Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/_lgnGISO0ktGS-TS3jHHuxqlGcc.roa
File: _lgnGISO0ktGS-TS3jHHuxqlGcc.roa (raw, json)
Hash identifier: 2bgXxxG8FQEtolmgRr2kuRhZKybBJ/pEC6iODZDta6M=
Subject key identifier: FE:58:27:18:84:8E:D2:4B:46:4B:E4:D2:DE:31:C7:BB:1A:A5:19:C7
Certificate issuer: /CN=f7bed33ff01e8e09dc4fedcd01139c0e77854aae
Certificate serial: 01941F8C71EDD9F2A24C9390F3B2950373E6
Authority key identifier: F7:BE:D3:3F:F0:1E:8E:09:DC:4F:ED:CD:01:13:9C:0E:77:85:4A:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/977TP_AejgncT-3NAROcDneFSq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/_lgnGISO0ktGS-TS3jHHuxqlGcc.roa
Signing time: Wed 01 Jan 2025 01:48:05 +0000
ROA not before: Wed 01 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57152
IP address blocks: 185.70.84.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:71:ed:d9:f2:a2:4c:93:90:f3:b2:95:03:73:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7bed33ff01e8e09dc4fedcd01139c0e77854aae
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe582718848ed24b464be4d2de31c7bb1aa519c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:63:10:95:77:a7:0a:1d:24:97:83:74:4a:2a:
a2:13:19:ae:02:cb:84:d5:3b:b0:a5:e7:6f:b9:c7:
29:29:bd:6a:b7:06:e9:74:ff:74:7a:cc:00:19:20:
1d:35:ac:64:f8:e4:f5:0b:0f:71:8e:8c:72:f6:c9:
30:99:7d:27:ee:57:cd:b5:1b:01:46:e4:4d:85:c7:
00:34:c2:ec:3c:17:73:99:b5:5a:70:36:9b:8d:f0:
84:99:74:7b:63:c9:78:1a:dd:a8:94:b2:eb:99:db:
f9:d7:c0:87:a8:4d:aa:f5:48:9f:36:d3:54:77:43:
50:35:40:7b:ec:79:c9:c3:bb:b3:95:71:ad:80:fa:
ec:1e:eb:7d:b4:f5:8f:5d:f2:a9:be:1d:f0:b3:a1:
59:ac:36:49:19:97:68:6f:76:d6:23:5d:86:96:2a:
38:91:a6:22:74:1a:f1:21:a7:b5:2c:14:52:39:e5:
ad:15:ff:ad:33:c9:51:9f:e8:57:05:57:a8:db:18:
fb:04:e5:04:da:48:9f:ef:2e:3a:94:02:13:78:2e:
e9:e6:84:36:53:2c:f5:e7:0f:0d:45:86:be:af:75:
c3:61:71:45:ef:c8:34:fd:04:b6:ea:5b:60:34:cb:
b3:97:e0:88:75:15:9d:64:2a:27:d0:44:40:43:1a:
d0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:58:27:18:84:8E:D2:4B:46:4B:E4:D2:DE:31:C7:BB:1A:A5:19:C7
X509v3 Authority Key Identifier:
keyid:F7:BE:D3:3F:F0:1E:8E:09:DC:4F:ED:CD:01:13:9C:0E:77:85:4A:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/977TP_AejgncT-3NAROcDneFSq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/_lgnGISO0ktGS-TS3jHHuxqlGcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/977TP_AejgncT-3NAROcDneFSq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.84.0/22
Signature Algorithm: sha256WithRSAEncryption
61:4e:d0:84:42:dc:78:65:a3:f0:51:97:b2:87:c6:92:b5:7b:
15:00:fd:0c:43:e8:1b:fa:c2:1e:6c:26:e0:7d:a1:7b:5b:b2:
c7:ed:4d:9e:22:41:f2:24:e8:69:6a:d9:b4:20:99:cb:0f:cf:
f9:ff:2b:c8:c9:99:10:b7:6d:70:52:23:dc:93:f9:fc:c5:aa:
9a:e7:08:44:d9:cf:53:09:c3:0b:7d:0a:1f:9e:bd:bb:a6:bf:
03:62:23:9d:0d:60:fb:4a:61:24:80:77:01:1e:2e:bb:2e:24:
2d:ec:5c:4e:e9:e1:ee:c8:cc:d1:7b:57:08:98:76:21:96:25:
e4:42:25:0e:62:dc:32:e9:59:4d:01:04:8e:5d:6f:da:7f:f7:
3c:a0:34:d5:34:5d:ae:b4:1b:b5:4c:a8:ad:0c:83:ce:ee:2c:
b2:e2:3b:ef:47:fa:f6:6c:15:81:cb:d6:be:fa:81:0c:a6:90:
b6:86:cc:95:b2:ec:02:01:ae:89:e2:ce:e8:59:75:d7:86:47:
64:04:5a:ec:bd:2c:2f:01:2b:18:58:59:c4:82:d8:f3:a2:02:
07:0e:07:7b:5f:cf:ca:61:34:75:bb:c8:9f:50:2e:0f:06:1e:
e1:5a:26:02:b0:94:d4:43:e8:ea:22:4c:99:26:01:20:93:99:
5c:dc:cc:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjHHt2fKiTJOQ87KVA3PmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YmVkMzNmZjAxZThlMDlkYzRmZWRjZDAxMTM5YzBlNzc4
NTRhYWUwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTU4MjcxODg0OGVkMjRiNDY0YmU0ZDJkZTMxYzdiYjFhYTUxOWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGMQlXenCh0kl4N0SiqiExmuAsuE
1TuwpedvuccpKb1qtwbpdP90eswAGSAdNaxk+OT1Cw9xjoxy9skwmX0n7lfNtRsB
RuRNhccANMLsPBdzmbVacDabjfCEmXR7Y8l4Gt2olLLrmdv518CHqE2q9UifNtNU
d0NQNUB77HnJw7uzlXGtgPrsHut9tPWPXfKpvh3ws6FZrDZJGZdob3bWI12Glio4
kaYidBrxIae1LBRSOeWtFf+tM8lRn+hXBVeo2xj7BOUE2kif7y46lAITeC7p5oQ2
Uyz15w8NRYa+r3XDYXFF78g0/QS26ltgNMuzl+CIdRWdZCon0ERAQxrQlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP5YJxiEjtJLRkvk0t4xx7sapRnHMB8GA1UdIwQY
MBaAFPe+0z/wHo4J3E/tzQETnA53hUquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTc3VFBfQWVqZ25jVC0zTkFST2NEbmVGU3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81YTZkMDEtYTM3NS00ZTExLTg3MWUt
OTllNjE0MWRlN2YxLzEvX2xnbkdJU08wa3RHUy1UUzNqSEh1eHFsR2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81YTZkMDEtYTM3NS00ZTExLTg3MWUtOTllNjE0MWRlN2Yx
LzEvOTc3VFBfQWVqZ25jVC0zTkFST2NEbmVGU3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUZUMA0G
CSqGSIb3DQEBCwUAA4IBAQBhTtCEQtx4ZaPwUZeyh8aStXsVAP0MQ+gb+sIebCbg
faF7W7LH7U2eIkHyJOhpatm0IJnLD8/5/yvIyZkQt21wUiPck/n8xaqa5whE2c9T
CcMLfQofnr27pr8DYiOdDWD7SmEkgHcBHi67LiQt7FxO6eHuyMzRe1cImHYhliXk
QiUOYtwy6VlNAQSOXW/af/c8oDTVNF2utBu1TKitDIPO7iyy4jvvR/r2bBWBy9a+
+oEMppC2hsyVsuwCAa6J4s7oWXXXhkdkBFrsvSwvASsYWFnEgtjzogIHDgd7X8/K
YTR1u8ifUC4PBh7hWiYCsJTUQ+jqIkyZJgEgk5lc3Mz4
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:05:55 2025 by rpki-client