Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/luSS0bxsF9FwxrULRPgoOmJz95c.roa
File: luSS0bxsF9FwxrULRPgoOmJz95c.roa (raw, json)
Hash identifier: zNCRGL80Yk8OGGtfpgn62pMNe38Dv6o06F3Sj2KKMvE=
Subject key identifier: 96:E4:92:D1:BC:6C:17:D1:70:C6:B5:0B:44:F8:28:3A:62:73:F7:97
Certificate issuer: /CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Certificate serial: 018974FA96A228B82D01480931A2AED2D0A9
Authority key identifier: B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/luSS0bxsF9FwxrULRPgoOmJz95c.roa
Signing time: Thu 20 Jul 2023 20:25:26 +0000
ROA not before: Thu 20 Jul 2023 20:25:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48435
IP address blocks: 195.42.112.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:74:fa:96:a2:28:b8:2d:01:48:09:31:a2:ae:d2:d0:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b39ecd24f321988deb7c19dca052a4e3c49b60ea
Validity
Not Before: Jul 20 20:25:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96e492d1bc6c17d170c6b50b44f8283a6273f797
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a7:5c:6d:6e:a3:0d:e3:25:35:ef:d8:cf:41:
4c:4c:c2:dc:1b:79:3b:f7:e3:b7:c1:41:e9:6b:ce:
88:5a:04:80:f1:df:f8:f6:c2:94:a4:2e:41:db:44:
db:c2:a8:c2:41:bf:13:a5:1f:b3:a5:74:6c:62:0d:
48:c8:14:fd:13:85:8e:f2:82:33:cb:34:5a:b2:a3:
aa:df:88:89:d5:cf:13:a4:ef:7f:1c:70:ad:ab:de:
78:e6:29:22:29:21:eb:80:2e:29:31:c2:56:85:d6:
83:8e:3b:f6:18:11:25:a3:6d:3d:ba:d2:b9:ea:5e:
8d:ce:9e:9b:ec:9a:de:e1:ed:97:57:ec:b4:6c:81:
58:91:5c:ac:e7:0e:61:de:28:6f:51:4e:95:37:0d:
59:07:8f:89:33:da:d6:e9:0b:ef:23:6d:9d:df:aa:
49:56:b0:50:24:a3:5b:9b:09:03:39:20:17:c5:ee:
ac:bd:53:9b:1d:b3:67:fa:ec:30:4f:d5:94:0e:28:
08:29:fe:4b:cb:74:7a:0b:d1:bb:f2:a6:37:24:67:
3d:75:e6:59:e7:cb:4e:07:a4:07:c9:0f:a1:45:50:
3f:ff:d3:7c:bc:58:6b:27:13:51:0d:47:cb:b2:56:
38:56:7a:ee:ff:c5:37:6d:fe:ef:e4:f0:75:52:47:
75:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E4:92:D1:BC:6C:17:D1:70:C6:B5:0B:44:F8:28:3A:62:73:F7:97
X509v3 Authority Key Identifier:
keyid:B3:9E:CD:24:F3:21:98:8D:EB:7C:19:DC:A0:52:A4:E3:C4:9B:60:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s57NJPMhmI3rfBncoFKk48SbYOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/luSS0bxsF9FwxrULRPgoOmJz95c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e3826d-5ada-4e43-9084-1ba695faef25/1/s57NJPMhmI3rfBncoFKk48SbYOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.112.0/23
Signature Algorithm: sha256WithRSAEncryption
39:24:1f:12:85:ad:1d:92:15:8f:f9:2e:4d:a3:a7:2d:61:08:
89:50:53:ac:fa:22:7a:a1:fc:1c:de:68:77:56:e6:f7:43:ca:
95:60:84:e4:44:90:2c:ba:a1:82:75:5d:4d:3d:74:3c:f1:6e:
02:a7:48:6c:14:ba:da:54:d3:5c:bd:12:50:27:a7:45:e4:de:
87:83:b4:58:cc:27:8c:e1:1a:2c:b1:87:88:8f:c3:06:35:ed:
53:bd:13:af:5f:41:4c:0a:bc:d4:22:4d:b8:e7:25:d9:db:2a:
e9:7a:55:ff:7e:f3:34:e5:d2:b7:6a:d5:28:82:56:ec:9c:2e:
ad:ea:5f:63:2f:2b:53:e6:8f:76:5c:1c:48:bb:1e:0c:a1:21:
49:80:dd:a2:f4:2f:1c:1c:d2:55:03:20:c7:d6:11:c2:c8:96:
03:25:2c:63:b8:b6:2e:d5:3c:cf:21:5e:e2:f2:6a:a8:c5:16:
04:14:39:8e:9d:4e:4f:6c:2c:94:da:4e:00:4e:ae:ee:0c:a9:
79:ab:42:9d:5a:41:1e:f9:d5:c6:7b:35:96:f2:e9:28:2b:85:
42:a5:47:f5:41:53:11:45:07:6c:73:a9:3d:40:c5:ad:36:28:
f8:fe:60:5a:4a:0d:6b:4e:14:11:40:35:a9:c4:1c:d9:fd:32:
b8:a9:6c:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl0+paiKLgtAUgJMaKu0tCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOWVjZDI0ZjMyMTk4OGRlYjdjMTlkY2EwNTJhNGUzYzQ5
YjYwZWEwHhcNMjMwNzIwMjAyNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmU0OTJkMWJjNmMxN2QxNzBjNmI1MGI0NGY4MjgzYTYyNzNmNzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKdcbW6jDeMlNe/Yz0FMTMLcG3k7
9+O3wUHpa86IWgSA8d/49sKUpC5B20TbwqjCQb8TpR+zpXRsYg1IyBT9E4WO8oIz
yzRasqOq34iJ1c8TpO9/HHCtq9545ikiKSHrgC4pMcJWhdaDjjv2GBElo209utK5
6l6Nzp6b7Jre4e2XV+y0bIFYkVys5w5h3ihvUU6VNw1ZB4+JM9rW6QvvI22d36pJ
VrBQJKNbmwkDOSAXxe6svVObHbNn+uwwT9WUDigIKf5Ly3R6C9G78qY3JGc9deZZ
58tOB6QHyQ+hRVA//9N8vFhrJxNRDUfLslY4Vnru/8U3bf7v5PB1Ukd1ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJbkktG8bBfRcMa1C0T4KDpic/eXMB8GA1UdIwQY
MBaAFLOezSTzIZiN63wZ3KBSpOPEm2DqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQt
MWJhNjk1ZmFlZjI1LzEvbHVTUzBieHNGOUZ3eHJVTFJQZ29PbUp6OTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9lMzgyNmQtNWFkYS00ZTQzLTkwODQtMWJhNjk1ZmFlZjI1
LzEvczU3TkpQTWhtSTNyZkJuY29GS2s0OFNiWU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwypwMA0G
CSqGSIb3DQEBCwUAA4IBAQA5JB8Sha0dkhWP+S5No6ctYQiJUFOs+iJ6ofwc3mh3
Vub3Q8qVYITkRJAsuqGCdV1NPXQ88W4Cp0hsFLraVNNcvRJQJ6dF5N6Hg7RYzCeM
4RossYeIj8MGNe1TvROvX0FMCrzUIk245yXZ2yrpelX/fvM05dK3atUoglbsnC6t
6l9jLytT5o92XBxIux4MoSFJgN2i9C8cHNJVAyDH1hHCyJYDJSxjuLYu1TzPIV7i
8mqoxRYEFDmOnU5PbCyU2k4ATq7uDKl5q0KdWkEe+dXGezWW8ukoK4VCpUf1QVMR
RQdsc6k9QMWtNij4/mBaSg1rThQRQDWpxBzZ/TK4qWw/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:48 2025 by rpki-client