Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/lvyZzZ0oMePyMWlwy0XrO4z88uM.roa
File: lvyZzZ0oMePyMWlwy0XrO4z88uM.roa (raw, json)
Hash identifier: r4CIZVZVu9rJJBGcwlDp7IO/A6q0RdzdbEDYw+nKWDQ=
Subject key identifier: 96:FC:99:CD:9D:28:31:E3:F2:31:69:70:CB:45:EB:3B:8C:FC:F2:E3
Certificate issuer: /CN=63444210ea08ac529878d51917e3b30054d620d1
Certificate serial: 019425FDC5F5A2582BC21AA2FDAFAB8697BF
Authority key identifier: 63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/lvyZzZ0oMePyMWlwy0XrO4z88uM.roa
Signing time: Thu 02 Jan 2025 07:49:35 +0000
ROA not before: Thu 02 Jan 2025 07:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2.37.111.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:c5:f5:a2:58:2b:c2:1a:a2:fd:af:ab:86:97:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63444210ea08ac529878d51917e3b30054d620d1
Validity
Not Before: Jan 2 07:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96fc99cd9d2831e3f2316970cb45eb3b8cfcf2e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:42:df:ed:f0:35:d2:be:51:e1:9e:0e:79:65:
13:59:c5:6d:2c:a6:07:a8:35:47:05:7a:c8:23:43:
26:2c:07:71:5a:8c:7c:d8:a7:09:01:7e:dc:cf:e2:
29:2e:4c:af:c1:3d:97:80:51:b0:b8:d9:df:0f:45:
44:6d:59:d5:a2:6c:b1:88:15:6e:5b:5e:6e:8d:ef:
cf:5a:fe:ad:6f:36:2a:f8:22:1b:28:eb:ec:9e:65:
f0:08:73:39:b2:e8:f3:f2:4c:89:b6:99:35:b9:d1:
bc:36:b9:22:c9:f7:5a:b6:ae:af:9a:6a:e2:04:f6:
06:9c:bc:ea:37:36:be:cd:c6:2d:75:e8:7d:ff:18:
44:2d:f4:06:2b:56:57:3d:b1:6f:da:83:14:6e:12:
28:a9:e8:2d:58:f5:3f:82:63:22:11:eb:55:9d:2f:
6d:1f:b1:eb:8d:c1:84:d7:4c:c9:2c:2f:b1:5d:a3:
07:7a:e3:5c:08:dd:ce:f4:fe:05:e5:d7:96:89:5a:
06:71:08:cf:d2:42:fa:00:b3:c6:04:52:97:e1:6c:
4a:03:a2:05:f3:d6:33:e8:16:61:51:6f:6a:c5:5e:
db:9d:94:9d:cc:bf:9f:5e:9d:45:0b:8f:af:aa:a9:
3d:2d:85:78:e0:49:16:8b:13:b1:32:bc:1a:93:dd:
08:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:FC:99:CD:9D:28:31:E3:F2:31:69:70:CB:45:EB:3B:8C:FC:F2:E3
X509v3 Authority Key Identifier:
keyid:63:44:42:10:EA:08:AC:52:98:78:D5:19:17:E3:B3:00:54:D6:20:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0RCEOoIrFKYeNUZF-OzAFTWINE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/lvyZzZ0oMePyMWlwy0XrO4z88uM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/edea6e-66cc-4fb1-a454-fe837f98e026/1/Y0RCEOoIrFKYeNUZF-OzAFTWINE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.37.111.0/24
Signature Algorithm: sha256WithRSAEncryption
88:fe:a8:bd:73:b0:46:22:1a:a0:8f:89:e3:8f:b9:73:28:c2:
8a:39:b9:4b:de:ba:c9:7f:1b:33:fe:00:81:e1:f1:0a:6f:75:
a7:c1:db:48:63:0e:95:02:2a:7b:32:7b:fa:42:27:c1:51:12:
7a:e2:6c:f5:a5:de:60:7a:5d:fe:9b:9b:48:56:20:89:83:2a:
a8:3f:f4:01:3c:b9:f0:8e:d3:f1:9e:a6:a6:96:03:81:fd:bd:
74:b1:ab:ea:78:63:01:f8:bb:6a:c4:06:6d:74:5f:81:5b:63:
7d:8d:e8:d4:c1:d0:a8:19:c9:19:e4:61:ca:08:45:0c:be:2b:
20:56:c2:12:c1:4a:27:ab:5d:fe:38:b7:6c:1e:f2:ff:e3:06:
67:29:a7:fa:d2:6c:b2:34:94:99:46:29:8e:91:0d:71:25:b5:
41:be:43:0d:a9:17:f7:f4:4f:d7:27:2e:6e:f3:2e:6a:25:e4:
63:c5:e4:58:7e:89:28:50:e9:ae:da:13:5a:a2:9e:27:ed:ea:
dc:e6:21:d5:64:ed:da:c0:03:15:a7:d7:0d:44:42:91:dc:3e:
10:52:a0:c7:56:93:bb:56:ba:81:b1:91:50:de:42:f9:b4:6e:
59:a8:29:15:d4:6d:5f:97:b2:fb:e8:8b:b8:79:8a:7f:1f:13:
ff:ec:4e:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/cX1olgrwhqi/a+rhpe/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDQ0MjEwZWEwOGFjNTI5ODc4ZDUxOTE3ZTNiMzAwNTRk
NjIwZDEwHhcNMjUwMTAyMDc0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmZjOTljZDlkMjgzMWUzZjIzMTY5NzBjYjQ1ZWIzYjhjZmNmMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkLf7fA10r5R4Z4OeWUTWcVtLKYH
qDVHBXrII0MmLAdxWox82KcJAX7cz+IpLkyvwT2XgFGwuNnfD0VEbVnVomyxiBVu
W15uje/PWv6tbzYq+CIbKOvsnmXwCHM5sujz8kyJtpk1udG8Nrkiyfdatq6vmmri
BPYGnLzqNza+zcYtdeh9/xhELfQGK1ZXPbFv2oMUbhIoqegtWPU/gmMiEetVnS9t
H7HrjcGE10zJLC+xXaMHeuNcCN3O9P4F5deWiVoGcQjP0kL6ALPGBFKX4WxKA6IF
89Yz6BZhUW9qxV7bnZSdzL+fXp1FC4+vqqk9LYV44EkWixOxMrwak90IMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJb8mc2dKDHj8jFpcMtF6zuM/PLjMB8GA1UdIwQY
MBaAFGNEQhDqCKxSmHjVGRfjswBU1iDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQt
ZmU4MzdmOThlMDI2LzEvbHZ5WnpaMG9NZVB5TVdsd3kwWHJPNHo4OHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lZGVhNmUtNjZjYy00ZmIxLWE0NTQtZmU4MzdmOThlMDI2
LzEvWTBSQ0VPb0lyRktZZU5VWkYtT3pBRlRXSU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAiVvMA0G
CSqGSIb3DQEBCwUAA4IBAQCI/qi9c7BGIhqgj4njj7lzKMKKOblL3rrJfxsz/gCB
4fEKb3WnwdtIYw6VAip7Mnv6QifBURJ64mz1pd5gel3+m5tIViCJgyqoP/QBPLnw
jtPxnqamlgOB/b10savqeGMB+LtqxAZtdF+BW2N9jejUwdCoGckZ5GHKCEUMvisg
VsISwUonq13+OLdsHvL/4wZnKaf60myyNJSZRimOkQ1xJbVBvkMNqRf39E/XJy5u
8y5qJeRjxeRYfokoUOmu2hNaop4n7erc5iHVZO3awAMVp9cNREKR3D4QUqDHVpO7
VrqBsZFQ3kL5tG5ZqCkV1G1fl7L76Iu4eYp/HxP/7E5+
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:53:10 2025 by rpki-client