Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/lbz_04eUBmkCrsObDIi_l3hQ9kE.roa
File: lbz_04eUBmkCrsObDIi_l3hQ9kE.roa (raw, json)
Hash identifier: 9b+KSYQE0O1uMcRhVoqK3mtyhTf347ICutm/lJE1J/Q=
Subject key identifier: 95:BC:FF:D3:87:94:06:69:02:AE:C3:9B:0C:88:BF:97:78:50:F6:41
Certificate issuer: /CN=375a064f301026bc3cf87666d6a820128212a811
Certificate serial: 019421B1FD3E07211E12C4E830598FCADD5D
Authority key identifier: 37:5A:06:4F:30:10:26:BC:3C:F8:76:66:D6:A8:20:12:82:12:A8:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1oGTzAQJrw8-HZm1qggEoISqBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/lbz_04eUBmkCrsObDIi_l3hQ9kE.roa
Signing time: Wed 01 Jan 2025 11:48:20 +0000
ROA not before: Wed 01 Jan 2025 11:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7922
IP address blocks: 2a03:2880:d001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:fd:3e:07:21:1e:12:c4:e8:30:59:8f:ca:dd:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=375a064f301026bc3cf87666d6a820128212a811
Validity
Not Before: Jan 1 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95bcffd38794066902aec39b0c88bf977850f641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f6:a8:39:c0:a4:0e:c4:c5:e9:69:bd:67:ed:
30:d4:2e:ac:f9:53:b1:f1:a7:2f:6e:dd:74:91:71:
58:54:cd:71:28:c8:a5:9e:1a:b0:99:6f:62:cf:86:
fe:81:97:5f:1d:fa:8a:01:3a:a6:2c:f6:c4:64:37:
d2:57:0b:67:e4:a9:1a:70:80:fb:18:79:75:c6:27:
43:bc:23:8e:e2:fa:5a:ee:34:ba:63:03:bb:50:f4:
dd:d0:eb:a4:8a:b2:d6:9b:17:be:2c:e6:63:bd:05:
47:3e:2c:7c:4c:64:b4:45:8e:b5:3f:ac:3d:43:12:
06:8d:df:2d:e8:46:ab:f0:78:c8:44:7d:c2:fb:c1:
19:2d:26:20:2b:7f:69:32:eb:10:cb:6e:06:45:96:
3f:24:28:9a:d2:73:1e:07:e7:bf:4f:3a:23:f0:f6:
b2:9f:17:24:9f:64:30:cd:bd:53:7e:67:41:46:38:
ec:89:ef:e5:32:80:5b:1d:ad:3a:41:99:8c:fd:09:
31:c7:4e:84:c2:17:c3:7b:a3:26:64:60:b7:6e:d9:
97:04:c0:e4:b1:9f:2f:0a:a6:db:83:28:5e:c4:33:
11:2e:79:e3:ac:1c:d4:d6:29:68:e5:c8:fc:2f:d7:
ff:2d:f2:1b:f8:1c:94:41:42:62:59:8e:22:ac:f0:
4e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BC:FF:D3:87:94:06:69:02:AE:C3:9B:0C:88:BF:97:78:50:F6:41
X509v3 Authority Key Identifier:
keyid:37:5A:06:4F:30:10:26:BC:3C:F8:76:66:D6:A8:20:12:82:12:A8:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1oGTzAQJrw8-HZm1qggEoISqBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/lbz_04eUBmkCrsObDIi_l3hQ9kE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/dc5881-3632-45af-bf59-f44a57ced73d/1/N1oGTzAQJrw8-HZm1qggEoISqBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:2880:d001::/48
Signature Algorithm: sha256WithRSAEncryption
bf:05:46:e5:27:a2:89:7e:a6:ba:be:2e:8d:a8:9f:f7:f9:be:
84:3f:16:54:1c:6d:bb:65:75:02:f1:26:21:df:e0:f5:50:ca:
75:e6:31:db:51:65:5c:89:8f:15:3b:b6:89:12:c5:36:33:47:
4f:c2:c4:1f:5c:88:e4:60:da:e5:2d:3e:ac:04:ea:41:ff:42:
a3:f6:ca:aa:38:56:c7:15:ce:2d:71:01:18:07:7e:96:56:fb:
16:1d:f2:4e:5d:82:00:00:f7:72:18:32:cb:69:de:68:61:a6:
c7:aa:6b:64:94:8d:97:83:32:73:42:ad:5a:9d:4f:43:91:fe:
36:9e:4b:72:f0:a8:7e:a7:57:0b:9d:b8:51:4f:88:f6:d2:12:
19:5a:b1:81:2f:ff:fd:5b:48:0c:6d:1d:09:fc:76:08:5e:a6:
bd:a6:77:b5:96:cf:da:dc:2c:d0:6b:47:44:cd:c6:26:8b:b0:
32:e4:fc:7d:6d:4e:4b:3c:cf:a6:6c:5d:a2:c0:cd:3c:b5:93:
d1:50:81:be:4d:10:94:bc:5d:27:d1:d4:97:a1:59:f1:5a:cf:
be:32:3b:09:c2:44:89:e9:c7:df:fc:29:30:cc:01:6d:78:a5:
66:45:df:44:3e:d4:fe:00:f1:c9:a2:77:7f:01:18:01:63:fb:
d2:e9:7c:28
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhsf0+ByEeEsToMFmPyt1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NWEwNjRmMzAxMDI2YmMzY2Y4NzY2NmQ2YTgyMDEyODIx
MmE4MTEwHhcNMjUwMTAxMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJjZmZkMzg3OTQwNjY5MDJhZWMzOWIwYzg4YmY5Nzc4NTBmNjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5faoOcCkDsTF6Wm9Z+0w1C6s+VOx
8acvbt10kXFYVM1xKMilnhqwmW9iz4b+gZdfHfqKATqmLPbEZDfSVwtn5KkacID7
GHl1xidDvCOO4vpa7jS6YwO7UPTd0OukirLWmxe+LOZjvQVHPix8TGS0RY61P6w9
QxIGjd8t6Ear8HjIRH3C+8EZLSYgK39pMusQy24GRZY/JCia0nMeB+e/Tzoj8Pay
nxckn2Qwzb1TfmdBRjjsie/lMoBbHa06QZmM/Qkxx06EwhfDe6MmZGC3btmXBMDk
sZ8vCqbbgyhexDMRLnnjrBzU1ilo5cj8L9f/LfIb+ByUQUJiWY4irPBO0wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJW8/9OHlAZpAq7DmwyIv5d4UPZBMB8GA1UdIwQY
MBaAFDdaBk8wECa8PPh2ZtaoIBKCEqgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFvR1R6QVFKcnc4LUhabTFxZ2dFb0lTcUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9kYzU4ODEtMzYzMi00NWFmLWJmNTkt
ZjQ0YTU3Y2VkNzNkLzEvbGJ6XzA0ZVVCbWtDcnNPYkRJaV9sM2hROWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9kYzU4ODEtMzYzMi00NWFmLWJmNTktZjQ0YTU3Y2VkNzNk
LzEvTjFvR1R6QVFKcnc4LUhabTFxZ2dFb0lTcUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMogNAB
MA0GCSqGSIb3DQEBCwUAA4IBAQC/BUblJ6KJfqa6vi6NqJ/3+b6EPxZUHG27ZXUC
8SYh3+D1UMp15jHbUWVciY8VO7aJEsU2M0dPwsQfXIjkYNrlLT6sBOpB/0Kj9sqq
OFbHFc4tcQEYB36WVvsWHfJOXYIAAPdyGDLLad5oYabHqmtklI2XgzJzQq1anU9D
kf42nkty8Kh+p1cLnbhRT4j20hIZWrGBL//9W0gMbR0J/HYIXqa9pne1ls/a3CzQ
a0dEzcYmi7Ay5Px9bU5LPM+mbF2iwM08tZPRUIG+TRCUvF0n0dSXoVnxWs++MjsJ
wkSJ6cff/CkwzAFteKVmRd9EPtT+APHJond/ARgBY/vS6Xwo
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:35:19 2025 by rpki-client