Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/lFTV-pF5HOt_K5AZxc7znHc3c5Y.roa
File: lFTV-pF5HOt_K5AZxc7znHc3c5Y.roa (raw, json)
Hash identifier: FwdL5yot36nQmo2moz2QeTJKfPYgzD/QJHKcqAHoAjo=
Subject key identifier: 94:54:D5:FA:91:79:1C:EB:7F:2B:90:19:C5:CE:F3:9C:77:37:73:96
Certificate issuer: /CN=de01c443831cf930b7478708d76a3cf44d89a162
Certificate serial: 018595EA12B6BEA88708B6B1A3D20C43653B
Authority key identifier: DE:01:C4:43:83:1C:F9:30:B7:47:87:08:D7:6A:3C:F4:4D:89:A1:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3gHEQ4Mc-TC3R4cI12o89E2JoWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/lFTV-pF5HOt_K5AZxc7znHc3c5Y.roa
Signing time: Mon 09 Jan 2023 09:43:43 +0000
ROA not before: Mon 09 Jan 2023 09:43:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209279
IP address blocks: 185.42.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:95:ea:12:b6:be:a8:87:08:b6:b1:a3:d2:0c:43:65:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de01c443831cf930b7478708d76a3cf44d89a162
Validity
Not Before: Jan 9 09:43:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9454d5fa91791ceb7f2b9019c5cef39c77377396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a9:a8:03:b1:2a:2a:cd:f2:b8:44:9a:f8:c5:
ff:bc:70:f3:d1:50:d9:f9:68:b5:81:e2:09:4c:b4:
b9:01:4c:87:7a:93:2f:de:89:22:df:ee:59:25:18:
d7:5d:1b:b1:79:c1:b1:90:15:9a:db:2f:80:ad:3a:
55:d9:91:ad:b9:6d:1e:72:98:8c:ed:d8:af:7e:ee:
26:79:c4:65:57:53:85:a4:08:3a:1b:a9:d1:e4:81:
cc:a9:f2:f0:53:82:a5:8b:c1:2f:10:31:01:7a:db:
41:b1:d5:4d:da:f5:06:de:46:58:69:1f:14:69:ac:
1e:c9:70:7c:52:d2:b0:27:40:7a:df:30:7b:dd:df:
14:14:b6:f6:d7:b6:e3:db:75:dd:35:73:28:66:6a:
38:8e:47:98:4a:14:d4:c1:fe:3f:d3:39:08:7b:df:
58:07:52:da:38:e6:f5:ec:40:cc:5c:71:30:06:9c:
fe:3d:a8:48:35:86:f5:ce:8b:51:0c:29:44:01:7f:
b5:5e:5a:95:37:74:b4:da:64:00:f6:0d:85:48:8e:
06:aa:4b:5f:30:f5:67:38:b6:d2:d9:88:85:6e:6a:
13:b9:81:ff:4c:fb:5d:d8:57:a6:b8:13:b5:50:0a:
34:bd:f9:c5:cc:35:7b:9f:40:28:9c:9a:34:76:56:
d1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:54:D5:FA:91:79:1C:EB:7F:2B:90:19:C5:CE:F3:9C:77:37:73:96
X509v3 Authority Key Identifier:
keyid:DE:01:C4:43:83:1C:F9:30:B7:47:87:08:D7:6A:3C:F4:4D:89:A1:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3gHEQ4Mc-TC3R4cI12o89E2JoWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/lFTV-pF5HOt_K5AZxc7znHc3c5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/1cb8ca-5993-4d17-a61e-ee7328adcc7c/1/3gHEQ4Mc-TC3R4cI12o89E2JoWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.27.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:f3:8e:06:66:1a:c5:10:36:39:b1:a2:3d:c8:9e:d6:8e:e6:
2a:dc:3a:2a:d1:de:78:41:51:0f:d9:45:f0:54:79:97:5f:65:
7a:dd:b2:86:2b:e9:9f:ac:8b:85:d8:43:33:d7:d6:eb:bd:99:
25:9c:43:18:e2:82:fb:79:9a:95:91:a3:57:c8:a2:60:76:de:
3e:07:2b:6e:48:ee:16:23:85:05:80:29:5a:ef:b9:c9:94:45:
87:57:35:c7:6c:98:8e:ab:20:98:b3:91:36:2d:81:01:0c:ca:
a3:e3:f8:40:61:85:58:c1:6c:12:5a:f3:33:50:0a:d1:48:1e:
86:e4:a4:bd:bb:9e:80:c5:2d:55:81:09:7f:58:67:41:2d:d9:
09:a2:9a:b1:15:01:dc:fd:b8:38:1c:ce:7d:2d:43:d5:9d:d3:
66:c9:e8:84:ef:74:cc:7b:b3:62:87:25:bb:b1:a9:aa:17:8c:
c3:0c:fb:ab:f2:b8:38:b5:28:a9:8a:fe:b7:ce:a7:a4:39:e8:
40:39:e4:b5:8e:b4:f6:95:1b:c5:fd:dc:a2:dc:b1:95:aa:70:
f4:ec:64:0f:ab:40:4f:b9:a7:fb:f3:60:a8:18:3f:da:08:6f:
94:3a:16:3f:fb:d0:bb:74:82:97:11:0f:e9:9b:72:6a:a3:a4:
ee:6f:ba:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWV6hK2vqiHCLaxo9IMQ2U7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMDFjNDQzODMxY2Y5MzBiNzQ3ODcwOGQ3NmEzY2Y0NGQ4
OWExNjIwHhcNMjMwMTA5MDk0MzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDU0ZDVmYTkxNzkxY2ViN2YyYjkwMTljNWNlZjM5Yzc3Mzc3Mzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6moA7EqKs3yuESa+MX/vHDz0VDZ
+Wi1geIJTLS5AUyHepMv3oki3+5ZJRjXXRuxecGxkBWa2y+ArTpV2ZGtuW0ecpiM
7divfu4mecRlV1OFpAg6G6nR5IHMqfLwU4Kli8EvEDEBettBsdVN2vUG3kZYaR8U
aaweyXB8UtKwJ0B63zB73d8UFLb217bj23XdNXMoZmo4jkeYShTUwf4/0zkIe99Y
B1LaOOb17EDMXHEwBpz+PahINYb1zotRDClEAX+1XlqVN3S02mQA9g2FSI4Gqktf
MPVnOLbS2YiFbmoTuYH/TPtd2FemuBO1UAo0vfnFzDV7n0AonJo0dlbRKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRU1fqReRzrfyuQGcXO85x3N3OWMB8GA1UdIwQY
MBaAFN4BxEODHPkwt0eHCNdqPPRNiaFiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2dIRVE0TWMtVEMzUjRjSTEybzg5RTJKb1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xY2I4Y2EtNTk5My00ZDE3LWE2MWUt
ZWU3MzI4YWRjYzdjLzEvbEZUVi1wRjVIT3RfSzVBWnhjN3puSGMzYzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xY2I4Y2EtNTk5My00ZDE3LWE2MWUtZWU3MzI4YWRjYzdj
LzEvM2dIRVE0TWMtVEMzUjRjSTEybzg5RTJKb1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSobMA0G
CSqGSIb3DQEBCwUAA4IBAQCm844GZhrFEDY5saI9yJ7WjuYq3Doq0d54QVEP2UXw
VHmXX2V63bKGK+mfrIuF2EMz19brvZklnEMY4oL7eZqVkaNXyKJgdt4+BytuSO4W
I4UFgCla77nJlEWHVzXHbJiOqyCYs5E2LYEBDMqj4/hAYYVYwWwSWvMzUArRSB6G
5KS9u56AxS1VgQl/WGdBLdkJopqxFQHc/bg4HM59LUPVndNmyeiE73TMe7NihyW7
samqF4zDDPur8rg4tSipiv63zqekOehAOeS1jrT2lRvF/dyi3LGVqnD07GQPq0BP
uaf782CoGD/aCG+UOhY/+9C7dIKXEQ/pm3Jqo6Tub7os
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:57:49 2025 by rpki-client