Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/69f655-6879-426f-9bfb-3aed4cc7d5b8/1/LQO8Jka9B_Ga8wSNJ-H4GWRMbUM.roa
File: LQO8Jka9B_Ga8wSNJ-H4GWRMbUM.roa (raw, json)
Hash identifier: 9Hoa1JZkYbMn9eEYjrKfJwUHw8DrzeOwQXlGIKyXqwo=
Subject key identifier: 2D:03:BC:26:46:BD:07:F1:9A:F3:04:8D:27:E1:F8:19:64:4C:6D:43
Certificate issuer: /CN=a93da86b4af60e7d29a587d01fcc98b5996c46da
Certificate serial: 01942823AB7F1435159AB1E94729E7188C78
Authority key identifier: A9:3D:A8:6B:4A:F6:0E:7D:29:A5:87:D0:1F:CC:98:B5:99:6C:46:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qT2oa0r2Dn0ppYfQH8yYtZlsRto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/69f655-6879-426f-9bfb-3aed4cc7d5b8/1/LQO8Jka9B_Ga8wSNJ-H4GWRMbUM.roa
Signing time: Thu 02 Jan 2025 17:50:13 +0000
ROA not before: Thu 02 Jan 2025 17:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200436
IP address blocks: 5.42.217.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:ab:7f:14:35:15:9a:b1:e9:47:29:e7:18:8c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a93da86b4af60e7d29a587d01fcc98b5996c46da
Validity
Not Before: Jan 2 17:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d03bc2646bd07f19af3048d27e1f819644c6d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:22:c7:8e:80:36:db:56:16:e3:1e:40:17:60:
27:6b:5e:47:97:14:21:84:ab:03:ef:44:54:c9:66:
25:dc:bd:a4:36:db:ad:6b:ef:e5:4d:88:54:fb:1f:
59:f3:88:ac:fa:08:c0:76:db:59:de:7b:d0:f9:3f:
59:e2:e0:28:3e:e9:4f:c7:1c:f7:98:89:2f:c0:62:
4e:d0:17:14:15:c8:18:27:15:3f:b3:59:a2:28:3d:
a8:2d:54:f3:aa:dd:09:6a:0c:44:c7:b1:5c:ae:16:
30:41:ed:f6:0d:c2:55:05:60:10:a2:36:30:67:8a:
9d:75:8a:1e:2a:b4:1e:91:bc:37:8f:20:9b:78:e0:
f3:3c:39:ae:97:07:12:20:de:42:fa:ab:6f:45:af:
b3:19:0d:a4:16:3e:0c:03:e9:13:14:07:d6:91:b0:
95:cc:93:60:8c:55:4a:26:45:f7:24:9f:da:6c:73:
18:04:fb:62:d2:1c:20:60:42:02:4f:81:1c:66:b0:
1a:21:c1:2d:99:e5:c4:33:dd:43:e9:e9:b2:51:3d:
66:6e:04:0a:eb:a8:37:69:fd:dd:ff:5b:4a:f7:1a:
23:9c:43:cd:45:70:5c:60:ca:af:21:ab:89:c6:7c:
bc:10:7e:76:cd:35:7b:3e:74:17:23:a9:0b:ec:b3:
5c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:03:BC:26:46:BD:07:F1:9A:F3:04:8D:27:E1:F8:19:64:4C:6D:43
X509v3 Authority Key Identifier:
keyid:A9:3D:A8:6B:4A:F6:0E:7D:29:A5:87:D0:1F:CC:98:B5:99:6C:46:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qT2oa0r2Dn0ppYfQH8yYtZlsRto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/69f655-6879-426f-9bfb-3aed4cc7d5b8/1/LQO8Jka9B_Ga8wSNJ-H4GWRMbUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/69f655-6879-426f-9bfb-3aed4cc7d5b8/1/qT2oa0r2Dn0ppYfQH8yYtZlsRto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.217.0/24
Signature Algorithm: sha256WithRSAEncryption
40:23:36:ef:2d:9f:e0:ce:70:19:bf:e0:28:99:32:95:27:df:
14:40:ff:50:cd:98:85:96:78:a9:6f:ed:58:91:f3:f8:f7:82:
28:12:4e:85:11:fe:79:9c:cf:97:5b:7b:73:40:24:66:4e:e9:
72:6d:bf:ed:40:f1:01:06:74:66:50:4b:f6:5f:54:50:88:2f:
7f:c2:7d:e4:ab:b1:07:14:0e:d1:5d:35:7f:e9:ab:09:7e:f3:
32:38:a1:de:18:0b:c7:51:4e:de:46:f6:ff:04:42:b6:50:19:
4d:4f:bc:b1:52:da:57:cb:95:e4:35:f7:13:df:ed:fa:b2:77:
92:71:f3:65:76:ee:85:ce:17:75:13:77:be:2f:dc:05:93:26:
aa:5c:a2:7f:44:1d:26:1f:24:3c:1c:71:23:b6:ec:69:26:03:
60:bf:c7:92:a7:06:58:0e:2a:05:f4:8c:ef:8f:6d:6b:a6:18:
95:17:9c:17:e6:dd:ab:35:d2:18:31:e2:45:f6:bf:cb:16:31:
55:ff:83:85:a3:3d:5f:45:22:bc:50:48:2b:b9:76:f1:01:9e:
77:b2:18:4b:77:d9:cd:4a:7e:22:bd:96:cd:db:66:a6:30:61:
e7:7b:50:66:41:49:fb:56:52:2c:86:f6:1a:09:01:76:96:f2:
a6:9e:c4:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI6t/FDUVmrHpRynnGIx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5M2RhODZiNGFmNjBlN2QyOWE1ODdkMDFmY2M5OGI1OTk2
YzQ2ZGEwHhcNMjUwMTAyMTc1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDAzYmMyNjQ2YmQwN2YxOWFmMzA0OGQyN2UxZjgxOTY0NGM2ZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8iLHjoA221YW4x5AF2Ana15HlxQh
hKsD70RUyWYl3L2kNtuta+/lTYhU+x9Z84is+gjAdttZ3nvQ+T9Z4uAoPulPxxz3
mIkvwGJO0BcUFcgYJxU/s1miKD2oLVTzqt0JagxEx7FcrhYwQe32DcJVBWAQojYw
Z4qddYoeKrQekbw3jyCbeODzPDmulwcSIN5C+qtvRa+zGQ2kFj4MA+kTFAfWkbCV
zJNgjFVKJkX3JJ/abHMYBPti0hwgYEICT4EcZrAaIcEtmeXEM91D6emyUT1mbgQK
66g3af3d/1tK9xojnEPNRXBcYMqvIauJxny8EH52zTV7PnQXI6kL7LNckwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0DvCZGvQfxmvMEjSfh+BlkTG1DMB8GA1UdIwQY
MBaAFKk9qGtK9g59KaWH0B/MmLWZbEbaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVQyb2EwcjJEbjBwcFlmUUg4eVl0WmxzUnRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi82OWY2NTUtNjg3OS00MjZmLTliZmIt
M2FlZDRjYzdkNWI4LzEvTFFPOEprYTlCX0dhOHdTTkotSDRHV1JNYlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi82OWY2NTUtNjg3OS00MjZmLTliZmItM2FlZDRjYzdkNWI4
LzEvcVQyb2EwcjJEbjBwcFlmUUg4eVl0WmxzUnRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrZMA0G
CSqGSIb3DQEBCwUAA4IBAQBAIzbvLZ/gznAZv+AomTKVJ98UQP9QzZiFlnipb+1Y
kfP494IoEk6FEf55nM+XW3tzQCRmTulybb/tQPEBBnRmUEv2X1RQiC9/wn3kq7EH
FA7RXTV/6asJfvMyOKHeGAvHUU7eRvb/BEK2UBlNT7yxUtpXy5XkNfcT3+36sneS
cfNldu6Fzhd1E3e+L9wFkyaqXKJ/RB0mHyQ8HHEjtuxpJgNgv8eSpwZYDioF9Izv
j21rphiVF5wX5t2rNdIYMeJF9r/LFjFV/4OFoz1fRSK8UEgruXbxAZ53shhLd9nN
Sn4ivZbN22amMGHne1BmQUn7VlIshvYaCQF2lvKmnsRt
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:30:46 2025 by rpki-client