Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/LkJec_DKJKY3truWJ2sI8NcpsVM.roa
File: LkJec_DKJKY3truWJ2sI8NcpsVM.roa (raw, json)
Hash identifier: b6Bvufz+fttjZflFNHVPDFRMwRxNIOBdrZIhpdVt6mI=
Subject key identifier: 2E:42:5E:73:F0:CA:24:A6:37:B6:BB:96:27:6B:08:F0:D7:29:B1:53
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 019425FC43AEE2732DDE3A14D6DCA1E1959E
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/LkJec_DKJKY3truWJ2sI8NcpsVM.roa
Signing time: Thu 02 Jan 2025 07:47:56 +0000
ROA not before: Thu 02 Jan 2025 07:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6720
IP address blocks: 141.203.0.0/16 maxlen: 16
217.149.224.0/20 maxlen: 20
2a00:1ba0:2::/48 maxlen: 48
2a00:1ba0:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:43:ae:e2:73:2d:de:3a:14:d6:dc:a1:e1:95:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Jan 2 07:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e425e73f0ca24a637b6bb96276b08f0d729b153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:02:ae:df:20:3e:41:e3:31:43:29:36:2b:c2:
06:e4:61:8f:db:43:04:d7:f4:1d:8f:d1:8a:a1:a0:
7a:a2:55:00:75:8a:b0:5f:a8:cc:8b:8e:46:ea:c3:
ef:4e:94:17:72:48:8b:2c:24:1c:27:66:8d:f2:98:
e8:b4:90:79:ef:af:1c:a5:1a:a9:3a:f2:2b:03:35:
3c:a4:ec:ab:7f:df:d7:b7:4f:85:84:6e:35:cf:9d:
54:ea:b7:7f:c0:79:fa:36:7f:56:a0:25:4f:8a:37:
61:c8:ec:44:55:94:05:40:74:37:04:e7:a1:2a:89:
76:97:4c:4b:55:02:44:3b:8d:76:aa:33:41:0c:e1:
07:da:e4:bf:3c:fa:b2:95:40:fd:e9:f7:de:a6:87:
47:fa:b7:b1:86:be:c3:4b:22:95:1f:3d:f5:c1:d2:
f0:df:a5:ab:52:8b:ad:45:23:fb:53:cb:88:ff:e9:
ec:93:f8:de:89:35:43:93:5f:a8:3c:1a:75:92:55:
e1:1b:fd:ee:54:a4:0a:aa:a1:e1:08:af:b1:bc:f3:
f1:1e:a2:72:30:4c:32:fe:25:f8:6e:3a:dd:c9:60:
74:9e:a0:4f:e0:3d:38:81:62:ff:65:12:fb:ab:8b:
78:b1:a4:c1:57:44:c9:cc:68:1f:18:fc:d0:c0:a8:
82:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:42:5E:73:F0:CA:24:A6:37:B6:BB:96:27:6B:08:F0:D7:29:B1:53
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/LkJec_DKJKY3truWJ2sI8NcpsVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.203.0.0/16
217.149.224.0/20
IPv6:
2a00:1ba0:2::/47
Signature Algorithm: sha256WithRSAEncryption
08:66:94:5f:8b:9e:17:5b:7f:89:6f:c1:48:91:25:d3:9d:c0:
b8:66:1c:8f:5f:a7:b1:15:13:6c:b1:68:df:1f:4f:9d:04:d1:
89:c7:3b:93:9e:d1:f7:d2:85:2d:08:62:0b:bc:e1:c8:69:c1:
2a:8e:83:6a:ac:4a:85:b0:f2:f1:e3:92:f8:e2:ce:97:f0:37:
08:d6:92:da:39:62:7c:5d:d3:a8:34:17:66:4e:ff:b5:8f:41:
ac:c0:bf:36:e1:41:d1:49:91:42:4e:ed:3c:44:1d:78:47:55:
12:16:23:13:b3:25:53:56:75:cc:a8:ed:da:4b:fd:51:e1:4c:
ab:1b:80:84:cf:3a:bb:54:39:22:55:9c:28:7c:16:68:37:4f:
73:20:8a:05:dc:11:42:ec:80:4c:db:0a:c7:ca:b3:9d:5c:56:
16:75:36:c8:bb:17:67:21:86:71:d3:88:bd:31:75:05:9a:3a:
d6:9a:1a:77:76:0f:7e:92:1a:18:7b:74:7f:c6:ce:ac:1a:ee:
d4:06:2e:65:d5:ed:c5:44:32:a7:86:40:9e:0e:11:4c:4e:1c:
20:aa:71:51:62:56:5e:84:c1:ec:30:3a:c6:e2:4e:2d:86:0d:
cd:c7:bb:6f:30:84:06:26:3c:89:b6:2f:af:97:a2:95:4c:04:
94:03:20:a4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQl/EOu4nMt3joU1tyh4ZWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTNmNjNmMTNhMGM5NTJhMDc5ZjQ1NzhhMTBlZGJmNmUz
YWE1OGIwHhcNMjUwMTAyMDc0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQyNWU3M2YwY2EyNGE2MzdiNmJiOTYyNzZiMDhmMGQ3MjliMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wKu3yA+QeMxQyk2K8IG5GGP20ME
1/Qdj9GKoaB6olUAdYqwX6jMi45G6sPvTpQXckiLLCQcJ2aN8pjotJB5768cpRqp
OvIrAzU8pOyrf9/Xt0+FhG41z51U6rd/wHn6Nn9WoCVPijdhyOxEVZQFQHQ3BOeh
Kol2l0xLVQJEO412qjNBDOEH2uS/PPqylUD96ffepodH+rexhr7DSyKVHz31wdLw
36WrUoutRSP7U8uI/+nsk/jeiTVDk1+oPBp1klXhG/3uVKQKqqHhCK+xvPPxHqJy
MEwy/iX4bjrdyWB0nqBP4D04gWL/ZRL7q4t4saTBV0TJzGgfGPzQwKiCwwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFC5CXnPwyiSmN7a7lidrCPDXKbFTMB8GA1UdIwQY
MBaAFN1T9j8ToMlSoHn0V4oQ7b9uOqWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYt
NWNkZmExMTdhZWM2LzEvTGtKZWNfREtKS1kzdHJ1V0oyc0k4TmNwc1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xYzQ0NGQtMDU4ZC00NzVjLWFiZmYtNWNkZmExMTdhZWM2
LzEvM1ZQMlB4T2d5VktnZWZSWGloRHR2MjQ2cFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDARBAIAATALAwMAjcsDBATZ
leAwDwQCAAIwCQMHASoAG6AAAjANBgkqhkiG9w0BAQsFAAOCAQEACGaUX4ueF1t/
iW/BSJEl053AuGYcj1+nsRUTbLFo3x9PnQTRicc7k57R99KFLQhiC7zhyGnBKo6D
aqxKhbDy8eOS+OLOl/A3CNaS2jlifF3TqDQXZk7/tY9BrMC/NuFB0UmRQk7tPEQd
eEdVEhYjE7MlU1Z1zKjt2kv9UeFMqxuAhM86u1Q5IlWcKHwWaDdPcyCKBdwRQuyA
TNsKx8qznVxWFnU2yLsXZyGGcdOIvTF1BZo61poad3YPfpIaGHt0f8bOrBru1AYu
ZdXtxUQyp4ZAng4RTE4cIKpxUWJWXoTB7DA6xuJOLYYNzce7bzCEBiY8ibYvr5ei
lUwElAMgpA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:37 2025 by rpki-client