Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/lY-AE8OTKO6pP2qywPf3kiTUj4k.roa
File: lY-AE8OTKO6pP2qywPf3kiTUj4k.roa (raw, json)
Hash identifier: gSnKTDpzHlhTg1qR58+PX8u8xxOm4mdPyoZs5A87WV4=
Subject key identifier: 95:8F:80:13:C3:93:28:EE:A9:3F:6A:B2:C0:F7:F7:92:24:D4:8F:89
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 019425FCB754AD0578C49799252D9DE1DCCD
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/lY-AE8OTKO6pP2qywPf3kiTUj4k.roa
Signing time: Thu 02 Jan 2025 07:48:26 +0000
ROA not before: Thu 02 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204021
IP address blocks: 213.189.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:b7:54:ad:05:78:c4:97:99:25:2d:9d:e1:dc:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=958f8013c39328eea93f6ab2c0f7f79224d48f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0c:54:4c:9b:e5:43:ef:56:eb:53:e3:93:49:
49:01:69:3d:70:70:c7:42:52:4c:d5:21:4c:b8:0c:
b5:bc:4d:a9:83:69:53:f8:b9:d9:e7:25:00:11:fd:
99:46:8a:fc:a3:34:92:55:84:c5:a3:40:4c:51:2f:
1a:8a:c7:f1:54:db:d3:a6:05:27:98:d4:3a:86:de:
74:02:1d:54:d0:06:6d:9f:d3:03:ac:29:34:02:0f:
4b:a3:cd:e5:43:74:8b:0a:1c:60:c9:d5:38:80:e7:
75:6c:b3:f9:f4:c9:e5:95:e8:a4:fd:75:74:44:04:
95:8f:5d:49:83:90:b5:62:f1:4d:f7:5d:66:f9:cf:
5d:ff:e1:ee:2f:1e:25:85:db:9e:87:8c:ad:ff:f6:
eb:93:fe:31:8b:b6:31:38:95:8b:e8:a0:b0:fe:80:
6a:a0:67:ea:a7:bb:7e:e6:e1:aa:12:f4:ad:68:1a:
b9:af:c7:d7:18:05:ca:a9:28:2d:a3:2c:b2:fa:78:
4c:88:f7:39:a7:a9:ea:51:93:17:4b:1b:ee:c6:0f:
c7:10:11:30:cb:57:76:a8:81:94:19:05:60:aa:4f:
da:0f:81:1e:7e:2b:f9:52:e0:06:b8:47:e4:38:c1:
98:95:89:7c:80:a1:f6:2f:18:01:46:f8:f2:28:70:
fe:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8F:80:13:C3:93:28:EE:A9:3F:6A:B2:C0:F7:F7:92:24:D4:8F:89
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/lY-AE8OTKO6pP2qywPf3kiTUj4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.189.49.0/24
Signature Algorithm: sha256WithRSAEncryption
71:b3:c9:ab:62:57:fb:16:28:09:30:92:6d:b7:57:3a:1d:b3:
9d:3d:b5:fb:7c:39:89:46:ff:f9:f5:07:59:38:39:69:2e:00:
51:b7:d8:28:86:9e:f1:6c:b5:be:b3:26:49:74:cd:f5:ca:5e:
ee:48:cb:f8:3f:ea:c9:ea:91:b0:19:fb:31:8f:ef:64:df:f5:
1e:b6:f4:54:a6:c3:ba:fc:fb:1b:0a:0b:3d:72:8b:b9:11:a2:
38:22:93:ac:b2:bf:74:ce:26:c3:e9:4d:fc:36:1a:7f:1c:e4:
fc:2e:51:bc:3a:a4:4f:73:39:05:54:45:86:50:4c:ed:2f:a3:
1e:3c:af:53:71:d4:f3:54:28:58:92:20:25:43:a8:9a:17:c9:
fe:2d:66:9d:ee:6a:3f:5f:1a:1c:e9:10:27:7a:1f:22:69:87:
14:51:bd:a0:70:da:b6:8c:c2:aa:71:7c:2d:de:55:b4:8b:49:
a1:57:9c:a8:b7:4b:b2:75:54:41:8e:5d:7c:c2:9a:2d:9e:c2:
ce:0b:77:07:53:33:48:a1:51:b9:0f:42:3c:c1:07:83:3b:64:
52:ab:56:ef:0e:06:15:f3:58:72:43:4c:fc:14:b5:18:d3:42:
3b:2c:5c:fb:d6:8f:65:a0:1b:95:65:5f:c1:09:e7:49:82:49:
3b:2d:4a:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/LdUrQV4xJeZJS2d4dzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjUwMTAyMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NThmODAxM2MzOTMyOGVlYTkzZjZhYjJjMGY3Zjc5MjI0ZDQ4Zjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywxUTJvlQ+9W61Pjk0lJAWk9cHDH
QlJM1SFMuAy1vE2pg2lT+LnZ5yUAEf2ZRor8ozSSVYTFo0BMUS8aisfxVNvTpgUn
mNQ6ht50Ah1U0AZtn9MDrCk0Ag9Lo83lQ3SLChxgydU4gOd1bLP59Mnlleik/XV0
RASVj11Jg5C1YvFN911m+c9d/+HuLx4lhdueh4yt//brk/4xi7YxOJWL6KCw/oBq
oGfqp7t+5uGqEvStaBq5r8fXGAXKqSgtoyyy+nhMiPc5p6nqUZMXSxvuxg/HEBEw
y1d2qIGUGQVgqk/aD4Eefiv5UuAGuEfkOMGYlYl8gKH2LxgBRvjyKHD+JwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWPgBPDkyjuqT9qssD395Ik1I+JMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvbFktQUU4T1RLTzZwUDJxeXdQZjNraVRVajRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1b0xMA0G
CSqGSIb3DQEBCwUAA4IBAQBxs8mrYlf7FigJMJJtt1c6HbOdPbX7fDmJRv/59QdZ
ODlpLgBRt9gohp7xbLW+syZJdM31yl7uSMv4P+rJ6pGwGfsxj+9k3/UetvRUpsO6
/PsbCgs9cou5EaI4IpOssr90zibD6U38Nhp/HOT8LlG8OqRPczkFVEWGUEztL6Me
PK9TcdTzVChYkiAlQ6iaF8n+LWad7mo/Xxoc6RAneh8iaYcUUb2gcNq2jMKqcXwt
3lW0i0mhV5yot0uydVRBjl18wpotnsLOC3cHUzNIoVG5D0I8wQeDO2RSq1bvDgYV
81hyQ0z8FLUY00I7LFz71o9loBuVZV/BCedJgkk7LUoK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:57 2025 by rpki-client