Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/ab78fc-25a8-46c1-8699-1d82ab15c415/1/liwLvjN0YzoFo1ERy-bzjz4VsTg.roa
File: liwLvjN0YzoFo1ERy-bzjz4VsTg.roa (raw, json)
Hash identifier: GDU7sYUZLvs8qPvsE64PL0ZAdRZi5E+mt7+6WSUX+BU=
Subject key identifier: 96:2C:0B:BE:33:74:63:3A:05:A3:51:11:CB:E6:F3:8F:3E:15:B1:38
Certificate issuer: /CN=20bdef3beb4114cfcbfeb9fb4ed8da98faf4fa89
Certificate serial: 01942368F2C53A6FB3CEC55A8798D29C71AE
Authority key identifier: 20:BD:EF:3B:EB:41:14:CF:CB:FE:B9:FB:4E:D8:DA:98:FA:F4:FA:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IL3vO-tBFM_L_rn7TtjamPr0-ok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/ab78fc-25a8-46c1-8699-1d82ab15c415/1/liwLvjN0YzoFo1ERy-bzjz4VsTg.roa
Signing time: Wed 01 Jan 2025 19:47:47 +0000
ROA not before: Wed 01 Jan 2025 19:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 91.239.209.0/24 maxlen: 24
159.255.150.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:f2:c5:3a:6f:b3:ce:c5:5a:87:98:d2:9c:71:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20bdef3beb4114cfcbfeb9fb4ed8da98faf4fa89
Validity
Not Before: Jan 1 19:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=962c0bbe3374633a05a35111cbe6f38f3e15b138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:61:2d:24:3c:e3:8f:2c:80:08:2e:09:89:9c:
37:ec:99:76:cf:fd:45:58:14:9d:56:aa:65:bd:6f:
c2:9d:93:94:f4:5e:6c:2b:42:de:4b:7b:c1:ea:af:
be:02:51:d2:f3:59:19:00:36:39:d7:d9:2f:8c:05:
20:b6:a5:17:85:f4:dc:76:7c:d5:45:05:aa:a3:32:
3c:6b:dd:73:15:3f:46:35:db:65:2c:24:d8:83:cd:
7d:18:13:3e:a5:cb:23:e3:48:f2:d3:8a:06:ba:d5:
4d:65:aa:19:fb:e6:ca:33:2b:f7:d2:6c:fe:0c:b0:
3d:bf:c9:c6:6b:d5:0c:81:45:03:00:09:2a:7e:5f:
69:bd:73:0b:89:5f:65:c7:87:78:00:30:c5:06:83:
8f:a1:0f:8c:11:2c:8b:fd:b0:90:8a:b4:b7:7a:a2:
78:a1:00:57:8e:2b:c4:36:58:a7:41:82:c8:09:42:
78:c3:3a:e6:8e:33:0a:bc:f0:2c:6c:d8:16:3e:5d:
1f:0e:c5:b2:50:3b:72:bb:0e:66:61:f5:f9:08:67:
87:91:2a:5b:3b:9b:3d:da:91:97:22:1a:1b:c6:f7:
1c:57:4a:ae:59:36:ff:9a:64:2a:73:b1:ff:ee:0b:
f1:b9:c6:36:06:50:e3:b8:b9:cf:be:d1:b4:5a:4f:
51:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2C:0B:BE:33:74:63:3A:05:A3:51:11:CB:E6:F3:8F:3E:15:B1:38
X509v3 Authority Key Identifier:
keyid:20:BD:EF:3B:EB:41:14:CF:CB:FE:B9:FB:4E:D8:DA:98:FA:F4:FA:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IL3vO-tBFM_L_rn7TtjamPr0-ok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/ab78fc-25a8-46c1-8699-1d82ab15c415/1/liwLvjN0YzoFo1ERy-bzjz4VsTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/ab78fc-25a8-46c1-8699-1d82ab15c415/1/IL3vO-tBFM_L_rn7TtjamPr0-ok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.209.0/24
159.255.150.0/24
Signature Algorithm: sha256WithRSAEncryption
10:73:85:b6:d1:8c:e1:b4:45:dc:08:0d:43:a5:c0:24:ed:5b:
66:66:3f:2e:1c:1d:9f:6e:49:fb:5b:40:c3:99:6e:54:8b:b0:
0f:50:8f:47:8f:a3:06:2d:00:d1:4b:05:ea:2f:3f:76:39:0e:
39:29:cf:2d:2f:54:af:a7:d4:f8:d0:d6:57:eb:96:cf:af:f3:
20:33:21:08:20:95:24:41:29:e7:38:b7:d5:b7:10:e9:9c:c1:
7f:e9:e2:5d:2b:4c:81:99:4d:93:ca:c7:c3:5f:cb:24:ea:a1:
9c:a3:76:18:e4:38:9a:e1:aa:20:bb:9b:16:12:fd:24:20:ad:
4f:50:3d:ed:f4:53:e0:97:30:3d:c1:5c:6f:3f:a8:8c:60:ec:
09:9b:52:f3:81:d7:f9:2c:7c:ff:e8:82:d7:d8:05:2b:5e:72:
7c:c1:4d:66:e4:8f:9e:b7:8a:dc:53:f7:5a:43:79:f1:36:48:
60:70:d4:e2:55:ce:9b:5a:69:ba:32:df:0e:e2:eb:50:d7:1e:
c7:95:a5:71:68:db:56:e1:b2:d3:cb:b2:20:4c:0b:f3:3d:5f:
ca:6c:39:34:4c:20:35:67:59:b2:37:b6:10:2d:2f:5f:29:8b:
03:09:07:66:7e:82:18:3e:9d:11:d5:5f:d5:ff:36:36:e4:30:
19:81:90:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjaPLFOm+zzsVah5jSnHGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYmRlZjNiZWI0MTE0Y2ZjYmZlYjlmYjRlZDhkYTk4ZmFm
NGZhODkwHhcNMjUwMTAxMTk0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJjMGJiZTMzNzQ2MzNhMDVhMzUxMTFjYmU2ZjM4ZjNlMTViMTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2EtJDzjjyyACC4JiZw37Jl2z/1F
WBSdVqplvW/CnZOU9F5sK0LeS3vB6q++AlHS81kZADY519kvjAUgtqUXhfTcdnzV
RQWqozI8a91zFT9GNdtlLCTYg819GBM+pcsj40jy04oGutVNZaoZ++bKMyv30mz+
DLA9v8nGa9UMgUUDAAkqfl9pvXMLiV9lx4d4ADDFBoOPoQ+MESyL/bCQirS3eqJ4
oQBXjivENlinQYLICUJ4wzrmjjMKvPAsbNgWPl0fDsWyUDtyuw5mYfX5CGeHkSpb
O5s92pGXIhobxvccV0quWTb/mmQqc7H/7gvxucY2BlDjuLnPvtG0Wk9RLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJYsC74zdGM6BaNREcvm848+FbE4MB8GA1UdIwQY
MBaAFCC97zvrQRTPy/65+07Y2pj69PqJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUwzdk8tdEJGTV9MX3JuN1R0amFtUHIwLW9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hYjc4ZmMtMjVhOC00NmMxLTg2OTkt
MWQ4MmFiMTVjNDE1LzEvbGl3THZqTjBZem9GbzFFUnktYnpqejRWc1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9hYjc4ZmMtMjVhOC00NmMxLTg2OTktMWQ4MmFiMTVjNDE1
LzEvSUwzdk8tdEJGTV9MX3JuN1R0amFtUHIwLW9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+/RAwQA
n/+WMA0GCSqGSIb3DQEBCwUAA4IBAQAQc4W20YzhtEXcCA1DpcAk7VtmZj8uHB2f
bkn7W0DDmW5Ui7APUI9Hj6MGLQDRSwXqLz92OQ45Kc8tL1Svp9T40NZX65bPr/Mg
MyEIIJUkQSnnOLfVtxDpnMF/6eJdK0yBmU2TysfDX8sk6qGco3YY5Dia4aogu5sW
Ev0kIK1PUD3t9FPglzA9wVxvP6iMYOwJm1Lzgdf5LHz/6ILX2AUrXnJ8wU1m5I+e
t4rcU/daQ3nxNkhgcNTiVc6bWmm6Mt8O4utQ1x7HlaVxaNtW4bLTy7IgTAvzPV/K
bDk0TCA1Z1myN7YQLS9fKYsDCQdmfoIYPp0R1V/V/zY25DAZgZAV
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:17 2025 by rpki-client