Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/LrQvGSWjZ1_u3gVVuPLp2WxRk1k.roa
File: LrQvGSWjZ1_u3gVVuPLp2WxRk1k.roa (raw, json)
Hash identifier: ZcyQD8WEBHUW25dO4BlMcUXBz86xnVBSf9fbKGrRMB8=
Subject key identifier: 2E:B4:2F:19:25:A3:67:5F:EE:DE:05:55:B8:F2:E9:D9:6C:51:93:59
Certificate issuer: /CN=1e234242957bb1be129681721f9c2cd08df07baa
Certificate serial: 01942826840466EE75B35A5F7A91B3416F20
Authority key identifier: 1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/LrQvGSWjZ1_u3gVVuPLp2WxRk1k.roa
Signing time: Thu 02 Jan 2025 17:53:20 +0000
ROA not before: Thu 02 Jan 2025 17:53:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42926
IP address blocks: 185.40.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:84:04:66:ee:75:b3:5a:5f:7a:91:b3:41:6f:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e234242957bb1be129681721f9c2cd08df07baa
Validity
Not Before: Jan 2 17:53:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2eb42f1925a3675feede0555b8f2e9d96c519359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d4:f6:f6:94:ce:5b:e3:17:42:6b:bf:b7:19:
b4:dc:c3:fa:8e:61:26:6e:4f:2e:f7:8c:5d:ae:a7:
df:9a:0e:e7:07:a4:45:25:a8:b8:05:f0:91:ec:31:
b7:a4:23:1e:f7:cb:e4:db:80:7d:9f:54:a4:4c:2c:
0a:a2:21:00:80:c1:a5:f9:75:62:b9:01:d1:26:47:
a5:41:fa:2a:03:90:e7:84:eb:7e:9b:ae:bd:d5:d6:
da:f3:fe:2e:cc:6b:ba:2e:78:69:54:c3:a6:f4:d3:
3a:42:42:db:98:c3:da:9f:4f:d4:8a:41:4a:97:83:
f0:87:1a:6b:99:7d:b3:50:62:42:1f:b0:c0:a1:40:
44:8d:23:ef:4e:53:9f:d1:12:a4:99:70:58:4d:ff:
89:c1:fe:c5:b9:0e:f8:a6:f7:b1:a8:e6:b1:b7:98:
c4:ed:34:fc:ff:ac:e2:5b:ff:17:f4:ce:20:e4:74:
38:0a:55:b8:a2:e1:c9:e0:ec:6b:d7:a6:7c:ef:02:
09:9b:c0:f0:66:c1:bd:1a:47:5e:5e:1d:f9:ee:60:
66:e4:9b:83:ee:b1:02:d3:07:43:f5:be:6a:7e:5d:
72:53:98:63:65:17:88:91:55:5c:2b:3e:f8:9e:be:
46:b9:50:7b:d5:ff:06:2a:e6:d2:7e:b1:b4:e2:76:
e0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:B4:2F:19:25:A3:67:5F:EE:DE:05:55:B8:F2:E9:D9:6C:51:93:59
X509v3 Authority Key Identifier:
keyid:1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/LrQvGSWjZ1_u3gVVuPLp2WxRk1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.72.0/22
Signature Algorithm: sha256WithRSAEncryption
12:5c:c1:62:6f:a0:52:32:7b:c9:de:c2:a8:79:46:c4:18:33:
cd:88:b7:8b:f8:57:fc:20:ba:85:4f:1d:9e:35:3d:d9:81:14:
5a:af:69:0c:8c:39:78:b6:26:6b:b9:15:cb:96:d9:f0:e5:32:
f3:40:c9:aa:79:cf:1d:c2:68:1f:9b:51:27:66:43:d2:b5:b8:
96:d4:39:8c:b3:24:73:d5:38:58:ff:93:43:b6:0c:bc:cc:96:
2d:f4:69:3f:74:67:41:c9:8a:eb:31:46:df:ea:7f:55:cf:d7:
04:ad:60:14:2d:84:f4:72:03:2f:f5:ff:d5:5f:6b:36:49:d9:
f8:fc:04:49:96:8c:29:15:b9:62:77:c4:6a:67:73:e3:f5:13:
09:7e:cf:66:a7:9c:4d:bb:4e:e1:20:99:cd:1e:1e:86:cc:63:
19:b9:6c:01:2e:5b:a3:2a:b0:ed:b2:ad:30:c2:b2:0a:c3:6d:
a9:22:69:d2:59:31:4d:e2:98:7f:de:c0:cb:c6:82:d7:53:e7:
18:12:15:91:cd:ef:de:92:71:2f:fc:e6:e8:3c:24:57:09:c9:
fc:34:b9:c6:43:55:7e:73:37:d9:c2:02:0f:5a:b5:3b:46:f0:
4d:ca:70:02:4d:f5:b5:e1:5a:b1:88:69:15:95:18:b2:86:df:
8d:b2:38:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJoQEZu51s1pfepGzQW8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMjM0MjQyOTU3YmIxYmUxMjk2ODE3MjFmOWMyY2QwOGRm
MDdiYWEwHhcNMjUwMTAyMTc1MzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWI0MmYxOTI1YTM2NzVmZWVkZTA1NTViOGYyZTlkOTZjNTE5MzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tT29pTOW+MXQmu/txm03MP6jmEm
bk8u94xdrqffmg7nB6RFJai4BfCR7DG3pCMe98vk24B9n1SkTCwKoiEAgMGl+XVi
uQHRJkelQfoqA5DnhOt+m6691dba8/4uzGu6LnhpVMOm9NM6QkLbmMPan0/UikFK
l4PwhxprmX2zUGJCH7DAoUBEjSPvTlOf0RKkmXBYTf+Jwf7FuQ74pvexqOaxt5jE
7TT8/6ziW/8X9M4g5HQ4ClW4ouHJ4Oxr16Z87wIJm8DwZsG9GkdeXh357mBm5JuD
7rEC0wdD9b5qfl1yU5hjZReIkVVcKz74nr5GuVB71f8GKubSfrG04nbgJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC60Lxklo2df7t4FVbjy6dlsUZNZMB8GA1UdIwQY
MBaAFB4jQkKVe7G+EpaBch+cLNCN8HuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMt
NTYzODUyNmZmNjQxLzEvTHJRdkdTV2paMV91M2dWVnVQTHAyV3hSazFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMtNTYzODUyNmZmNjQx
LzEvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuShIMA0G
CSqGSIb3DQEBCwUAA4IBAQASXMFib6BSMnvJ3sKoeUbEGDPNiLeL+Ff8ILqFTx2e
NT3ZgRRar2kMjDl4tiZruRXLltnw5TLzQMmqec8dwmgfm1EnZkPStbiW1DmMsyRz
1ThY/5NDtgy8zJYt9Gk/dGdByYrrMUbf6n9Vz9cErWAULYT0cgMv9f/VX2s2Sdn4
/ARJlowpFblid8RqZ3Pj9RMJfs9mp5xNu07hIJnNHh6GzGMZuWwBLlujKrDtsq0w
wrIKw22pImnSWTFN4ph/3sDLxoLXU+cYEhWRze/eknEv/OboPCRXCcn8NLnGQ1V+
czfZwgIPWrU7RvBNynACTfW14VqxiGkVlRiyht+Nsjim
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:59:29 2025 by rpki-client