Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/lmdWj112UpDUl0YMfe99QFpkU08.roa
File: lmdWj112UpDUl0YMfe99QFpkU08.roa (raw, json)
Hash identifier: 9cGy7MriBqxfTCxDixZtncEZdfRZhLqGhD06Kf2V8OE=
Subject key identifier: 96:67:56:8F:5D:76:52:90:D4:97:46:0C:7D:EF:7D:40:5A:64:53:4F
Certificate issuer: /CN=c0d0495acf9c78b9183bba0c05b8a29974382b14
Certificate serial: 0195A52DFE96FF431C0A0320DC5BE5252C2F
Authority key identifier: C0:D0:49:5A:CF:9C:78:B9:18:3B:BA:0C:05:B8:A2:99:74:38:2B:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/lmdWj112UpDUl0YMfe99QFpkU08.roa
Signing time: Mon 17 Mar 2025 17:36:49 +0000
ROA not before: Mon 17 Mar 2025 17:36:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20860
IP address blocks: 2a04:de40::/42 maxlen: 48
2a04:de40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a5:2d:fe:96:ff:43:1c:0a:03:20:dc:5b:e5:25:2c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0d0495acf9c78b9183bba0c05b8a29974382b14
Validity
Not Before: Mar 17 17:36:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9667568f5d765290d497460c7def7d405a64534f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6b:3d:55:7e:1a:ba:ef:d0:fc:a6:6c:59:8f:
87:8d:fa:8c:10:8e:a7:66:82:9a:b4:2d:7a:b8:4a:
fe:1c:e4:c9:5b:f2:6d:cc:b5:3e:c5:15:b7:68:fb:
dd:1c:08:3f:72:97:3b:cd:ce:07:19:66:72:e3:f6:
ce:0a:58:85:1f:f6:a1:c5:cd:9f:2c:8d:a2:73:d2:
57:48:94:dc:59:15:a1:f0:82:0c:25:bd:67:26:06:
07:cf:44:01:a9:a9:38:27:68:15:cb:ca:bf:5a:a1:
e4:00:f6:50:0a:b0:e2:29:9f:65:93:8d:91:32:f4:
25:c8:33:c3:8a:39:9e:61:a6:89:bb:32:2b:4f:0c:
9d:99:d9:fa:9b:45:a4:03:4b:b9:e7:95:bf:46:bd:
09:1c:bf:99:c0:04:10:6c:bf:e9:95:b2:b6:18:b4:
37:7c:c5:2e:65:6c:89:d2:f4:cd:d0:b5:c8:1e:23:
dd:58:fc:d3:cf:3d:3c:e9:8a:43:fc:12:89:b5:1d:
4b:7a:b6:6c:e9:11:de:56:ea:b7:91:56:a7:61:df:
41:d9:f9:d1:c3:08:45:70:40:bf:14:09:2f:fd:c0:
41:58:16:e6:34:f8:a6:67:3c:84:a0:a2:c0:fd:9d:
e3:18:75:9a:e8:41:77:87:2f:ad:56:ea:d9:1d:5c:
75:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:67:56:8F:5D:76:52:90:D4:97:46:0C:7D:EF:7D:40:5A:64:53:4F
X509v3 Authority Key Identifier:
keyid:C0:D0:49:5A:CF:9C:78:B9:18:3B:BA:0C:05:B8:A2:99:74:38:2B:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/lmdWj112UpDUl0YMfe99QFpkU08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/c65398-a8eb-4d16-9c4e-3584e2ab1f0d/1/wNBJWs-ceLkYO7oMBbiimXQ4KxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:de40::/42
Signature Algorithm: sha256WithRSAEncryption
03:6f:3a:78:d3:6f:98:57:25:a2:a3:23:18:7b:d1:07:4f:80:
fc:38:73:b8:75:ba:a2:70:06:35:38:46:51:ff:b1:15:48:0b:
9b:22:d6:4e:36:c3:ec:3c:5d:86:bc:a6:45:69:43:3c:7e:15:
c1:59:b3:74:64:33:50:d5:28:f1:69:bf:9a:e0:34:ce:a8:89:
3a:9e:00:9f:a4:12:3a:1d:b5:60:c1:6e:58:0c:dd:df:56:ec:
5e:b4:6f:56:ac:57:06:83:58:e6:0d:4e:41:d3:0e:d7:b8:3b:
31:2d:14:7c:cf:d1:a3:96:a1:d7:22:f3:a7:db:9f:16:4a:6c:
8b:c8:65:26:f6:0a:f8:7a:16:3d:17:ef:4d:93:09:1d:2b:3b:
ca:aa:fd:bb:ae:5c:be:cb:52:be:54:08:fc:fb:3b:58:f2:d2:
bc:5d:0a:75:83:38:8e:74:75:73:83:13:43:5a:c6:3a:38:ba:
3f:31:6a:0b:f1:66:14:60:f8:f5:91:97:ff:72:32:33:3d:08:
d7:b4:c6:d1:4c:a2:e2:85:aa:48:d2:78:eb:df:b5:11:12:b0:
1f:44:3b:94:f0:ea:ca:03:88:f7:67:0c:36:bd:cc:d1:f2:38:
18:b5:fe:1b:57:f0:f2:35:c5:9a:4e:9e:58:3f:16:fc:9b:36:
a1:d7:88:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZWlLf6W/0McCgMg3FvlJSwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZDA0OTVhY2Y5Yzc4YjkxODNiYmEwYzA1YjhhMjk5NzQz
ODJiMTQwHhcNMjUwMzE3MTczNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY3NTY4ZjVkNzY1MjkwZDQ5NzQ2MGM3ZGVmN2Q0MDVhNjQ1MzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Gs9VX4auu/Q/KZsWY+HjfqMEI6n
ZoKatC16uEr+HOTJW/JtzLU+xRW3aPvdHAg/cpc7zc4HGWZy4/bOCliFH/ahxc2f
LI2ic9JXSJTcWRWh8IIMJb1nJgYHz0QBqak4J2gVy8q/WqHkAPZQCrDiKZ9lk42R
MvQlyDPDijmeYaaJuzIrTwydmdn6m0WkA0u555W/Rr0JHL+ZwAQQbL/plbK2GLQ3
fMUuZWyJ0vTN0LXIHiPdWPzTzz086YpD/BKJtR1LerZs6RHeVuq3kVanYd9B2fnR
wwhFcEC/FAkv/cBBWBbmNPimZzyEoKLA/Z3jGHWa6EF3hy+tVurZHVx1oQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJZnVo9ddlKQ1JdGDH3vfUBaZFNPMB8GA1UdIwQY
MBaAFMDQSVrPnHi5GDu6DAW4opl0OCsUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd05CSldzLWNlTGtZTzdvTUJiaWltWFE0S3hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jNjUzOTgtYThlYi00ZDE2LTljNGUt
MzU4NGUyYWIxZjBkLzEvbG1kV2oxMTJVcERVbDBZTWZlOTlRRnBrVTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jNjUzOTgtYThlYi00ZDE2LTljNGUtMzU4NGUyYWIxZjBk
LzEvd05CSldzLWNlTGtZTzdvTUJiaWltWFE0S3hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKgTeQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQADbzp402+YVyWioyMYe9EHT4D8OHO4dbqicAY1
OEZR/7EVSAubItZONsPsPF2GvKZFaUM8fhXBWbN0ZDNQ1Sjxab+a4DTOqIk6ngCf
pBI6HbVgwW5YDN3fVuxetG9WrFcGg1jmDU5B0w7XuDsxLRR8z9GjlqHXIvOn258W
SmyLyGUm9gr4ehY9F+9NkwkdKzvKqv27rly+y1K+VAj8+ztY8tK8XQp1gziOdHVz
gxNDWsY6OLo/MWoL8WYUYPj1kZf/cjIzPQjXtMbRTKLihapI0njr37URErAfRDuU
8OrKA4j3Zww2vczR8jgYtf4bV/DyNcWaTp5YPxb8mzah14i5
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:54:42 2025 by rpki-client