Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/1c2a4a-0b62-4df3-99a3-54ec3e27129a/1/LX0teJV7lVYGlEE6RY8MQMXcse4.roa
File: LX0teJV7lVYGlEE6RY8MQMXcse4.roa (raw, json)
Hash identifier: G8Uy8s6ucxbQergSbQ2vXHR2W8q0FgGh1XlIrNWbzwM=
Subject key identifier: 2D:7D:2D:78:95:7B:95:56:06:94:41:3A:45:8F:0C:40:C5:DC:B1:EE
Certificate issuer: /CN=543b0e6e50655043357a552d4b6c2b302de597f0
Certificate serial: 01856DE64238044319BACEF89A0B64EE8001
Authority key identifier: 54:3B:0E:6E:50:65:50:43:35:7A:55:2D:4B:6C:2B:30:2D:E5:97:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VDsOblBlUEM1elUtS2wrMC3ll_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/1c2a4a-0b62-4df3-99a3-54ec3e27129a/1/LX0teJV7lVYGlEE6RY8MQMXcse4.roa
Signing time: Sun 01 Jan 2023 15:14:44 +0000
ROA not before: Sun 01 Jan 2023 15:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211114
IP address blocks: 193.3.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:42:38:04:43:19:ba:ce:f8:9a:0b:64:ee:80:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543b0e6e50655043357a552d4b6c2b302de597f0
Validity
Not Before: Jan 1 15:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d7d2d78957b95560694413a458f0c40c5dcb1ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c1:cc:39:a4:13:93:7c:ec:16:28:54:90:97:
5b:75:40:79:f7:ee:3e:c7:c3:b7:f6:8e:77:d4:1a:
84:cd:e3:c6:ca:71:a0:a1:65:2c:60:23:9c:97:66:
d3:29:17:eb:fa:47:92:f2:af:d5:af:19:f5:fc:46:
ec:58:35:a2:de:8a:9e:b2:92:f2:82:37:17:6b:78:
70:e1:60:a1:73:bf:a6:92:59:45:ae:b4:12:11:e2:
ad:bb:61:14:b0:0d:45:b0:80:d1:e3:48:43:91:5f:
65:c3:1d:f2:d7:c1:d9:fc:5a:e7:4d:3e:8f:b9:c8:
24:12:02:a4:4b:6b:2c:93:6e:8c:76:77:86:06:a3:
d1:8b:d6:f5:e0:35:64:df:e0:fa:63:d0:05:03:81:
60:1a:7a:46:0c:f6:d3:b3:b7:a0:08:d1:3b:db:40:
c2:69:bc:28:6b:dc:52:71:bc:a5:ec:4c:3d:0c:5f:
fb:d0:fd:f8:00:b2:ee:b2:a0:35:93:e2:8b:b8:5c:
1b:a1:56:7f:b6:21:6d:c3:72:c2:63:1f:70:06:50:
78:1d:16:e5:3d:64:e6:b2:f9:4c:9c:85:82:84:df:
06:07:1e:0f:78:b4:27:56:c4:5a:34:46:d3:64:78:
10:11:ae:34:41:b4:50:54:bf:ac:1e:9f:a5:36:c4:
a5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7D:2D:78:95:7B:95:56:06:94:41:3A:45:8F:0C:40:C5:DC:B1:EE
X509v3 Authority Key Identifier:
keyid:54:3B:0E:6E:50:65:50:43:35:7A:55:2D:4B:6C:2B:30:2D:E5:97:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VDsOblBlUEM1elUtS2wrMC3ll_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/1c2a4a-0b62-4df3-99a3-54ec3e27129a/1/LX0teJV7lVYGlEE6RY8MQMXcse4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/1c2a4a-0b62-4df3-99a3-54ec3e27129a/1/VDsOblBlUEM1elUtS2wrMC3ll_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.167.0/24
Signature Algorithm: sha256WithRSAEncryption
30:f4:d0:aa:5d:16:91:28:97:e8:f8:a5:77:51:ca:be:20:b6:
50:83:5a:5c:28:1f:da:bb:b3:e0:ac:57:58:20:f5:5f:53:b0:
9a:25:f5:42:3a:fa:e3:39:2b:fc:31:b4:cd:a5:e6:88:9f:dd:
b3:d6:8f:4e:c5:44:16:70:1f:ac:f0:f1:04:0a:5e:27:78:ae:
d1:b5:5a:56:d3:88:0f:2c:3a:a7:81:4f:31:fb:20:5a:45:b0:
51:e6:80:d2:50:c3:73:b7:84:54:90:b6:c4:22:b9:38:0d:aa:
24:a9:d3:9c:7e:9a:fd:1f:94:10:02:7c:e8:5f:a5:b1:19:27:
71:b9:82:86:fb:09:a5:06:90:00:b0:28:95:10:b5:81:13:87:
10:2e:e2:73:ad:a9:0d:74:ee:43:ba:e5:ba:45:d3:10:ab:08:
75:cd:60:f2:7a:f5:c6:e1:d1:93:de:44:59:cd:b8:87:11:2e:
3c:db:48:9b:db:2d:a8:9f:34:a9:22:2e:94:bf:0b:57:9a:0c:
01:57:13:c0:0b:55:cd:28:17:3e:2d:38:e0:6a:14:e4:93:c2:
12:a0:12:4a:e5:de:67:02:01:4f:02:f0:a9:8d:d3:da:e2:d8:
44:66:85:73:d7:ce:a2:a7:17:15:b7:5d:02:b0:eb:a3:bc:d1:
f5:70:8d:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5kI4BEMZus74mgtk7oABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0M2IwZTZlNTA2NTUwNDMzNTdhNTUyZDRiNmMyYjMwMmRl
NTk3ZjAwHhcNMjMwMTAxMTUxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDdkMmQ3ODk1N2I5NTU2MDY5NDQxM2E0NThmMGM0MGM1ZGNiMWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsHMOaQTk3zsFihUkJdbdUB59+4+
x8O39o531BqEzePGynGgoWUsYCOcl2bTKRfr+keS8q/Vrxn1/EbsWDWi3oqespLy
gjcXa3hw4WChc7+mkllFrrQSEeKtu2EUsA1FsIDR40hDkV9lwx3y18HZ/FrnTT6P
ucgkEgKkS2ssk26MdneGBqPRi9b14DVk3+D6Y9AFA4FgGnpGDPbTs7egCNE720DC
abwoa9xScbyl7Ew9DF/70P34ALLusqA1k+KLuFwboVZ/tiFtw3LCYx9wBlB4HRbl
PWTmsvlMnIWChN8GBx4PeLQnVsRaNEbTZHgQEa40QbRQVL+sHp+lNsSlAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC19LXiVe5VWBpRBOkWPDEDF3LHuMB8GA1UdIwQY
MBaAFFQ7Dm5QZVBDNXpVLUtsKzAt5ZfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkRzT2JsQmxVRU0xZWxVdFMyd3JNQzNsbF9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8xYzJhNGEtMGI2Mi00ZGYzLTk5YTMt
NTRlYzNlMjcxMjlhLzEvTFgwdGVKVjdsVllHbEVFNlJZOE1RTVhjc2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8xYzJhNGEtMGI2Mi00ZGYzLTk5YTMtNTRlYzNlMjcxMjlh
LzEvVkRzT2JsQmxVRU0xZWxVdFMyd3JNQzNsbF9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQOnMA0G
CSqGSIb3DQEBCwUAA4IBAQAw9NCqXRaRKJfo+KV3Ucq+ILZQg1pcKB/au7PgrFdY
IPVfU7CaJfVCOvrjOSv8MbTNpeaIn92z1o9OxUQWcB+s8PEECl4neK7RtVpW04gP
LDqngU8x+yBaRbBR5oDSUMNzt4RUkLbEIrk4DaokqdOcfpr9H5QQAnzoX6WxGSdx
uYKG+wmlBpAAsCiVELWBE4cQLuJzrakNdO5DuuW6RdMQqwh1zWDyevXG4dGT3kRZ
zbiHES4820ib2y2onzSpIi6UvwtXmgwBVxPAC1XNKBc+LTjgahTkk8ISoBJK5d5n
AgFPAvCpjdPa4thEZoVz186ipxcVt10CsOujvNH1cI21
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:26 2025 by rpki-client