Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/LZJCOwn77DXpbJDvlAzekT5apRA.roa
File: LZJCOwn77DXpbJDvlAzekT5apRA.roa (raw, json)
Hash identifier: +t4lT4iOzMOF8krgl8HnKOnttpxuNQB9BJNqFL0yj/0=
Subject key identifier: 2D:92:42:3B:09:FB:EC:35:E9:6C:90:EF:94:0C:DE:91:3E:5A:A5:10
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 019427B6540CC4D9C6972ED2DF8DEB00EFCD
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/LZJCOwn77DXpbJDvlAzekT5apRA.roa
Signing time: Thu 02 Jan 2025 15:50:47 +0000
ROA not before: Thu 02 Jan 2025 15:50:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397521
IP address blocks: 2a01:488:bb1c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:54:0c:c4:d9:c6:97:2e:d2:df:8d:eb:00:ef:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 15:50:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2d92423b09fbec35e96c90ef940cde913e5aa510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9e:1d:44:ad:23:50:fa:e8:f0:8e:eb:48:5d:
5f:6e:e6:3d:80:f1:e3:24:44:e8:55:b0:69:1c:8b:
05:43:f1:48:1f:0e:3f:e5:0d:39:2b:57:5d:01:89:
94:ea:bf:38:bd:81:e8:93:2c:d3:c2:66:75:b8:08:
32:56:89:1d:6f:6e:7d:df:7d:ae:aa:a8:c4:89:f2:
a9:8b:8f:f7:05:e7:03:86:de:4c:e0:ac:1f:5d:de:
9d:ef:24:78:e3:cf:c8:48:c3:25:a1:14:b8:32:5b:
db:e3:32:16:85:86:0b:f7:2c:4c:b1:80:27:80:c3:
fc:7d:4f:f2:1d:85:ff:26:ab:7b:a2:e4:d9:27:79:
17:dd:11:a7:d2:37:27:48:75:b8:94:f8:98:8c:06:
2a:3d:2b:43:93:79:d0:a4:a1:d8:0a:b9:c1:e3:61:
b9:2c:28:2e:84:f4:a5:26:95:95:cf:97:c4:a9:ee:
4a:f7:16:ff:c4:e5:58:ca:c8:75:6f:96:d6:fe:16:
4b:a0:e6:53:d9:63:6d:91:d7:b4:ff:64:20:83:b6:
0d:d3:e2:07:45:9e:eb:1e:c5:52:e0:34:07:f3:c5:
e5:2b:5e:d5:6e:c3:1c:de:04:42:1d:c9:17:9a:0a:
d0:4d:e4:18:d5:44:4a:a6:50:3a:4d:7b:61:c2:9e:
97:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:92:42:3B:09:FB:EC:35:E9:6C:90:EF:94:0C:DE:91:3E:5A:A5:10
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/LZJCOwn77DXpbJDvlAzekT5apRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb1c::/48
Signature Algorithm: sha256WithRSAEncryption
b8:da:c2:15:22:95:b0:e7:b4:f3:d6:1e:0e:7b:33:c3:59:cd:
c0:12:3a:7b:0a:05:3b:52:04:b5:41:ce:a3:3e:64:c6:dc:ec:
eb:62:53:7c:06:8a:51:76:f4:b0:18:81:73:af:a3:7f:c8:05:
5b:c4:50:54:42:bc:94:fb:03:09:b9:d6:90:31:c0:c5:aa:de:
62:e6:97:b4:78:a2:1b:cb:56:0b:43:ba:0b:f5:e3:0c:3c:c5:
a6:1e:11:ae:8b:eb:5a:40:36:b2:c5:3c:86:64:a2:c2:bf:94:
5c:ca:d6:96:e7:8d:8b:2f:b3:28:ca:58:40:7f:9a:e6:88:93:
97:21:f3:b7:49:27:58:73:cf:8f:73:58:71:df:95:1d:e8:b9:
30:b4:6a:41:c9:e8:a2:7b:c1:1b:3f:1f:f8:f4:a2:b7:5d:e3:
33:04:5b:f8:0b:cb:f2:39:69:be:92:92:de:b6:42:e8:48:7f:
0b:5a:3a:09:5a:4b:2a:9b:80:60:d8:11:69:47:e4:29:72:ab:
61:12:77:23:70:2e:64:95:90:56:2b:59:65:d1:28:68:61:06:
78:fa:74:07:c9:4c:d8:c2:88:dd:f2:c4:3c:ed:a8:66:22:a6:
8d:7e:44:1d:da:d1:e3:03:9e:a4:22:77:0e:92:0b:e8:b6:34:
d4:d0:23:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntlQMxNnGly7S343rAO/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjUwMTAyMTU1MDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDkyNDIzYjA5ZmJlYzM1ZTk2YzkwZWY5NDBjZGU5MTNlNWFhNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ4dRK0jUPro8I7rSF1fbuY9gPHj
JEToVbBpHIsFQ/FIHw4/5Q05K1ddAYmU6r84vYHokyzTwmZ1uAgyVokdb259332u
qqjEifKpi4/3BecDht5M4KwfXd6d7yR448/ISMMloRS4Mlvb4zIWhYYL9yxMsYAn
gMP8fU/yHYX/Jqt7ouTZJ3kX3RGn0jcnSHW4lPiYjAYqPStDk3nQpKHYCrnB42G5
LCguhPSlJpWVz5fEqe5K9xb/xOVYysh1b5bW/hZLoOZT2WNtkde0/2Qgg7YN0+IH
RZ7rHsVS4DQH88XlK17VbsMc3gRCHckXmgrQTeQY1URKplA6TXthwp6XawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC2SQjsJ++w16WyQ75QM3pE+WqUQMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvTFpKQ093bjc3RFhwYkpEdmxBemVrVDVhcFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsc
MA0GCSqGSIb3DQEBCwUAA4IBAQC42sIVIpWw57Tz1h4OezPDWc3AEjp7CgU7UgS1
Qc6jPmTG3OzrYlN8BopRdvSwGIFzr6N/yAVbxFBUQryU+wMJudaQMcDFqt5i5pe0
eKIby1YLQ7oL9eMMPMWmHhGui+taQDayxTyGZKLCv5RcytaW542LL7MoylhAf5rm
iJOXIfO3SSdYc8+Pc1hx35Ud6LkwtGpByeiie8EbPx/49KK3XeMzBFv4C8vyOWm+
kpLetkLoSH8LWjoJWksqm4Bg2BFpR+QpcqthEncjcC5klZBWK1ll0ShoYQZ4+nQH
yUzYwojd8sQ87ahmIqaNfkQd2tHjA56kIncOkgvotjTU0CPK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:41 2025 by rpki-client