Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Lgca9Ul0lgllQumxzvPxXCRMEco.roa
File: Lgca9Ul0lgllQumxzvPxXCRMEco.roa (raw, json)
Hash identifier: 3UPgwnadjcyr7ShQiBsa/uHJBVgWljSDUWK8iJY3iOw=
Subject key identifier: 2E:07:1A:F5:49:74:96:09:65:42:E9:B1:CE:F3:F1:5C:24:4C:11:CA
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0191DFFFCBE9ADDE30D960A2460CF3710771
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Lgca9Ul0lgllQumxzvPxXCRMEco.roa
Signing time: Wed 11 Sep 2024 07:32:48 +0000
ROA not before: Wed 11 Sep 2024 07:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 94.74.152.0/22 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:df:ff:cb:e9:ad:de:30:d9:60:a2:46:0c:f3:71:07:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 11 07:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e071af5497496096542e9b1cef3f15c244c11ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:52:a5:4f:20:dd:dc:5e:25:cd:23:e8:83:9f:
97:30:8a:8f:9b:f4:fe:55:15:48:92:aa:2e:21:cc:
13:3b:30:0d:9f:5e:a3:8a:ef:2c:b4:5d:df:74:93:
3a:61:26:91:a7:f6:51:0d:f6:33:c5:a1:aa:3b:1c:
09:9a:e0:85:f8:b2:1c:61:87:16:81:d5:20:1d:24:
8b:24:eb:17:cf:bf:15:ed:47:d5:b7:1e:25:18:4b:
3f:35:3d:2f:37:48:bf:7d:cf:a2:30:d2:87:1c:0a:
6d:99:8e:c4:53:af:61:18:13:ca:72:45:45:c9:65:
26:ab:75:8a:b4:9d:52:de:0a:d9:ea:9f:85:3e:05:
a3:02:da:c5:6a:03:a2:ee:c8:fa:fb:aa:12:dc:7a:
a7:7b:9f:29:03:82:16:e1:5c:77:71:81:5c:87:1f:
1c:20:a1:1e:04:4e:a0:b1:0d:64:5f:a3:f4:56:b9:
7d:24:54:df:b4:ba:c1:6d:87:ac:e5:b8:1d:0d:c7:
b0:a1:cd:f2:93:8a:2d:0a:06:97:6c:59:4a:91:a0:
2a:3a:ac:c6:12:e0:28:67:56:0b:24:8d:3e:29:16:
9b:ba:35:0d:7c:84:15:83:56:7f:89:aa:4c:ea:28:
33:1c:c0:be:1c:a0:3c:a1:9b:cf:7e:a3:60:67:35:
5e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:07:1A:F5:49:74:96:09:65:42:E9:B1:CE:F3:F1:5C:24:4C:11:CA
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Lgca9Ul0lgllQumxzvPxXCRMEco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.152.0/22
109.203.176.0/20
Signature Algorithm: sha256WithRSAEncryption
72:1d:96:3b:f6:0d:e2:03:0d:b0:f5:b7:ab:96:09:91:a9:8b:
b2:e8:8b:a7:95:89:0e:6c:f8:6e:20:2a:d8:91:31:07:e9:fe:
e1:2c:5b:4f:9a:14:b7:3d:d8:02:a3:61:26:e1:79:24:a4:89:
8e:b4:07:9a:c5:86:0b:f2:e4:96:54:ac:f2:b9:e4:44:95:7b:
22:89:41:46:e0:c5:4a:b7:b4:8f:49:0a:b1:20:c4:5d:ba:4f:
e6:6c:74:2e:fd:ab:e3:6b:59:34:6c:e2:12:6c:6d:92:84:ea:
fe:bc:31:49:bc:4e:e4:ee:16:10:d8:85:6e:23:b1:66:3f:fa:
84:16:62:ea:bc:81:eb:48:04:8c:9e:5e:fc:36:4d:78:e2:02:
00:f4:6c:e3:78:32:97:a2:e0:7e:a5:ab:c8:c8:a9:df:86:65:
ec:82:d3:01:31:25:fa:53:a9:f3:70:6c:a7:33:c7:5b:11:28:
b9:9a:e8:dd:c7:fb:25:35:18:31:8b:ea:46:90:44:7f:07:19:
24:49:3f:23:d1:d6:46:64:69:1b:c8:8a:ec:31:7f:d5:49:d7:
8d:06:9c:5f:5d:df:e1:64:6e:4b:d5:af:b2:5b:17:b3:08:2a:
c3:3a:c1:4e:ef:96:29:b0:8e:de:87:9f:51:8d:9d:b2:93:c8:
5d:b9:28:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHf/8vprd4w2WCiRgzzcQdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwOTExMDczMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTA3MWFmNTQ5NzQ5NjA5NjU0MmU5YjFjZWYzZjE1YzI0NGMxMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VKlTyDd3F4lzSPog5+XMIqPm/T+
VRVIkqouIcwTOzANn16jiu8stF3fdJM6YSaRp/ZRDfYzxaGqOxwJmuCF+LIcYYcW
gdUgHSSLJOsXz78V7UfVtx4lGEs/NT0vN0i/fc+iMNKHHAptmY7EU69hGBPKckVF
yWUmq3WKtJ1S3grZ6p+FPgWjAtrFagOi7sj6+6oS3Hqne58pA4IW4Vx3cYFchx8c
IKEeBE6gsQ1kX6P0Vrl9JFTftLrBbYes5bgdDcewoc3yk4otCgaXbFlKkaAqOqzG
EuAoZ1YLJI0+KRabujUNfIQVg1Z/iapM6igzHMC+HKA8oZvPfqNgZzVerwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC4HGvVJdJYJZULpsc7z8VwkTBHKMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvTGdjYTlVbDBsZ2xsUXVteHp2UHhYQ1JNRWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXkqYAwQE
bcuwMA0GCSqGSIb3DQEBCwUAA4IBAQByHZY79g3iAw2w9berlgmRqYuy6IunlYkO
bPhuICrYkTEH6f7hLFtPmhS3PdgCo2Em4XkkpImOtAeaxYYL8uSWVKzyueRElXsi
iUFG4MVKt7SPSQqxIMRduk/mbHQu/avja1k0bOISbG2ShOr+vDFJvE7k7hYQ2IVu
I7FmP/qEFmLqvIHrSASMnl78Nk144gIA9GzjeDKXouB+pavIyKnfhmXsgtMBMSX6
U6nzcGynM8dbESi5mujdx/slNRgxi+pGkER/BxkkST8j0dZGZGkbyIrsMX/VSdeN
BpxfXd/hZG5L1a+yWxezCCrDOsFO75YpsI7eh59RjZ2yk8hduSh+
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:55:55 2025 by rpki-client