Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/LHiOtk6tL1CXrv20IpGcmi0303Q.roa
File: LHiOtk6tL1CXrv20IpGcmi0303Q.roa (raw, json)
Hash identifier: V/XoU0KL7XbTl000bnNR3hPbksWkdzPpz1xOimffKQc=
Subject key identifier: 2C:78:8E:B6:4E:AD:2F:50:97:AE:FD:B4:22:91:9C:9A:2D:37:D3:74
Certificate issuer: /CN=46d9a0a4b57a0eec7c4e52a119db4b1c656f4db4
Certificate serial: 0194244506A8D6DD88BC215943E22496EBEA
Authority key identifier: 46:D9:A0:A4:B5:7A:0E:EC:7C:4E:52:A1:19:DB:4B:1C:65:6F:4D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/LHiOtk6tL1CXrv20IpGcmi0303Q.roa
Signing time: Wed 01 Jan 2025 23:48:10 +0000
ROA not before: Wed 01 Jan 2025 23:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3215
IP address blocks: 83.137.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:06:a8:d6:dd:88:bc:21:59:43:e2:24:96:eb:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d9a0a4b57a0eec7c4e52a119db4b1c656f4db4
Validity
Not Before: Jan 1 23:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c788eb64ead2f5097aefdb422919c9a2d37d374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b9:70:df:d3:a1:6b:57:e6:b0:4d:88:08:79:
94:00:b2:5d:33:8a:21:93:f3:9c:aa:10:14:dc:63:
ce:48:68:e5:b3:ac:13:12:07:2e:8c:bc:28:ae:0a:
45:21:5e:a0:57:64:1c:95:89:09:d7:72:17:dc:1c:
8a:55:36:1e:d2:b7:b1:fd:fc:38:de:d3:4b:72:32:
5a:53:1e:fc:b8:f3:b1:8d:79:89:68:ff:5f:52:4c:
4a:0c:b3:10:f3:a1:44:bf:89:78:bb:33:7f:9b:ad:
b4:bd:56:d9:f7:32:80:47:dc:bd:32:bf:4f:f0:15:
1c:a4:88:32:b6:a3:47:43:8a:98:47:81:15:c8:df:
41:f1:a0:cc:a4:a8:80:ca:7a:df:ab:b4:f1:88:94:
71:ce:13:58:af:b3:37:fa:af:b8:36:8e:54:ae:5e:
a8:70:12:96:0e:a0:74:11:a1:df:41:e4:a1:5e:09:
6a:24:34:10:6c:42:49:20:f5:cd:dd:7c:35:1c:7a:
65:a1:a0:02:43:22:1a:3e:e8:8b:36:2e:eb:47:6f:
e5:2c:6d:9c:86:d6:8d:0b:c3:6b:f4:92:2c:fd:b7:
d5:91:96:da:80:1c:99:f2:3d:54:c3:04:99:00:21:
fc:3b:2e:2f:f2:7e:db:8a:fd:da:43:5c:d5:34:69:
85:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:78:8E:B6:4E:AD:2F:50:97:AE:FD:B4:22:91:9C:9A:2D:37:D3:74
X509v3 Authority Key Identifier:
keyid:46:D9:A0:A4:B5:7A:0E:EC:7C:4E:52:A1:19:DB:4B:1C:65:6F:4D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/LHiOtk6tL1CXrv20IpGcmi0303Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/673b1d-6d14-4df5-99ad-2ee2b7295dff/1/RtmgpLV6Dux8TlKhGdtLHGVvTbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.241.0/24
Signature Algorithm: sha256WithRSAEncryption
93:8a:e2:c3:33:fc:23:d0:d3:d2:11:52:00:7e:70:58:d4:50:
89:88:a7:03:0e:e6:f6:e0:c3:2f:84:b4:3a:96:37:62:f2:3f:
5b:49:a2:d9:ef:10:91:0e:8d:c6:9a:ad:c1:a7:51:52:0c:c5:
1e:9b:d6:fd:79:88:d7:2c:7b:f1:7c:56:04:d4:44:db:9f:e6:
99:95:8e:c5:d8:3a:bb:f0:c4:1f:19:f7:8e:64:86:4d:7c:fb:
3b:86:d9:08:19:de:9e:57:e5:e1:c0:8e:80:db:53:bd:b2:d2:
b9:5e:02:66:c0:b9:85:e7:99:84:83:17:60:a4:04:16:41:86:
f0:f0:59:5b:69:5e:e0:36:13:c7:d5:14:3d:86:2d:df:1c:ad:
5d:54:13:9e:5a:89:15:20:d4:96:fb:e1:31:c9:73:b0:2c:c9:
44:56:20:bc:a2:10:0c:b7:74:b5:7c:fb:ae:b1:36:9c:39:54:
e1:25:2f:c9:99:a4:b5:35:d4:8a:39:39:07:68:0d:c8:63:e6:
21:0e:21:b9:59:2f:3c:d6:16:e9:ba:00:50:de:9b:ed:03:ee:
41:44:2c:50:65:56:6f:4e:e0:48:c0:44:1c:7b:3d:59:97:fd:
3a:8e:90:75:4f:5f:8e:70:ad:3f:d9:a1:51:ab:f3:d8:c0:a2:
a0:43:38:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRQao1t2IvCFZQ+IkluvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDlhMGE0YjU3YTBlZWM3YzRlNTJhMTE5ZGI0YjFjNjU2
ZjRkYjQwHhcNMjUwMTAxMjM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzc4OGViNjRlYWQyZjUwOTdhZWZkYjQyMjkxOWM5YTJkMzdkMzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlblw39Oha1fmsE2ICHmUALJdM4oh
k/OcqhAU3GPOSGjls6wTEgcujLworgpFIV6gV2QclYkJ13IX3ByKVTYe0rex/fw4
3tNLcjJaUx78uPOxjXmJaP9fUkxKDLMQ86FEv4l4uzN/m620vVbZ9zKAR9y9Mr9P
8BUcpIgytqNHQ4qYR4EVyN9B8aDMpKiAynrfq7TxiJRxzhNYr7M3+q+4No5Url6o
cBKWDqB0EaHfQeShXglqJDQQbEJJIPXN3Xw1HHploaACQyIaPuiLNi7rR2/lLG2c
htaNC8Nr9JIs/bfVkZbagByZ8j1UwwSZACH8Oy4v8n7biv3aQ1zVNGmFIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCx4jrZOrS9Ql679tCKRnJotN9N0MB8GA1UdIwQY
MBaAFEbZoKS1eg7sfE5SoRnbSxxlb020MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRtZ3BMVjZEdXg4VGxLaEdkdExIR1Z2VGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS82NzNiMWQtNmQxNC00ZGY1LTk5YWQt
MmVlMmI3Mjk1ZGZmLzEvTEhpT3RrNnRMMUNYcnYyMElwR2NtaTAzMDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS82NzNiMWQtNmQxNC00ZGY1LTk5YWQtMmVlMmI3Mjk1ZGZm
LzEvUnRtZ3BMVjZEdXg4VGxLaEdkdExIR1Z2VGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU4nxMA0G
CSqGSIb3DQEBCwUAA4IBAQCTiuLDM/wj0NPSEVIAfnBY1FCJiKcDDub24MMvhLQ6
ljdi8j9bSaLZ7xCRDo3Gmq3Bp1FSDMUem9b9eYjXLHvxfFYE1ETbn+aZlY7F2Dq7
8MQfGfeOZIZNfPs7htkIGd6eV+XhwI6A21O9stK5XgJmwLmF55mEgxdgpAQWQYbw
8FlbaV7gNhPH1RQ9hi3fHK1dVBOeWokVINSW++ExyXOwLMlEViC8ohAMt3S1fPuu
sTacOVThJS/JmaS1NdSKOTkHaA3IY+YhDiG5WS881hbpugBQ3pvtA+5BRCxQZVZv
TuBIwEQcez1Zl/06jpB1T1+OcK0/2aFRq/PYwKKgQzj+
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:31:44 2025 by rpki-client