Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/lueOGsmRqtrrI8WrcoKHoZ1cytA.roa
File: lueOGsmRqtrrI8WrcoKHoZ1cytA.roa (raw, json)
Hash identifier: qxTTmNr1wg9Q8H+R7DTVE3uMIjhi2C5reWu9yD0lXnA=
Subject key identifier: 96:E7:8E:1A:C9:91:AA:DA:EB:23:C5:AB:72:82:87:A1:9D:5C:CA:D0
Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial: 01944599DD8878D841A6DD47C4DAE5C31387
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/lueOGsmRqtrrI8WrcoKHoZ1cytA.roa
Signing time: Wed 08 Jan 2025 11:08:19 +0000
ROA not before: Wed 08 Jan 2025 11:08:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213896
IP address blocks: 185.191.116.0/22 maxlen: 32
2a02:ae00:3000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:99:dd:88:78:d8:41:a6:dd:47:c4:da:e5:c3:13:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Validity
Not Before: Jan 8 11:08:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96e78e1ac991aadaeb23c5ab728287a19d5ccad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:08:6b:c7:2e:20:fe:a3:a4:eb:d0:61:41:d9:
ac:96:9d:90:6e:3b:a9:f8:01:a6:4b:b5:24:97:7b:
ca:47:b5:e8:47:b8:9f:24:21:de:3c:89:c1:40:ac:
3e:99:67:f1:2c:cd:91:b6:43:9b:88:9a:fc:34:cc:
18:e3:98:41:5f:bc:9c:fe:a3:07:f4:57:68:c2:dd:
3d:db:4e:df:ca:87:ee:8e:5c:d6:a6:f9:5f:7c:58:
74:3c:95:89:2e:c5:18:98:a2:ab:56:6e:7c:51:30:
f1:6c:f9:f4:ba:eb:c4:ef:39:2d:46:8e:ef:a9:10:
65:65:90:27:0b:60:83:1a:8a:0f:a7:dd:7c:bd:04:
bd:52:ea:5c:0e:68:a8:f0:58:ff:20:96:97:95:69:
f5:2f:32:9f:0d:38:19:b6:11:0c:50:1d:f4:2b:4b:
db:84:65:e3:35:16:db:f2:cf:6c:83:a5:6f:32:b0:
5a:61:b1:b7:ca:f9:4f:e6:41:da:93:5f:82:c6:ff:
31:ef:6a:c5:48:a2:30:09:b1:58:f8:02:8c:a6:03:
f0:05:b4:ca:17:f5:6c:08:46:f6:fc:6d:5d:7b:93:
6a:46:ec:60:9e:b0:ce:e7:d5:fd:de:4f:ed:23:47:
4f:64:ef:8f:9e:65:17:72:02:28:40:b0:6e:dc:e2:
8f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E7:8E:1A:C9:91:AA:DA:EB:23:C5:AB:72:82:87:A1:9D:5C:CA:D0
X509v3 Authority Key Identifier:
keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/lueOGsmRqtrrI8WrcoKHoZ1cytA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.116.0/22
IPv6:
2a02:ae00:3000::/36
Signature Algorithm: sha256WithRSAEncryption
b6:bd:e1:9a:3a:01:9b:45:c7:4b:7b:5b:78:4b:bd:72:3a:6c:
ca:a8:4f:66:14:59:cc:e7:b7:71:bb:e6:cc:7e:4c:dd:27:7a:
06:f3:65:bb:2a:5e:8d:95:11:4b:24:cc:f4:2d:58:6d:eb:d0:
38:6c:29:5c:35:f5:67:94:0b:b5:63:00:3b:32:47:8f:8b:55:
e8:8a:54:e2:1b:92:a7:03:d6:ba:a3:c5:c7:54:bc:94:b5:c5:
16:0c:fd:04:43:45:29:21:5b:02:8a:11:b1:0c:e7:67:a2:da:
bc:2f:8c:ee:e3:2c:8c:a8:cb:83:9a:03:24:33:aa:85:4f:35:
ad:1a:4e:ff:ba:32:6e:4f:0c:0e:ba:0f:ab:3f:58:a3:ca:58:
98:2e:f9:c6:38:bc:7a:c4:f1:b0:ad:82:62:0f:72:28:30:65:
d0:22:4c:52:b8:2e:48:d1:45:07:6a:47:93:8d:f6:32:8a:8e:
e1:36:18:81:3f:5d:79:57:3e:45:a2:43:dc:98:af:c1:8f:be:
a7:02:9e:96:ff:d4:74:f4:45:e4:44:eb:1c:a0:1e:c4:bd:16:
ab:96:b7:54:f9:c0:b6:51:a2:eb:3f:e3:75:a5:a2:0c:11:0e:
18:c4:4e:2d:9d:9c:a3:c0:55:a8:d2:ab:d4:bb:70:bf:1b:c1:
3e:ad:13:cb
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZRFmd2IeNhBpt1HxNrlwxOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjUwMTA4MTEwODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmU3OGUxYWM5OTFhYWRhZWIyM2M1YWI3MjgyODdhMTlkNWNjYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowhrxy4g/qOk69BhQdmslp2Qbjup
+AGmS7Ukl3vKR7XoR7ifJCHePInBQKw+mWfxLM2RtkObiJr8NMwY45hBX7yc/qMH
9Fdowt09207fyofujlzWpvlffFh0PJWJLsUYmKKrVm58UTDxbPn0uuvE7zktRo7v
qRBlZZAnC2CDGooPp918vQS9UupcDmio8Fj/IJaXlWn1LzKfDTgZthEMUB30K0vb
hGXjNRbb8s9sg6VvMrBaYbG3yvlP5kHak1+Cxv8x72rFSKIwCbFY+AKMpgPwBbTK
F/VsCEb2/G1de5NqRuxgnrDO59X93k/tI0dPZO+PnmUXcgIoQLBu3OKPSwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJbnjhrJkara6yPFq3KCh6GdXMrQMB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEvbHVlT0dzbVJxdHJySThXcmNvS0hvWjFjeXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCub90MA4E
AgACMAgDBgQqAq4AMDANBgkqhkiG9w0BAQsFAAOCAQEAtr3hmjoBm0XHS3tbeEu9
cjpsyqhPZhRZzOe3cbvmzH5M3Sd6BvNluypejZURSyTM9C1YbevQOGwpXDX1Z5QL
tWMAOzJHj4tV6IpU4huSpwPWuqPFx1S8lLXFFgz9BENFKSFbAooRsQznZ6LavC+M
7uMsjKjLg5oDJDOqhU81rRpO/7oybk8MDroPqz9Yo8pYmC75xji8esTxsK2CYg9y
KDBl0CJMUrguSNFFB2pHk432MoqO4TYYgT9deVc+RaJD3JivwY++pwKelv/UdPRF
5ETrHKAexL0Wq5a3VPnAtlGi6z/jdaWiDBEOGMROLZ2co8BVqNKr1LtwvxvBPq0T
yw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:21:57 2025 by rpki-client