Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/lgF43fdkSQhjoq7F4L0D_5SMoKU.roa
File: lgF43fdkSQhjoq7F4L0D_5SMoKU.roa (raw, json)
Hash identifier: utf8uUnh1JJQ+Kfm2IFduWGdAkch+U6g4AjcWzci7/s=
Subject key identifier: 96:01:78:DD:F7:64:49:08:63:A2:AE:C5:E0:BD:03:FF:94:8C:A0:A5
Certificate issuer: /CN=7c3c39d1899e699bf5177418ee381489edff4380
Certificate serial: 0194228DB90B52BBBCB391541DC226144D2F
Authority key identifier: 7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/lgF43fdkSQhjoq7F4L0D_5SMoKU.roa
Signing time: Wed 01 Jan 2025 15:48:20 +0000
ROA not before: Wed 01 Jan 2025 15:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.18.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:b9:0b:52:bb:bc:b3:91:54:1d:c2:26:14:4d:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3c39d1899e699bf5177418ee381489edff4380
Validity
Not Before: Jan 1 15:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=960178ddf764490863a2aec5e0bd03ff948ca0a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2d:df:e5:fc:d6:69:bd:8b:f5:ae:1a:44:65:
66:96:84:cf:32:8c:bf:e4:b8:24:75:62:4a:23:0a:
da:ec:68:28:fe:d5:d5:e2:08:fe:de:fe:72:20:2a:
47:79:a4:f6:10:17:32:a8:ac:80:1b:94:4d:7f:51:
a1:6e:f9:cc:6e:81:49:a1:97:d8:e2:ff:ad:33:fa:
2b:29:1b:a2:ac:29:94:21:f9:d5:fb:c0:8f:49:ae:
e6:dd:2f:30:6b:c0:2a:d7:26:b9:04:10:e7:28:e4:
95:2f:1d:a8:9a:1e:f7:91:85:3d:87:2c:ab:b7:98:
17:3a:f5:16:a7:ef:7a:49:a3:9a:e3:bc:15:de:06:
09:43:97:2b:92:80:34:05:35:7e:19:c3:a1:37:56:
74:96:a4:28:d6:2f:d1:ab:42:7f:1b:3c:5b:a0:bc:
c5:8e:a1:43:af:f3:e2:ea:1a:01:5f:e6:06:69:cb:
7a:95:67:64:d5:cb:f0:7e:e7:8b:a0:1f:70:4d:ce:
d1:61:78:91:5b:2e:a4:0f:43:59:a9:68:a6:b1:e1:
bc:78:b2:5b:16:e1:41:3c:bb:05:83:b3:c9:e9:7a:
4c:c8:6a:17:71:9b:9f:31:55:48:68:11:16:45:19:
aa:3c:71:b2:07:d9:c0:70:f3:13:a1:49:67:d3:6d:
b4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:01:78:DD:F7:64:49:08:63:A2:AE:C5:E0:BD:03:FF:94:8C:A0:A5
X509v3 Authority Key Identifier:
keyid:7C:3C:39:D1:89:9E:69:9B:F5:17:74:18:EE:38:14:89:ED:FF:43:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDw50YmeaZv1F3QY7jgUie3_Q4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/lgF43fdkSQhjoq7F4L0D_5SMoKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/c800c9-51b5-4589-9260-063fcdd3a057/1/fDw50YmeaZv1F3QY7jgUie3_Q4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.123.0/24
Signature Algorithm: sha256WithRSAEncryption
27:c8:14:e9:1b:e4:27:28:e8:ae:07:f5:ad:30:58:5d:e1:3f:
35:a0:ad:ab:05:dc:6d:f8:a8:72:2e:32:32:aa:1e:71:76:c7:
b5:02:f2:9a:9b:bb:82:61:c4:f0:87:3f:cb:30:a9:1e:ef:bf:
d0:fa:bc:6e:b7:ff:72:a2:25:ac:e0:3f:2a:67:fe:b7:14:96:
4a:a6:04:6e:a2:c0:00:5f:a2:24:7e:b5:80:6c:39:77:42:58:
f3:f2:fc:30:80:c4:da:29:78:c7:74:df:57:5a:c1:ac:91:2e:
a4:bf:5a:ab:aa:eb:1b:55:50:0a:92:d0:eb:f7:6b:2f:20:ee:
72:d4:18:fa:64:96:48:7a:a8:1a:74:01:a1:28:9f:7b:fc:0a:
49:f4:ce:89:d6:c5:e6:5f:b5:95:ba:6e:85:b1:03:24:4a:a1:
68:87:9a:5c:b7:36:87:91:9f:3a:76:4d:97:c4:c2:4e:b1:e6:
09:50:4f:fb:75:14:14:a7:50:4f:9a:25:18:9b:a9:b6:16:41:
6c:31:45:ec:32:91:6b:14:f8:7f:a6:ec:1f:46:87:c3:26:ff:
11:0f:46:73:d7:07:a0:61:b3:4f:23:b7:0d:6b:89:21:a7:8b:
ed:27:98:7e:f3:61:30:5d:92:81:46:88:23:aa:7a:af:43:c9:
f1:ab:fc:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijbkLUru8s5FUHcImFE0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2MzOWQxODk5ZTY5OWJmNTE3NzQxOGVlMzgxNDg5ZWRm
ZjQzODAwHhcNMjUwMTAxMTU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjAxNzhkZGY3NjQ0OTA4NjNhMmFlYzVlMGJkMDNmZjk0OGNhMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi3f5fzWab2L9a4aRGVmloTPMoy/
5LgkdWJKIwra7Ggo/tXV4gj+3v5yICpHeaT2EBcyqKyAG5RNf1GhbvnMboFJoZfY
4v+tM/orKRuirCmUIfnV+8CPSa7m3S8wa8Aq1ya5BBDnKOSVLx2omh73kYU9hyyr
t5gXOvUWp+96SaOa47wV3gYJQ5crkoA0BTV+GcOhN1Z0lqQo1i/Rq0J/GzxboLzF
jqFDr/Pi6hoBX+YGact6lWdk1cvwfueLoB9wTc7RYXiRWy6kD0NZqWimseG8eLJb
FuFBPLsFg7PJ6XpMyGoXcZufMVVIaBEWRRmqPHGyB9nAcPMToUln0220FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYBeN33ZEkIY6KuxeC9A/+UjKClMB8GA1UdIwQY
MBaAFHw8OdGJnmmb9Rd0GO44FInt/0OAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR3NTBZbWVhWnYxRjNRWTdqZ1VpZTNfUTRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jODAwYzktNTFiNS00NTg5LTkyNjAt
MDYzZmNkZDNhMDU3LzEvbGdGNDNmZGtTUWhqb3E3RjRMMERfNVNNb0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jODAwYzktNTFiNS00NTg5LTkyNjAtMDYzZmNkZDNhMDU3
LzEvZkR3NTBZbWVhWnYxRjNRWTdqZ1VpZTNfUTRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRJ7MA0G
CSqGSIb3DQEBCwUAA4IBAQAnyBTpG+QnKOiuB/WtMFhd4T81oK2rBdxt+KhyLjIy
qh5xdse1AvKam7uCYcTwhz/LMKke77/Q+rxut/9yoiWs4D8qZ/63FJZKpgRuosAA
X6IkfrWAbDl3Qljz8vwwgMTaKXjHdN9XWsGskS6kv1qrqusbVVAKktDr92svIO5y
1Bj6ZJZIeqgadAGhKJ97/ApJ9M6J1sXmX7WVum6FsQMkSqFoh5pctzaHkZ86dk2X
xMJOseYJUE/7dRQUp1BPmiUYm6m2FkFsMUXsMpFrFPh/puwfRofDJv8RD0Zz1weg
YbNPI7cNa4khp4vtJ5h+82EwXZKBRogjqnqvQ8nxq/x2
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:12:26 2025 by rpki-client