Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/LErWvSynJlm4ZaSfXb8b4QsrP-I.roa
File: LErWvSynJlm4ZaSfXb8b4QsrP-I.roa (raw, json)
Hash identifier: ijFgYLiW0BKylwjnOGOeCzb7VffVqSclR8FNc9oienE=
Subject key identifier: 2C:4A:D6:BD:2C:A7:26:59:B8:65:A4:9F:5D:BF:1B:E1:0B:2B:3F:E2
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0193651980F1A8CFC5482C16F3EC881FADE6
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/LErWvSynJlm4ZaSfXb8b4QsrP-I.roa
Signing time: Mon 25 Nov 2024 20:53:10 +0000
ROA not before: Mon 25 Nov 2024 20:53:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151633
IP address blocks: 5.39.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:65:19:80:f1:a8:cf:c5:48:2c:16:f3:ec:88:1f:ad:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Nov 25 20:53:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c4ad6bd2ca72659b865a49f5dbf1be10b2b3fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7a:e1:52:11:39:5f:a5:d5:3b:e1:7c:cb:6a:
5f:fa:f6:62:df:0a:eb:f7:9d:1f:ad:23:60:36:52:
fd:4c:4d:be:80:50:86:0b:43:94:70:c6:b9:1a:2c:
1b:dd:a2:2e:97:08:29:09:0d:65:ff:f7:30:f7:0b:
11:99:d7:09:fd:d4:30:13:ae:b8:8c:b3:34:55:f5:
09:a0:6c:aa:58:72:7a:8e:d3:78:4d:87:24:f6:f3:
4e:07:d2:65:e0:24:9b:d9:37:a2:cf:f0:36:c4:be:
c7:9e:45:10:59:6c:9e:23:80:2a:b9:a3:e8:01:ee:
44:6a:5f:e1:42:11:46:4b:f6:b3:0b:ba:46:bf:22:
6c:00:39:e0:37:9d:46:75:f1:01:a5:f3:1a:d4:be:
6c:a9:da:e6:32:0b:21:72:e0:50:52:a7:cb:77:d4:
55:6e:74:4f:5b:3b:98:1d:db:6b:47:4b:6c:bf:10:
33:f2:58:e6:80:43:ff:4b:99:38:65:e8:5c:87:c8:
88:39:c9:38:6c:b2:76:8c:26:b0:e0:6c:da:fc:09:
96:40:3b:ec:e5:a0:6f:66:02:18:10:6b:01:3f:0f:
53:4e:0a:03:84:b7:6e:35:06:b8:e8:c7:41:8f:2d:
ab:90:77:73:3a:1b:78:51:45:08:ca:05:e4:33:63:
af:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:4A:D6:BD:2C:A7:26:59:B8:65:A4:9F:5D:BF:1B:E1:0B:2B:3F:E2
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/LErWvSynJlm4ZaSfXb8b4QsrP-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.250.0/24
Signature Algorithm: sha256WithRSAEncryption
01:a5:c9:2c:9e:79:8f:54:4e:d0:7e:4c:b6:97:04:c4:00:c1:
59:48:b0:93:c8:5a:bf:64:aa:b7:c5:76:7b:5a:71:d1:95:07:
a7:5a:a8:b1:b4:4b:2c:06:ae:82:bf:88:ce:06:72:04:55:1c:
42:66:cd:bf:04:23:46:46:53:50:38:6f:b5:af:c0:58:75:f2:
87:f9:52:d1:29:1a:c4:ee:0d:e0:35:14:8b:b3:ba:c6:90:a9:
bd:e0:6c:9e:bf:58:6b:ea:c6:ba:59:38:71:ee:28:c1:45:19:
8c:b1:92:69:a5:13:dd:8f:f2:d2:d3:6a:c2:93:6c:aa:8d:da:
e0:9d:46:56:0b:d6:5e:ee:8c:4e:9a:8f:eb:94:f0:fa:2c:b2:
d4:a6:f6:29:ee:86:4c:c8:30:ec:cb:18:df:81:41:1f:b7:0f:
02:b8:ef:de:bd:ed:d4:63:03:a2:4b:82:a5:75:66:59:5e:4e:
66:b3:06:61:5e:a5:02:c7:9f:ca:ef:e1:18:92:94:11:72:0d:
8b:f1:a6:51:7b:e7:a2:4a:d6:54:73:df:af:69:ec:dc:33:f4:
70:06:27:c9:c3:90:53:4c:ec:ad:6a:1f:21:36:c8:e0:30:2a:
c9:34:9f:32:1c:f9:de:f9:d9:36:ee:27:3c:ff:0e:b7:36:bb:
09:a6:ee:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNlGYDxqM/FSCwW8+yIH63mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQxMTI1MjA1MzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzRhZDZiZDJjYTcyNjU5Yjg2NWE0OWY1ZGJmMWJlMTBiMmIzZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXrhUhE5X6XVO+F8y2pf+vZi3wrr
950frSNgNlL9TE2+gFCGC0OUcMa5Giwb3aIulwgpCQ1l//cw9wsRmdcJ/dQwE664
jLM0VfUJoGyqWHJ6jtN4TYck9vNOB9Jl4CSb2Teiz/A2xL7HnkUQWWyeI4AquaPo
Ae5Eal/hQhFGS/azC7pGvyJsADngN51GdfEBpfMa1L5sqdrmMgshcuBQUqfLd9RV
bnRPWzuYHdtrR0tsvxAz8ljmgEP/S5k4Zehch8iIOck4bLJ2jCaw4Gza/AmWQDvs
5aBvZgIYEGsBPw9TTgoDhLduNQa46MdBjy2rkHdzOht4UUUIygXkM2OvqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxK1r0spyZZuGWkn12/G+ELKz/iMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvTEVyV3ZTeW5KbG00WmFTZlhiOGI0UXNyUC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSf6MA0G
CSqGSIb3DQEBCwUAA4IBAQABpcksnnmPVE7Qfky2lwTEAMFZSLCTyFq/ZKq3xXZ7
WnHRlQenWqixtEssBq6Cv4jOBnIEVRxCZs2/BCNGRlNQOG+1r8BYdfKH+VLRKRrE
7g3gNRSLs7rGkKm94Gyev1hr6sa6WThx7ijBRRmMsZJppRPdj/LS02rCk2yqjdrg
nUZWC9Ze7oxOmo/rlPD6LLLUpvYp7oZMyDDsyxjfgUEftw8CuO/eve3UYwOiS4Kl
dWZZXk5mswZhXqUCx5/K7+EYkpQRcg2L8aZRe+eiStZUc9+vaezcM/RwBifJw5BT
TOytah8hNsjgMCrJNJ8yHPne+dk27ic8/w63NrsJpu4d
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:04:20 2025 by rpki-client