pzJeUOLo42dSjVGdb8HwZ1oi1PM
aWQ2ZDE4QuRxhIcdKz+KG6W5r2dMVivu76rEMd4Jz6IC
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:18:54 2025 by rpki-client