Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/f52cea-3f41-482b-8ce8-2e2548310df3/1/Lhe1dIcaQ8uYC-tM4_HlulQzvCo.roa
File: Lhe1dIcaQ8uYC-tM4_HlulQzvCo.roa (raw, json)
Hash identifier: tTALYzIFh4izYkRayS1lcrRII4GdMnV6mKHpYnfWfmk=
Subject key identifier: 2E:17:B5:74:87:1A:43:CB:98:0B:EB:4C:E3:F1:E5:BA:54:33:BC:2A
Certificate issuer: /CN=bb61df71f97461c6b3b4548fdcfecd77b679030f
Certificate serial: 019420D63F5FFB87C642595882786754EC14
Authority key identifier: BB:61:DF:71:F9:74:61:C6:B3:B4:54:8F:DC:FE:CD:77:B6:79:03:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u2Hfcfl0YcaztFSP3P7Nd7Z5Aw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/f52cea-3f41-482b-8ce8-2e2548310df3/1/Lhe1dIcaQ8uYC-tM4_HlulQzvCo.roa
Signing time: Wed 01 Jan 2025 07:48:19 +0000
ROA not before: Wed 01 Jan 2025 07:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203682
IP address blocks: 185.4.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:3f:5f:fb:87:c6:42:59:58:82:78:67:54:ec:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb61df71f97461c6b3b4548fdcfecd77b679030f
Validity
Not Before: Jan 1 07:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e17b574871a43cb980beb4ce3f1e5ba5433bc2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ca:21:50:44:85:1c:14:74:b1:fb:98:14:24:
63:5c:06:79:18:26:9f:e3:43:c4:f5:f9:44:91:05:
0d:f7:2b:4a:1a:81:e3:32:74:cb:47:ee:60:9a:20:
e4:fe:bf:e5:9b:57:dc:66:e7:c4:70:fd:06:dd:b2:
be:f4:11:10:52:09:a2:f1:85:05:f5:4f:4b:de:92:
33:69:3a:47:de:a4:d9:b6:2d:cc:74:71:eb:bf:90:
ef:3b:c4:49:2b:6d:ac:e6:92:19:35:3d:72:14:86:
c0:ea:60:99:42:72:f8:61:b4:4c:bc:87:06:8e:16:
fa:5c:4b:00:50:e0:16:6f:bb:04:b8:bb:4a:13:5c:
29:97:b2:57:d3:72:96:43:4c:5a:2c:8c:e1:da:ed:
fb:8b:27:ae:b2:4b:fb:ed:29:c8:10:f1:ae:af:01:
6e:71:89:dc:3e:81:92:c8:c9:fe:bb:ee:0e:bb:78:
91:31:c4:20:ed:7c:74:95:df:12:01:b2:1c:44:95:
ca:56:65:57:e1:fc:be:2a:9f:de:75:6d:3a:8d:19:
a1:e5:e3:15:3e:4e:1a:d9:c2:74:79:3c:2a:8d:b7:
39:63:a8:32:31:53:6c:cf:86:72:e7:e5:46:85:1e:
a6:21:d7:3d:3c:e3:c4:11:f4:24:11:7a:6e:b3:c6:
a5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:17:B5:74:87:1A:43:CB:98:0B:EB:4C:E3:F1:E5:BA:54:33:BC:2A
X509v3 Authority Key Identifier:
keyid:BB:61:DF:71:F9:74:61:C6:B3:B4:54:8F:DC:FE:CD:77:B6:79:03:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u2Hfcfl0YcaztFSP3P7Nd7Z5Aw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/f52cea-3f41-482b-8ce8-2e2548310df3/1/Lhe1dIcaQ8uYC-tM4_HlulQzvCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/f52cea-3f41-482b-8ce8-2e2548310df3/1/u2Hfcfl0YcaztFSP3P7Nd7Z5Aw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.15.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:03:dc:2f:ec:9f:45:ec:07:21:99:2b:c1:fe:b1:8f:6e:8d:
30:15:89:26:59:e2:3b:95:f7:5d:b4:8b:98:60:be:67:7b:bd:
e2:b6:5c:0c:96:3c:2d:7e:6e:0c:3c:ed:8a:02:0d:ad:4c:b2:
ae:c6:4b:a4:df:f0:cf:a9:4a:ba:7e:f4:ad:db:47:15:c2:f7:
6b:00:6f:6f:e4:0f:7a:c2:76:f6:46:86:01:bf:56:bc:45:b8:
bd:2b:88:45:32:00:9c:b6:a8:ed:36:ce:21:4d:a8:a8:73:cf:
f3:06:52:f5:6a:03:c6:da:90:e4:45:b3:cb:32:4d:d5:df:39:
7f:57:92:2a:af:d4:09:18:ef:1c:c5:a8:7e:11:3b:13:c4:d0:
06:77:2a:8f:c3:64:92:3c:17:6c:d0:19:71:80:9e:4b:82:f1:
be:db:ec:32:bd:9e:35:46:db:31:69:61:7f:13:8e:60:f8:9a:
76:e5:df:b8:0c:e6:77:29:d5:7b:fb:55:33:f6:5f:9a:5e:ee:
58:89:25:64:f9:a1:ab:67:5f:a6:65:26:91:f0:3b:65:33:8b:
b1:e6:b1:b8:a2:9c:fc:9a:04:2a:32:2f:88:e1:8d:21:e6:63:
47:11:e4:19:56:8c:c2:2d:3c:5a:3b:ed:b1:02:8f:50:02:e2:
a6:e4:21:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1j9f+4fGQllYgnhnVOwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNjFkZjcxZjk3NDYxYzZiM2I0NTQ4ZmRjZmVjZDc3YjY3
OTAzMGYwHhcNMjUwMTAxMDc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTE3YjU3NDg3MWE0M2NiOTgwYmViNGNlM2YxZTViYTU0MzNiYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8ohUESFHBR0sfuYFCRjXAZ5GCaf
40PE9flEkQUN9ytKGoHjMnTLR+5gmiDk/r/lm1fcZufEcP0G3bK+9BEQUgmi8YUF
9U9L3pIzaTpH3qTZti3MdHHrv5DvO8RJK22s5pIZNT1yFIbA6mCZQnL4YbRMvIcG
jhb6XEsAUOAWb7sEuLtKE1wpl7JX03KWQ0xaLIzh2u37iyeuskv77SnIEPGurwFu
cYncPoGSyMn+u+4Ou3iRMcQg7Xx0ld8SAbIcRJXKVmVX4fy+Kp/edW06jRmh5eMV
Pk4a2cJ0eTwqjbc5Y6gyMVNsz4Zy5+VGhR6mIdc9POPEEfQkEXpus8alfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4XtXSHGkPLmAvrTOPx5bpUM7wqMB8GA1UdIwQY
MBaAFLth33H5dGHGs7RUj9z+zXe2eQMPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTJIZmNmbDBZY2F6dEZTUDNQN05kN1o1QXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mNTJjZWEtM2Y0MS00ODJiLThjZTgt
MmUyNTQ4MzEwZGYzLzEvTGhlMWRJY2FROHVZQy10TTRfSGx1bFF6dkNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mNTJjZWEtM2Y0MS00ODJiLThjZTgtMmUyNTQ4MzEwZGYz
LzEvdTJIZmNmbDBZY2F6dEZTUDNQN05kN1o1QXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQQPMA0G
CSqGSIb3DQEBCwUAA4IBAQCKA9wv7J9F7AchmSvB/rGPbo0wFYkmWeI7lfddtIuY
YL5ne73itlwMljwtfm4MPO2KAg2tTLKuxkuk3/DPqUq6fvSt20cVwvdrAG9v5A96
wnb2RoYBv1a8Rbi9K4hFMgCctqjtNs4hTaioc8/zBlL1agPG2pDkRbPLMk3V3zl/
V5Iqr9QJGO8cxah+ETsTxNAGdyqPw2SSPBds0BlxgJ5LgvG+2+wyvZ41RtsxaWF/
E45g+Jp25d+4DOZ3KdV7+1Uz9l+aXu5YiSVk+aGrZ1+mZSaR8DtlM4ux5rG4opz8
mgQqMi+I4Y0h5mNHEeQZVozCLTxaO+2xAo9QAuKm5CHy
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:32:07 2025 by rpki-client