Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/LgelsY-16hZE8VmZ4UWScnrAkQA.roa
File: LgelsY-16hZE8VmZ4UWScnrAkQA.roa (raw, json)
Hash identifier: 5MPF2K6ZagDsXMwY0mVJRSAJCcCewM4ZcbU+TqCGJzs=
Subject key identifier: 2E:07:A5:B1:8F:B5:EA:16:44:F1:59:99:E1:45:92:72:7A:C0:91:00
Certificate issuer: /CN=3192c52f360a3a72fe22441ac3fc7e0e5225ee91
Certificate serial: 019422FC1DF8C9D386DBB66E3508A026FE63
Authority key identifier: 31:92:C5:2F:36:0A:3A:72:FE:22:44:1A:C3:FC:7E:0E:52:25:EE:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZLFLzYKOnL-IkQaw_x-DlIl7pE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/LgelsY-16hZE8VmZ4UWScnrAkQA.roa
Signing time: Wed 01 Jan 2025 17:48:55 +0000
ROA not before: Wed 01 Jan 2025 17:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8937
IP address blocks: 193.24.16.0/21 maxlen: 21
193.24.16.0/24 maxlen: 24
193.24.17.0/24 maxlen: 24
193.24.18.0/24 maxlen: 24
193.24.19.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:1d:f8:c9:d3:86:db:b6:6e:35:08:a0:26:fe:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3192c52f360a3a72fe22441ac3fc7e0e5225ee91
Validity
Not Before: Jan 1 17:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e07a5b18fb5ea1644f15999e14592727ac09100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0a:10:53:a3:67:6e:93:b2:70:86:c2:81:b2:
84:66:62:be:7a:70:4d:91:3e:d7:41:8b:56:30:e7:
84:79:a6:d7:ec:2a:93:6c:3f:0c:37:0d:79:9a:c4:
7d:85:63:66:df:17:9b:50:7c:f0:c3:d3:78:52:c0:
b8:cc:20:3c:f8:40:73:2a:f3:b7:fa:ee:d6:f2:41:
68:b7:9d:e2:e7:7b:71:a4:3c:59:e1:42:e2:11:02:
9f:40:04:4a:0f:08:70:d6:8c:f2:68:32:87:e6:ed:
50:98:50:fa:ab:25:3a:8b:f2:80:23:f7:ac:69:17:
37:55:45:2d:33:16:db:b8:6e:c3:ff:a4:ee:de:36:
f0:13:94:7a:89:0d:6e:b1:7f:1a:cf:51:82:3c:1b:
08:25:f4:bb:9a:5d:9a:cc:9d:bb:3f:6f:ca:a5:97:
62:ce:82:b1:25:13:5e:2d:be:55:c8:47:f7:ac:04:
16:67:de:a3:0d:02:cc:f6:5e:b6:84:f9:c8:ca:6e:
7f:4a:28:64:6a:0f:9c:b4:24:57:ba:ca:64:80:05:
48:84:d0:cb:fc:79:a4:81:4c:81:ba:ea:51:be:5e:
89:03:6d:d8:20:d8:47:b5:4d:0f:68:03:fc:95:8d:
b3:25:d3:f4:1f:58:43:55:02:fd:6a:0a:27:18:3f:
56:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:07:A5:B1:8F:B5:EA:16:44:F1:59:99:E1:45:92:72:7A:C0:91:00
X509v3 Authority Key Identifier:
keyid:31:92:C5:2F:36:0A:3A:72:FE:22:44:1A:C3:FC:7E:0E:52:25:EE:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZLFLzYKOnL-IkQaw_x-DlIl7pE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/LgelsY-16hZE8VmZ4UWScnrAkQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/524bfe-c5ae-4f67-8413-2748c4002c2e/1/MZLFLzYKOnL-IkQaw_x-DlIl7pE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.24.16.0/21
Signature Algorithm: sha256WithRSAEncryption
d8:df:43:d0:2b:3c:f3:ed:98:bd:89:94:34:67:12:0d:75:4f:
87:98:69:e1:fc:68:b2:8e:5e:9b:90:5e:24:fd:8a:2f:80:2f:
fb:3c:8c:39:72:dc:08:17:5c:84:83:82:1c:7d:cf:b3:11:a3:
44:ea:b5:aa:1d:65:63:81:dd:d1:11:29:71:58:6c:eb:ea:5b:
18:93:99:85:15:e1:b8:34:26:37:11:ab:0e:2d:4c:7a:0a:11:
ff:e0:74:64:f2:d8:25:ab:fd:b6:19:e0:b6:3a:2d:a0:70:0c:
9b:cf:e9:39:fd:10:20:16:62:4b:92:07:63:24:f4:df:0e:9e:
f8:01:86:67:5e:e4:6c:5b:9a:b5:01:48:f9:11:51:32:58:8f:
03:ec:22:f7:33:00:6c:7d:49:14:8d:9b:62:4b:b9:29:21:c8:
d6:33:39:0f:b5:0f:5c:8e:86:01:17:25:d5:7e:fa:73:45:13:
2a:14:00:20:fd:18:3e:6c:e4:56:8c:3d:88:3a:7f:2a:2d:88:
53:5c:be:7e:71:be:ae:47:62:64:77:c7:8f:f9:1d:35:cf:27:
68:64:0e:1a:33:ba:09:7a:a1:14:19:c2:f6:5a:77:5f:f7:4d:
97:29:dd:36:fb:e6:fa:d3:af:bd:5d:a4:db:cd:06:9f:3d:f5:
f1:e8:a1:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi/B34ydOG27ZuNQigJv5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxOTJjNTJmMzYwYTNhNzJmZTIyNDQxYWMzZmM3ZTBlNTIy
NWVlOTEwHhcNMjUwMTAxMTc0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTA3YTViMThmYjVlYTE2NDRmMTU5OTllMTQ1OTI3MjdhYzA5MTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAoQU6NnbpOycIbCgbKEZmK+enBN
kT7XQYtWMOeEeabX7CqTbD8MNw15msR9hWNm3xebUHzww9N4UsC4zCA8+EBzKvO3
+u7W8kFot53i53txpDxZ4ULiEQKfQARKDwhw1ozyaDKH5u1QmFD6qyU6i/KAI/es
aRc3VUUtMxbbuG7D/6Tu3jbwE5R6iQ1usX8az1GCPBsIJfS7ml2azJ27P2/KpZdi
zoKxJRNeLb5VyEf3rAQWZ96jDQLM9l62hPnIym5/Sihkag+ctCRXuspkgAVIhNDL
/HmkgUyBuupRvl6JA23YINhHtU0PaAP8lY2zJdP0H1hDVQL9agonGD9WAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4HpbGPteoWRPFZmeFFknJ6wJEAMB8GA1UdIwQY
MBaAFDGSxS82Cjpy/iJEGsP8fg5SJe6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVpMRkx6WUtPbkwtSWtRYXdfeC1EbElsN3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81MjRiZmUtYzVhZS00ZjY3LTg0MTMt
Mjc0OGM0MDAyYzJlLzEvTGdlbHNZLTE2aFpFOFZtWjRVV1NjbnJBa1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81MjRiZmUtYzVhZS00ZjY3LTg0MTMtMjc0OGM0MDAyYzJl
LzEvTVpMRkx6WUtPbkwtSWtRYXdfeC1EbElsN3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwRgQMA0G
CSqGSIb3DQEBCwUAA4IBAQDY30PQKzzz7Zi9iZQ0ZxINdU+HmGnh/Giyjl6bkF4k
/YovgC/7PIw5ctwIF1yEg4Icfc+zEaNE6rWqHWVjgd3RESlxWGzr6lsYk5mFFeG4
NCY3EasOLUx6ChH/4HRk8tglq/22GeC2Oi2gcAybz+k5/RAgFmJLkgdjJPTfDp74
AYZnXuRsW5q1AUj5EVEyWI8D7CL3MwBsfUkUjZtiS7kpIcjWMzkPtQ9cjoYBFyXV
fvpzRRMqFAAg/Rg+bORWjD2IOn8qLYhTXL5+cb6uR2Jkd8eP+R01zydoZA4aM7oJ
eqEUGcL2Wndf902XKd02++b606+9XaTbzQafPfXx6KGl
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:40 2025 by rpki-client