Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/LIW6cdrh2-QLIPmgDuD8uZ6x4Ek.roa
File: LIW6cdrh2-QLIPmgDuD8uZ6x4Ek.roa (raw, json)
Hash identifier: cMydWlPD0gH4L13J1MrDTapbGbkKyrU+Vg7yxtWPIhA=
Subject key identifier: 2C:85:BA:71:DA:E1:DB:E4:0B:20:F9:A0:0E:E0:FC:B9:9E:B1:E0:49
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018CCA2A3566C91A274EAEDB1874D5EC0B27
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/LIW6cdrh2-QLIPmgDuD8uZ6x4Ek.roa
Signing time: Tue 02 Jan 2024 12:33:32 +0000
ROA not before: Tue 02 Jan 2024 12:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57974
IP address blocks: 37.128.248.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:35:66:c9:1a:27:4e:ae:db:18:74:d5:ec:0b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 2 12:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2c85ba71dae1dbe40b20f9a00ee0fcb99eb1e049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9e:8c:f8:5a:62:81:1c:11:52:7d:a9:0a:6f:
4f:36:8f:2b:72:91:de:7e:c2:db:d8:c9:b1:d1:aa:
d8:bc:35:2b:6e:23:b3:3a:14:4a:4f:29:ce:aa:67:
6a:14:8c:9b:48:f4:0b:e3:ed:55:e3:29:db:f8:d5:
26:99:9e:10:a5:41:97:8c:68:a7:9e:4e:d1:35:cd:
9b:9b:55:de:bb:cb:df:27:4a:a6:19:85:bc:98:f6:
61:cf:69:ff:22:c2:76:f0:bc:d6:88:61:63:30:28:
8d:a5:0e:68:bd:da:26:b9:09:8d:51:ab:51:57:27:
56:6d:96:a7:14:71:68:57:7f:3f:cd:53:8d:54:6c:
51:d5:18:0a:c7:2f:c7:44:83:df:a8:56:43:83:93:
cf:ea:6f:6c:44:9e:05:a3:97:81:48:0a:dc:44:16:
9c:50:b3:6b:c1:c1:74:41:8d:54:3b:aa:9d:08:29:
17:6c:74:67:57:63:95:c9:63:72:29:97:a2:a6:2b:
37:b9:fc:0f:85:3a:a4:7e:12:ec:2d:90:a8:3d:0e:
96:7d:45:f5:85:13:5d:1b:71:b4:c6:6d:31:66:46:
83:29:47:78:d9:23:ca:9e:f9:8d:32:2b:f9:c9:8c:
15:7e:ec:67:63:be:06:d4:46:3f:d5:f0:60:9a:76:
4d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:85:BA:71:DA:E1:DB:E4:0B:20:F9:A0:0E:E0:FC:B9:9E:B1:E0:49
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/LIW6cdrh2-QLIPmgDuD8uZ6x4Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.248.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:fa:e2:2d:24:3e:20:5d:1a:fc:3c:ed:9b:ed:f8:df:f8:14:
8b:10:d1:34:1e:25:0e:04:9b:33:f8:bc:7a:af:4b:2d:d7:6f:
81:c7:5e:68:ec:1a:55:15:43:97:ea:0c:d7:a5:9d:5f:d9:51:
c8:73:c6:34:29:2e:c1:72:1d:8f:68:8b:58:ad:74:87:5d:db:
a4:d5:1d:01:07:57:d2:1e:9d:b3:ed:ed:40:2f:57:e5:7f:1f:
0d:46:12:6f:10:cd:98:1f:e2:13:d1:63:f5:48:05:cb:2c:6c:
48:07:77:e2:b6:b1:a3:9a:fb:d9:1f:02:32:3b:ec:25:aa:3a:
1e:5b:4c:23:f6:7a:66:30:bd:90:d4:61:09:0a:5e:d3:76:38:
c0:54:ba:5f:dc:65:77:78:7e:87:41:b2:ff:1d:7d:1a:90:25:
bd:11:9f:c5:0f:5f:98:92:6f:c3:ef:da:3e:3b:88:04:bd:64:
c5:cc:9b:f6:7f:d4:67:9b:dc:77:64:6b:24:d6:4b:b5:47:71:
2d:1b:37:ac:f8:48:54:8e:6f:8a:7d:6f:4b:6b:56:ff:aa:ea:
8f:0a:ab:4d:a9:97:e0:71:0f:4c:7d:55:43:37:ea:58:af:05:
bc:3e:f4:5b:04:38:da:c0:61:86:d1:0d:39:a7:7d:bf:d7:57:
b5:51:bc:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKjVmyRonTq7bGHTV7AsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMTAyMTIzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzg1YmE3MWRhZTFkYmU0MGIyMGY5YTAwZWUwZmNiOTllYjFlMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZ6M+FpigRwRUn2pCm9PNo8rcpHe
fsLb2Mmx0arYvDUrbiOzOhRKTynOqmdqFIybSPQL4+1V4ynb+NUmmZ4QpUGXjGin
nk7RNc2bm1Xeu8vfJ0qmGYW8mPZhz2n/IsJ28LzWiGFjMCiNpQ5ovdomuQmNUatR
VydWbZanFHFoV38/zVONVGxR1RgKxy/HRIPfqFZDg5PP6m9sRJ4Fo5eBSArcRBac
ULNrwcF0QY1UO6qdCCkXbHRnV2OVyWNyKZeipis3ufwPhTqkfhLsLZCoPQ6WfUX1
hRNdG3G0xm0xZkaDKUd42SPKnvmNMiv5yYwVfuxnY74G1EY/1fBgmnZNJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCyFunHa4dvkCyD5oA7g/LmeseBJMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvTElXNmNkcmgyLVFMSVBtZ0R1RDh1WjZ4NEVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJYD4MA0G
CSqGSIb3DQEBCwUAA4IBAQB6+uItJD4gXRr8PO2b7fjf+BSLENE0HiUOBJsz+Lx6
r0st12+Bx15o7BpVFUOX6gzXpZ1f2VHIc8Y0KS7Bch2PaItYrXSHXduk1R0BB1fS
Hp2z7e1AL1flfx8NRhJvEM2YH+IT0WP1SAXLLGxIB3fitrGjmvvZHwIyO+wlqjoe
W0wj9npmML2Q1GEJCl7TdjjAVLpf3GV3eH6HQbL/HX0akCW9EZ/FD1+Ykm/D79o+
O4gEvWTFzJv2f9Rnm9x3ZGsk1ku1R3EtGzes+EhUjm+KfW9La1b/quqPCqtNqZfg
cQ9MfVVDN+pYrwW8PvRbBDjawGGG0Q05p32/11e1Ubza
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:04 2025 by rpki-client